pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Ugly implementation for CRLInvalidException

Browse Source
This commit is contained in:
Montana
2019-03-04 10:59:20 -05:00
parent 5f30b347c7
commit 720859efb6
2 changed files with 27 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
tests/domain/authnid/test_crl.py
View File

@@ -12,7 +12,12 @@ from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives.serialization import Encoding
from cryptography.x509.oid import NameOID
from atst.domain.authnid.crl import CRLCache, CRLRevocationException, NoOpCRLCache
from atst.domain.authnid.crl import (
CRLCache,
CRLRevocationException,
CRLInvalidException,
NoOpCRLCache,
)
from tests.mocks import FIXTURE_EMAIL_ADDRESS, DOD_CN
@@ -233,6 +238,16 @@ def test_no_op_crl_cache_logs_common_name():
assert "ART.GARFUNKEL.1234567890" in logger.messages[-1]
def test_expired_crl_raises_CRLInvalidException(
ca_file, expired_crl_file, ca_key, make_x509
):
client_cert = make_x509(rsa_key(), signer_key=ca_key, cn="chewbacca")
client_pem = client_cert.public_bytes(Encoding.PEM)
crl_cache = CRLCache(ca_file, crl_locations=[expired_crl_file])
with pytest.raises(CRLInvalidException):
crl_cache.crl_check(client_pem)
def test_updates_expired_certs(ca_file, expired_crl_file, crl_file, ca_key, make_x509):
"""
Given a CRLCache object with an expired CRL and a function for updating the