(self)
| 480 | ssl.RAND_add(bytearray(b"this is a random bytearray object"), 75.0) |
| 481 | |
| 482 | def test_parse_cert(self): |
| 483 | self.maxDiff = None |
| 484 | # note that this uses an 'unofficial' function in _ssl.c, |
| 485 | # provided solely for this test, to exercise the certificate |
| 486 | # parsing code |
| 487 | self.assertEqual( |
| 488 | ssl._ssl._test_decode_cert(CERTFILE), |
| 489 | CERTFILE_INFO |
| 490 | ) |
| 491 | self.assertEqual( |
| 492 | ssl._ssl._test_decode_cert(SIGNED_CERTFILE), |
| 493 | SIGNED_CERTFILE_INFO |
| 494 | ) |
| 495 | |
| 496 | # Issue #13034: the subjectAltName in some certificates |
| 497 | # (notably projects.developer.nokia.com:443) wasn't parsed |
| 498 | p = ssl._ssl._test_decode_cert(NOKIACERT) |
| 499 | if support.verbose: |
| 500 | sys.stdout.write("\n" + pprint.pformat(p) + "\n") |
| 501 | self.assertEqual(p['subjectAltName'], |
| 502 | (('DNS', 'projects.developer.nokia.com'), |
| 503 | ('DNS', 'projects.forum.nokia.com')) |
| 504 | ) |
| 505 | # extra OCSP and AIA fields |
| 506 | self.assertEqual(p['OCSP'], ('http://ocsp.verisign.com',)) |
| 507 | self.assertEqual(p['caIssuers'], |
| 508 | ('http://SVRIntl-G3-aia.verisign.com/SVRIntlG3.cer',)) |
| 509 | self.assertEqual(p['crlDistributionPoints'], |
| 510 | ('http://SVRIntl-G3-crl.verisign.com/SVRIntlG3.crl',)) |
| 511 | |
| 512 | def test_parse_cert_CVE_2019_5010(self): |
| 513 | p = ssl._ssl._test_decode_cert(TALOS_INVALID_CRLDP) |
nothing calls this directly
no test coverage detected