commit 94c6960ca70b3e5b2fcf8bed8aaf2fd983f8c1c5
author Paul Kehrer <paul.l.kehrer@gmail.com> Sat May 02 19:29:40 2015 -0500
committer Paul Kehrer <paul.l.kehrer@gmail.com> Sat May 02 21:00:39 2015 -0500
tree 7d35d97cf8c29134400ca3fbd2ff1d65f9d421a7
parent fdec095ab21e523e8de7d46d07c55c94a11960e7

Extended key usage support for the openssl backend

tests/test_x509_ext.py

diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py
index 05734b4..92e616e 100644
--- a/tests/test_x509_ext.py
+++ b/tests/test_x509_ext.py
@@ -959,3 +959,32 @@
             cert.extensions
 
         assert 'Invalid rfc822name value' in str(exc.value)
+
+
+@pytest.mark.requires_backend_interface(interface=RSABackend)
+@pytest.mark.requires_backend_interface(interface=X509Backend)
+class TestExtendedKeyUsageExtension(object):
+    def test_eku(self, backend):
+        cert = _load_cert(
+            os.path.join(
+                "x509", "custom", "extended_key_usage.pem"
+            ),
+            x509.load_pem_x509_certificate,
+            backend
+        )
+        ext = cert.extensions.get_extension_for_oid(
+            x509.OID_EXTENDED_KEY_USAGE
+        )
+        assert ext is not None
+        assert ext.critical is False
+
+        assert [
+            x509.ObjectIdentifier("1.3.6.1.5.5.7.3.1"),
+            x509.ObjectIdentifier("1.3.6.1.5.5.7.3.2"),
+            x509.ObjectIdentifier("1.3.6.1.5.5.7.3.3"),
+            x509.ObjectIdentifier("1.3.6.1.5.5.7.3.4"),
+            x509.ObjectIdentifier("1.3.6.1.5.5.7.3.9"),
+            x509.ObjectIdentifier("1.3.6.1.5.5.7.3.8"),
+            x509.ObjectIdentifier("2.5.29.37.0"),
+            x509.ObjectIdentifier("2.16.840.1.113730.4.1"),
+        ] == list(ext.value)