Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 87bb9579202ba94df593ae197fd85c22ac1a023c^! / . / tests
commit87bb9579202ba94df593ae197fd85c22ac1a023c[log] [tgz]
authorDominic Chen <d.c.ddcc@gmail.com>Fri Oct 09 00:23:07 2015 -0400
committerDominic Chen <d.c.ddcc@gmail.com>Sat Oct 10 05:15:46 2015 +0000
tree8b51772757633cc31528d7187277124146291f2c
parent450d9797a2320f85aff317e5cab39cc2339eabec [diff]
fix to handle malformed certificates without hostname

diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py
index 8537397..1bc1462 100644
--- a/tests/test_x509_ext.py
+++ b/tests/test_x509_ext.py

@@ -1555,6 +1555,21 @@
             u'saseliminator.com'
         ]
 
+    def test_san_empty_hostname(self, backend):
+        cert = _load_cert(
+            os.path.join(
+                "x509", "custom", "san_empty_hostname.pem"
+            ),
+            x509.load_pem_x509_certificate,
+            backend
+        )
+        san = cert.extensions.get_extension_for_oid(
+            ExtensionOID.SUBJECT_ALTERNATIVE_NAME
+        )
+
+        dns = san.value.get_values_for_type(x509.DNSName)
+        assert dns == [u'']
+
     def test_san_wildcard_idna_dns_name(self, backend):
         cert = _load_cert(
             os.path.join("x509", "custom", "san_wildcard_idna.pem"),
@@ -2903,6 +2918,30 @@
             )
         ])
 
+    def test_crl_empty_hostname(self, backend):
+        cert = _load_cert(
+            os.path.join(
+                "x509", "custom", "cdp_empty_hostname.pem"
+            ),
+            x509.load_pem_x509_certificate,
+            backend
+        )
+
+        cdps = cert.extensions.get_extension_for_oid(
+            ExtensionOID.CRL_DISTRIBUTION_POINTS
+        ).value
+
+        assert cdps == x509.CRLDistributionPoints([
+            x509.DistributionPoint(
+                full_name=[x509.UniformResourceIdentifier(
+                    u"ldap:/CN=A,OU=B,dc=C,DC=D?E?F?G?H=I"
+                )],
+                relative_name=None,
+                reasons=None,
+                crl_issuer=None
+            )
+        ])
+
 
 @pytest.mark.requires_backend_interface(interface=RSABackend)
 @pytest.mark.requires_backend_interface(interface=X509Backend)