MCPcopy
hub / github.com/pyca/cryptography / test_sign_revoked_cert

Method test_sign_revoked_cert

tests/x509/test_ocsp.py:680–715  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

678 )
679
680 def test_sign_revoked_cert(self):
681 builder = ocsp.OCSPResponseBuilder()
682 cert, issuer = _cert_and_issuer()
683 root_cert, private_key = _generate_root()
684 current_time = (
685 datetime.datetime.now(datetime.timezone.utc)
686 .replace(tzinfo=None)
687 .replace(microsecond=0)
688 )
689 this_update = current_time - datetime.timedelta(days=1)
690 next_update = this_update + datetime.timedelta(days=7)
691 revoked_date = this_update - datetime.timedelta(days=300)
692 builder = builder.responder_id(
693 ocsp.OCSPResponderEncoding.NAME, root_cert
694 ).add_response(
695 cert,
696 issuer,
697 hashes.SHA1(),
698 ocsp.OCSPCertStatus.REVOKED,
699 this_update,
700 next_update,
701 revoked_date,
702 None,
703 )
704 resp = builder.sign(private_key, hashes.SHA256())
705 assert resp.certificate_status == ocsp.OCSPCertStatus.REVOKED
706 assert resp.revocation_reason is None
707 _check_ocsp_response_times(
708 resp,
709 this_update=this_update,
710 next_update=next_update,
711 revocation_time=revoked_date,
712 )
713 private_key.public_key().verify(
714 resp.signature, resp.tbs_response_bytes, ec.ECDSA(hashes.SHA256())
715 )
716
717 def test_sign_unknown_cert(self):
718 builder = ocsp.OCSPResponseBuilder()

Callers

nothing calls this directly

Calls 8

responder_idMethod · 0.95
signMethod · 0.95
_cert_and_issuerFunction · 0.85
_generate_rootFunction · 0.85
add_responseMethod · 0.80
verifyMethod · 0.45
public_keyMethod · 0.45

Tested by

no test coverage detected