commit b77c716a2935b2fc1de30092ebacdaefae184414
author Ian Cordasco <graffatcolmingov@gmail.com> Mon Jul 20 21:22:33 2015 -0500
committer Ian Cordasco <graffatcolmingov@gmail.com> Mon Jul 20 22:47:06 2015 -0500
tree 278df403b553e704b773ebe16713277b39ae5d71
parent 9e0666e0bdd7b8357c0f95b46e8cdad8cfea7a75

Add tests to test_openssl backend for extra coverage

tests/hazmat/backends/test_openssl.py

diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index 6a2e8a7..5505c63 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py
@@ -4,6 +4,7 @@
 
 from __future__ import absolute_import, division, print_function
 
+import datetime
 import os
 import subprocess
 import sys
@@ -14,6 +15,7 @@
 import pytest
 
 from cryptography import utils
+from cryptography import x509
 from cryptography.exceptions import InternalError, _Reasons
 from cryptography.hazmat.backends.interfaces import RSABackend
 from cryptography.hazmat.backends.openssl.backend import (
@@ -478,6 +480,43 @@
             backend.create_x509_csr(object(), private_key, hashes.SHA1())
 
 
+class TestOpenSSLSignX509Certificate(object):
+    def test_requires_certificate_builder(self):
+        private_key = RSA_KEY_2048.private_key(backend)
+
+        with pytest.raises(TypeError):
+            backend.sign_x509_certificate(object(), private_key, DummyHash())
+
+    def test_checks_for_unsupported_extensions(self):
+        private_key = RSA_KEY_2048.private_key(backend)
+        builder = x509.CertificateBuilder().version(
+            x509.Version.v3
+        ).subject_name(x509.Name([
+            x509.NameAttribute(x509.OID_COUNTRY_NAME, u'US'),
+            x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, u'Texas'),
+            x509.NameAttribute(x509.OID_LOCALITY_NAME, u'Austin'),
+            x509.NameAttribute(x509.OID_ORGANIZATION_NAME, u'PyCA'),
+            x509.NameAttribute(x509.OID_COMMON_NAME, u'cryptography.io'),
+        ])).public_key(
+            private_key.public_key()
+        ).serial_number(
+            777
+        ).not_valid_before(
+            datetime.datetime(1999, 1, 1)
+        ).not_valid_after(
+            datetime.datetime(2020, 1, 1)
+        )
+
+        builder._extensions.append(x509.Extension(
+            oid=x509.OID_COUNTRY_NAME,
+            critical=False,
+            value=object()
+        ))
+
+        with pytest.raises(NotImplementedError):
+            backend.sign_x509_certificate(builder, private_key, hashes.SHA1())
+
+
 class TestOpenSSLSerialisationWithOpenSSL(object):
     def test_pem_password_cb_buffer_too_small(self):
         ffi_cb, cb = backend._pem_password_cb(b"aa")

tests/test_x509.py

diff --git a/tests/test_x509.py b/tests/test_x509.py
index 7a06913..c4a423a 100644
--- a/tests/test_x509.py
+++ b/tests/test_x509.py
@@ -961,6 +961,15 @@
         with pytest.raises(NotImplementedError):
             builder.add_extension(object(), False)
 
+    @pytest.mark.requires_backend_interface(interface=RSABackend)
+    @pytest.mark.requires_backend_interface(interface=X509Backend)
+    def test_sign_with_unsupported_hash(self, backend):
+        private_key = RSA_KEY_2048.private_key(backend)
+        builder = x509.CertificateBuilder()
+
+        with pytest.raises(TypeError):
+            builder.sign(backend, private_key, object())
+
 
 @pytest.mark.requires_backend_interface(interface=X509Backend)
 class TestCertificateSigningRequestBuilder(object):