(self)
| 715 | ) |
| 716 | |
| 717 | def test_sign_unknown_cert(self): |
| 718 | builder = ocsp.OCSPResponseBuilder() |
| 719 | cert, issuer = _cert_and_issuer() |
| 720 | root_cert, private_key = _generate_root() |
| 721 | current_time = ( |
| 722 | datetime.datetime.now(datetime.timezone.utc) |
| 723 | .replace(tzinfo=None) |
| 724 | .replace(microsecond=0) |
| 725 | ) |
| 726 | this_update = current_time - datetime.timedelta(days=1) |
| 727 | next_update = this_update + datetime.timedelta(days=7) |
| 728 | builder = builder.responder_id( |
| 729 | ocsp.OCSPResponderEncoding.NAME, root_cert |
| 730 | ).add_response( |
| 731 | cert, |
| 732 | issuer, |
| 733 | hashes.SHA1(), |
| 734 | ocsp.OCSPCertStatus.UNKNOWN, |
| 735 | this_update, |
| 736 | next_update, |
| 737 | None, |
| 738 | None, |
| 739 | ) |
| 740 | resp = builder.sign(private_key, hashes.SHA384()) |
| 741 | assert resp.certificate_status == ocsp.OCSPCertStatus.UNKNOWN |
| 742 | _check_ocsp_response_times( |
| 743 | resp, |
| 744 | this_update=this_update, |
| 745 | next_update=next_update, |
| 746 | revocation_time=None, |
| 747 | ) |
| 748 | private_key.public_key().verify( |
| 749 | resp.signature, resp.tbs_response_bytes, ec.ECDSA(hashes.SHA384()) |
| 750 | ) |
| 751 | |
| 752 | def test_sign_with_appended_certs(self): |
| 753 | builder = ocsp.OCSPResponseBuilder() |
nothing calls this directly
no test coverage detected