MCPcopy
hub / github.com/pyca/cryptography / test_sign_with_extension

Method test_sign_with_extension

tests/x509/test_ocsp.py:914–945  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

912 builder.sign(diff_key, hashes.SHA256())
913
914 def test_sign_with_extension(self):
915 builder = ocsp.OCSPResponseBuilder()
916 cert, issuer = _cert_and_issuer()
917 root_cert, private_key = _generate_root()
918 current_time = (
919 datetime.datetime.now(datetime.timezone.utc)
920 .replace(tzinfo=None)
921 .replace(microsecond=0)
922 )
923 this_update = current_time - datetime.timedelta(days=1)
924 next_update = this_update + datetime.timedelta(days=7)
925 builder = (
926 builder.responder_id(ocsp.OCSPResponderEncoding.HASH, root_cert)
927 .add_response(
928 cert,
929 issuer,
930 hashes.SHA1(),
931 ocsp.OCSPCertStatus.GOOD,
932 this_update,
933 next_update,
934 None,
935 None,
936 )
937 .add_extension(x509.OCSPNonce(b"012345"), False)
938 )
939 resp = builder.sign(private_key, hashes.SHA256())
940 assert len(resp.extensions) == 1
941 assert resp.extensions[0].value == x509.OCSPNonce(b"012345")
942 assert resp.extensions[0].critical is False
943 private_key.public_key().verify(
944 resp.signature, resp.tbs_response_bytes, ec.ECDSA(hashes.SHA256())
945 )
946
947 @pytest.mark.parametrize(
948 ("status", "der"),

Callers

nothing calls this directly

Calls 8

responder_idMethod · 0.95
signMethod · 0.95
_cert_and_issuerFunction · 0.85
_generate_rootFunction · 0.85
add_responseMethod · 0.80
add_extensionMethod · 0.45
verifyMethod · 0.45
public_keyMethod · 0.45

Tested by

no test coverage detected