(self)
| 1279 | ocsp.load_der_ocsp_response(b"invalid") |
| 1280 | |
| 1281 | def test_load_response(self): |
| 1282 | resp = _load_data( |
| 1283 | os.path.join("x509", "ocsp", "resp-sha256.der"), |
| 1284 | ocsp.load_der_ocsp_response, |
| 1285 | ) |
| 1286 | issuer = _load_cert( |
| 1287 | os.path.join("x509", "letsencryptx3.pem"), |
| 1288 | x509.load_pem_x509_certificate, |
| 1289 | ) |
| 1290 | assert isinstance(resp, ocsp.OCSPResponse) |
| 1291 | assert resp.response_status == ocsp.OCSPResponseStatus.SUCCESSFUL |
| 1292 | assert ( |
| 1293 | resp.signature_algorithm_oid |
| 1294 | == x509.SignatureAlgorithmOID.RSA_WITH_SHA256 |
| 1295 | ) |
| 1296 | assert isinstance(resp.signature_hash_algorithm, hashes.SHA256) |
| 1297 | assert resp.signature == base64.b64decode( |
| 1298 | b"I9KUlyLV/2LbNCVu1BQphxdNlU/jBzXsPYVscPjW5E93pCrSO84GkIWoOJtqsnt" |
| 1299 | b"78DLcQPnF3W24NXGzSGKlSWfXIsyoXCxnBm0mIbD5ZMnKyXEnqSR33Z9He/A+ML" |
| 1300 | b"A8gbrDUipGNPosesenkKUnOtFIzEGv29hV5E6AMP2ORPVsVlTAZegPJFbbVIWc0" |
| 1301 | b"rZGFCXKxijDxtUtgWzBhpBAI50JbPHi+IVuaOe4aDJLYgZ0BIBNa6bDI+rScyoy" |
| 1302 | b"5U0DToV7SZn6CoJ3U19X7BHdYn6TLX0xi43eXuzBGzdHnSzmsc7r/DvkAKJm3vb" |
| 1303 | b"dVECXqe/gFlXJUBcZ25jhs70MUA==" |
| 1304 | ) |
| 1305 | assert resp.tbs_response_bytes == base64.b64decode( |
| 1306 | b"MIHWoUwwSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzA" |
| 1307 | b"hBgNVBAMTGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzGA8yMDE4MDgzMDExMT" |
| 1308 | b"UwMFowdTBzMEswCQYFKw4DAhoFAAQUfuZq53Kas/z4oiBkbBahLWBxCF0EFKhKa" |
| 1309 | b"mMEfd265tE5t6ZFZe/zqOyhAhIDHHh6fckClQB7xfIiCztSevCAABgPMjAxODA4" |
| 1310 | b"MzAxMTAwMDBaoBEYDzIwMTgwOTA2MTEwMDAwWg==" |
| 1311 | ) |
| 1312 | public_key = issuer.public_key() |
| 1313 | assert isinstance(public_key, rsa.RSAPublicKey) |
| 1314 | public_key.verify( |
| 1315 | resp.signature, |
| 1316 | resp.tbs_response_bytes, |
| 1317 | PKCS1v15(), |
| 1318 | resp.signature_hash_algorithm, |
| 1319 | ) |
| 1320 | assert resp.certificates == [] |
| 1321 | assert resp.responder_key_hash is None |
| 1322 | assert resp.responder_name == issuer.subject |
| 1323 | with pytest.warns(utils.DeprecatedIn43): |
| 1324 | assert resp.produced_at == datetime.datetime(2018, 8, 30, 11, 15) |
| 1325 | assert resp.produced_at_utc == datetime.datetime( |
| 1326 | 2018, 8, 30, 11, 15, tzinfo=datetime.timezone.utc |
| 1327 | ) |
| 1328 | assert resp.certificate_status == ocsp.OCSPCertStatus.GOOD |
| 1329 | assert resp.revocation_reason is None |
| 1330 | _check_ocsp_response_times( |
| 1331 | resp, |
| 1332 | this_update=datetime.datetime(2018, 8, 30, 11, 0), |
| 1333 | next_update=datetime.datetime(2018, 9, 6, 11, 0), |
| 1334 | revocation_time=None, |
| 1335 | ) |
| 1336 | assert resp.issuer_key_hash == ( |
| 1337 | b"\xa8Jjc\x04}\xdd\xba\xe6\xd19\xb7\xa6Ee\xef\xf3\xa8\xec\xa1" |
| 1338 | ) |
nothing calls this directly
no test coverage detected