Add mising extensions tests
Fixes broken nameconstraints methods found in the process. Change-Id: Iacc43b0a42416b0b9b5dac3c0c738c0a817261b1
This commit is contained in:
parent
0aa96a9f59
commit
8b9d55f2b2
|
@ -367,8 +367,8 @@ class X509ExtensionNameConstraints(X509Extension):
|
|||
|
||||
@uses_ext_value
|
||||
def get_permitted_name(self, n, ext_value=None):
|
||||
return [(x.getName(), x.getComponent()) for x
|
||||
in self._get_permitted(ext_value)[n]['base']]
|
||||
name = self._get_permitted(ext_value)[n]['base']
|
||||
return (name.getName(), name.getComponent())
|
||||
|
||||
@uses_ext_value
|
||||
def get_permitted_range(self, n, ext_value=None):
|
||||
|
@ -381,8 +381,8 @@ class X509ExtensionNameConstraints(X509Extension):
|
|||
|
||||
@uses_ext_value
|
||||
def get_excluded_name(self, n, ext_value=None):
|
||||
return [(x.getName(), x.getComponent()) for x
|
||||
in self._get_excluded(ext_value)[n]['base']]
|
||||
name = self._get_excluded(ext_value)[n]['base']
|
||||
return (name.getName(), name.getComponent())
|
||||
|
||||
@uses_ext_value
|
||||
def get_excluded_range(self, n, ext_value=None):
|
||||
|
@ -425,13 +425,13 @@ class X509ExtensionExtendedKeyUsage(X509Extension):
|
|||
@uses_ext_value
|
||||
def get_usage(self, usage, ext_value=None):
|
||||
if usage not in self._valid:
|
||||
raise TypeError("usage not valid")
|
||||
raise ValueError("usage not valid")
|
||||
return (usage in ext_value)
|
||||
|
||||
@modifies_ext_value
|
||||
def set_usage(self, usage, state, ext_value=None):
|
||||
if usage not in self._valid:
|
||||
raise TypeError("usage not valid")
|
||||
raise ValueError("usage not valid")
|
||||
|
||||
if state:
|
||||
if usage not in ext_value:
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
import unittest
|
||||
|
||||
import netaddr
|
||||
from pyasn1.codec.der import encoder
|
||||
from pyasn1_modules import rfc2459 # X509v3
|
||||
|
||||
from anchor.X509 import errors
|
||||
|
@ -62,6 +63,14 @@ class TestExtensionBase(unittest.TestCase):
|
|||
ext.set_critical(True)
|
||||
self.assertTrue(ext.get_critical())
|
||||
|
||||
def test_serialise(self):
|
||||
asn1 = rfc2459.Extension()
|
||||
asn1['extnID'] = rfc2459.univ.ObjectIdentifier('1.2.3.4')
|
||||
asn1['critical'] = False
|
||||
asn1['extnValue'] = "foobar"
|
||||
ext = extension.construct_extension(asn1)
|
||||
self.assertEqual(ext.as_der(), encoder.encode(asn1))
|
||||
|
||||
|
||||
class TestBasicConstraints(unittest.TestCase):
|
||||
def setUp(self):
|
||||
|
@ -169,6 +178,18 @@ class TestNameConstraints(unittest.TestCase):
|
|||
self.assertEqual(1, self.ext.get_permitted_length())
|
||||
self.assertEqual(1, self.ext.get_excluded_length())
|
||||
|
||||
def test_excluded(self):
|
||||
self.ext.add_excluded('dNSName', 'example.com')
|
||||
self.assertEqual(self.ext.get_excluded_range(0), (0, None))
|
||||
self.assertEqual(self.ext.get_excluded_name(0),
|
||||
('dNSName', b'example.com'))
|
||||
|
||||
def test_permitted(self):
|
||||
self.ext.add_permitted('dNSName', 'example.com')
|
||||
self.assertEqual(self.ext.get_permitted_range(0), (0, None))
|
||||
self.assertEqual(self.ext.get_permitted_name(0),
|
||||
('dNSName', b'example.com'))
|
||||
|
||||
|
||||
class TestExtendedKeyUsage(unittest.TestCase):
|
||||
def setUp(self):
|
||||
|
@ -192,6 +213,8 @@ class TestExtendedKeyUsage(unittest.TestCase):
|
|||
self.assertEqual(1, len(self.ext.get_all_usages()))
|
||||
self.ext.set_usage(rfc2459.id_kp_clientAuth, True)
|
||||
self.assertEqual(1, len(self.ext.get_all_usages()))
|
||||
self.ext.set_usage(rfc2459.id_kp_codeSigning, True)
|
||||
self.assertEqual(2, len(self.ext.get_all_usages()))
|
||||
|
||||
def test_unset(self):
|
||||
self.ext.set_usage(rfc2459.id_kp_clientAuth, True)
|
||||
|
@ -206,3 +229,9 @@ class TestExtendedKeyUsage(unittest.TestCase):
|
|||
self.assertEqual(
|
||||
"extKeyUsage: TLS Web Client Authentication, Code Signing",
|
||||
str(self.ext))
|
||||
|
||||
def test_invalid_usage(self):
|
||||
self.assertRaises(ValueError, self.ext.get_usage,
|
||||
rfc2459.univ.ObjectIdentifier('1.2.3.4'))
|
||||
self.assertRaises(ValueError, self.ext.set_usage, True,
|
||||
rfc2459.univ.ObjectIdentifier('1.2.3.4'))
|
||||
|
|
Loading…
Reference in New Issue