MCPcopy
hub / github.com/pyca/cryptography / test_sign_ed25519

Method test_sign_ed25519

tests/x509/test_ocsp.py:1669–1709  ·  view source on GitHub ↗
(self, backend)

Source from the content-addressed store, hash-verified

1667 builder.sign(private_key, hashes.SHA256())
1668
1669 def test_sign_ed25519(self, backend):
1670 builder = ocsp.OCSPResponseBuilder()
1671 cert, issuer = _cert_and_issuer()
1672 private_key = ed25519.Ed25519PrivateKey.generate()
1673 root_cert, _ = _generate_root(private_key, None)
1674 current_time = (
1675 datetime.datetime.now(datetime.timezone.utc)
1676 .replace(tzinfo=None)
1677 .replace(microsecond=0)
1678 )
1679 this_update = current_time - datetime.timedelta(days=1)
1680 next_update = this_update + datetime.timedelta(days=7)
1681 revoked_date = this_update - datetime.timedelta(days=300)
1682 builder = builder.responder_id(
1683 ocsp.OCSPResponderEncoding.NAME, root_cert
1684 ).add_response(
1685 cert,
1686 issuer,
1687 hashes.SHA1(),
1688 ocsp.OCSPCertStatus.REVOKED,
1689 this_update,
1690 next_update,
1691 revoked_date,
1692 x509.ReasonFlags.key_compromise,
1693 )
1694 resp = builder.sign(private_key, None)
1695 assert resp.certificate_status == ocsp.OCSPCertStatus.REVOKED
1696 assert resp.revocation_reason is x509.ReasonFlags.key_compromise
1697 _check_ocsp_response_times(
1698 resp,
1699 this_update=this_update,
1700 next_update=next_update,
1701 revocation_time=revoked_date,
1702 )
1703 assert resp.signature_hash_algorithm is None
1704 assert (
1705 resp.signature_algorithm_oid == x509.SignatureAlgorithmOID.ED25519
1706 )
1707 private_key.public_key().verify(
1708 resp.signature, resp.tbs_response_bytes
1709 )
1710
1711 @pytest.mark.supported(
1712 only_if=lambda backend: backend.ed448_supported(),

Callers

nothing calls this directly

Calls 9

responder_idMethod · 0.95
signMethod · 0.95
_cert_and_issuerFunction · 0.85
_generate_rootFunction · 0.85
add_responseMethod · 0.80
generateMethod · 0.45
verifyMethod · 0.45
public_keyMethod · 0.45

Tested by

no test coverage detected