MCPcopy
hub / github.com/pyca/cryptography / test_sign_ed448

Method test_sign_ed448

tests/x509/test_ocsp.py:1715–1753  ·  view source on GitHub ↗
(self, backend)

Source from the content-addressed store, hash-verified

1713 skip_message="Requires OpenSSL with Ed448 support / OCSP",
1714 )
1715 def test_sign_ed448(self, backend):
1716 builder = ocsp.OCSPResponseBuilder()
1717 cert, issuer = _cert_and_issuer()
1718 private_key = ed448.Ed448PrivateKey.generate()
1719 root_cert, _ = _generate_root(private_key, None)
1720 current_time = (
1721 datetime.datetime.now(datetime.timezone.utc)
1722 .replace(tzinfo=None)
1723 .replace(microsecond=0)
1724 )
1725 this_update = current_time - datetime.timedelta(days=1)
1726 next_update = this_update + datetime.timedelta(days=7)
1727 revoked_date = this_update - datetime.timedelta(days=300)
1728 builder = builder.responder_id(
1729 ocsp.OCSPResponderEncoding.NAME, root_cert
1730 ).add_response(
1731 cert,
1732 issuer,
1733 hashes.SHA1(),
1734 ocsp.OCSPCertStatus.REVOKED,
1735 this_update,
1736 next_update,
1737 revoked_date,
1738 x509.ReasonFlags.key_compromise,
1739 )
1740 resp = builder.sign(private_key, None)
1741 assert resp.certificate_status == ocsp.OCSPCertStatus.REVOKED
1742 assert resp.revocation_reason is x509.ReasonFlags.key_compromise
1743 _check_ocsp_response_times(
1744 resp,
1745 this_update=this_update,
1746 next_update=next_update,
1747 revocation_time=revoked_date,
1748 )
1749 assert resp.signature_hash_algorithm is None
1750 assert resp.signature_algorithm_oid == x509.SignatureAlgorithmOID.ED448
1751 private_key.public_key().verify(
1752 resp.signature, resp.tbs_response_bytes
1753 )

Callers

nothing calls this directly

Calls 9

responder_idMethod · 0.95
signMethod · 0.95
_cert_and_issuerFunction · 0.85
_generate_rootFunction · 0.85
add_responseMethod · 0.80
generateMethod · 0.45
verifyMethod · 0.45
public_keyMethod · 0.45

Tested by

no test coverage detected