Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 732cf642141f57f26db84ec2a4f6122cf7918c9e / . / tests / x509 / test_ocsp.py
blob: 22f34df2d20fb56ad41013b5d791babbf0895eb6 [file] [log] [blame]
Paul Kehrer732cf642018-08-15 18:04:28 -0500[diff] [blame^]1# This file is dual licensed under the terms of the Apache License, Version
2# 2.0, and the BSD License. See the LICENSE file in the root of this repository
3# for complete details.
4
5from __future__ import absolute_import, division, print_function
6
7import os
8
9import pytest
10
11from cryptography.exceptions import UnsupportedAlgorithm
12from cryptography.hazmat.primitives import hashes, serialization
13from cryptography.x509 import ocsp
14
15from ..utils import load_vectors_from_file
16
17
18def _load_data(filename, loader):
19 return load_vectors_from_file(
20 filename=filename,
21 loader=lambda data: loader(data.read()),
22 mode="rb"
23 )
24
25
26class TestOCSPRequest(object):
27 def test_bad_request(self):
28 with pytest.raises(ValueError):
29 ocsp.load_der_ocsp_request(b"invalid")
30
31 def test_load_request_one_item(self):
32 req = _load_data(
33 os.path.join("x509", "ocsp", "req-sha1.der"),
34 ocsp.load_der_ocsp_request,
35 )
36 assert len(req) == 1
37 assert req[0].issuer_name_hash == (b"8\xcaF\x8c\x07D\x8d\xf4\x81\x96"
38 b"\xc7mmLpQ\x9e`\xa7\xbd")
39 assert req[0].issuer_key_hash == (b"yu\xbb\x84:\xcb,\xdez\t\xbe1"
40 b"\x1bC\xbc\x1c*MSX")
41 assert isinstance(req[0].hash_algorithm, hashes.SHA1)
42 assert req[0].serial_number == int(
43 "98D9E5C0B4C373552DF77C5D0F1EB5128E4945F9", 16
44 )
45
46 def test_load_request_multiple_items(self):
47 req = _load_data(
48 os.path.join("x509", "ocsp", "req-multi-sha1.der"),
49 ocsp.load_der_ocsp_request,
50 )
51 assert len(req) == 2
52 assert req[0].issuer_name_hash == (b"8\xcaF\x8c\x07D\x8d\xf4\x81\x96"
53 b"\xc7mmLpQ\x9e`\xa7\xbd")
54 assert req[0].issuer_key_hash == (b"yu\xbb\x84:\xcb,\xdez\t\xbe1"
55 b"\x1bC\xbc\x1c*MSX")
56 assert isinstance(req[0].hash_algorithm, hashes.SHA1)
57 assert req[0].serial_number == int(
58 "98D9E5C0B4C373552DF77C5D0F1EB5128E4945F9", 16
59 )
60 assert req[1].issuer_name_hash == (b"8\xcaF\x8c\x07D\x8d\xf4\x81\x96"
61 b"\xc7mmLpQ\x9e`\xa7\xbd")
62 assert req[1].issuer_key_hash == (b"yu\xbb\x84:\xcb,\xdez\t\xbe1"
63 b"\x1bC\xbc\x1c*MSX")
64 assert isinstance(req[1].hash_algorithm, hashes.SHA1)
65 assert req[1].serial_number == int(
66 "98D9E5C0B4C373552DF77C5D0F1EB5128E4945F0", 16
67 )
68
69 def test_iter(self):
70 req = _load_data(
71 os.path.join("x509", "ocsp", "req-multi-sha1.der"),
72 ocsp.load_der_ocsp_request,
73 )
74 for request in req:
75 assert isinstance(request, ocsp.Request)
76
77 def test_indexing_ocsp_request(self):
78 req = _load_data(
79 os.path.join("x509", "ocsp", "req-multi-sha1.der"),
80 ocsp.load_der_ocsp_request,
81 )
82 assert req[1].serial_number == req[-1].serial_number
83 assert len(req[0:2]) == 2
84 assert req[1:2][0].serial_number == int(
85 "98D9E5C0B4C373552DF77C5D0F1EB5128E4945F0", 16
86 )
87 with pytest.raises(IndexError):
88 req[10]
89
90 def test_invalid_hash_algorithm(self):
91 req = _load_data(
92 os.path.join("x509", "ocsp", "req-invalid-hash-alg.der"),
93 ocsp.load_der_ocsp_request,
94 )
95 with pytest.raises(UnsupportedAlgorithm):
96 req[0].hash_algorithm
97
98 def test_serialize_request(self):
99 req_bytes = load_vectors_from_file(
100 filename=os.path.join("x509", "ocsp", "req-sha1.der"),
101 loader=lambda data: data.read(),
102 mode="rb"
103 )
104 req = ocsp.load_der_ocsp_request(req_bytes)
105 assert req.public_bytes(serialization.Encoding.DER) == req_bytes
106
107 def test_invalid_serialize_encoding(self):
108 req = _load_data(
109 os.path.join("x509", "ocsp", "req-sha1.der"),
110 ocsp.load_der_ocsp_request,
111 )
112 with pytest.raises(ValueError):
113 req.public_bytes("invalid")
114 with pytest.raises(ValueError):
115 req.public_bytes(serialization.Encoding.PEM)