Implemented minimal cert extension support

[oss/ctypescrypto.git] / tests / testx509.py

diff --git a/tests/testx509.py b/tests/testx509.py
index 2a09e78b562b869a8deea528333d34ab4126fbf5..a54417ba5733cb0e966f92bc7c196f8b624c2c0b 100644 (file)
--- a/tests/testx509.py
+++ b/tests/testx509.py
@@ -1,9 +1,10 @@
 #!/usr/bin/env python
 # -*- encoding: utf-8 -*-
 
-from ctypescrypto.x509 import X509,X509Store
+from ctypescrypto.x509 import X509,X509Store,utc
 from ctypescrypto.oid import Oid
 from tempfile import NamedTemporaryFile
+import datetime
 import unittest
 
 
@@ -124,6 +125,12 @@ zVMSW4SOwg/H7ZMZ2cn6j1g0djIvruFQFGHUqFijyDATI+/GJYw2jxyA
                c=X509(self.cert1)
                self.assertEqual(c.subject[Oid("C")],"RU")
                self.assertEqual(c.subject[Oid("L")],u'\u041c\u043e\u0441\u043a\u0432\u0430')
+       def test_notBefore(self):
+               c=X509(self.cert1)
+               self.assertEqual(c.startDate,datetime.datetime(2014,10,26,19,07,17,0,utc))
+       def test_notAfter(self):
+               c=X509(self.cert1)
+               self.assertEqual(c.endDate,datetime.datetime(2024,10,23,19,7,17,0,utc))
        def test_namecomp(self):
                c=X509(self.cert1)
                ca=X509(self.ca_cert)
@@ -133,11 +140,48 @@ zVMSW4SOwg/H7ZMZ2cn6j1g0djIvruFQFGHUqFijyDATI+/GJYw2jxyA
        def test_serial(self):
                c=X509(self.cert1)
                self.assertEqual(c.serial,0xDF448E69DADC927CL)
+       def test_version(self):
+               c=X509(self.cert1)
+               self.assertEqual(c.version,3)
        def test_ca_cert(self):
                ca=X509(self.ca_cert)
                self.assertTrue(ca.check_ca())
                notca=X509(self.cert1)
                self.assertFalse(notca.check_ca())
+       def test_extension_count(self):
+               cert=X509(self.cert1)
+               self.assertTrue(len(cert.extensions),4)
+               ca_cert=X509(self.ca_cert)
+               self.assertEqual(len(ca_cert.extensions),3)
+       def test_extension_outofrange(self):
+               cert=X509(self.cert1)
+               with self.assertRaises(IndexError):
+                       cert.extensions[4]
+               with self.assertRaises(IndexError):
+                       cert.extensions[-1]
+       def test_extension_oid(self):
+               cert=X509(self.cert1)
+               ext=cert.extensions[0]
+               ext_id=ext.oid
+               self.assertTrue(isinstance(ext_id,Oid))
+               self.assertEqual(ext_id,Oid('basicConstraints'))
+       def text_extension_text(self):
+               cert=X509(self.cert1)
+               ext=cert.extensions[0]
+               self.assertEqual(str(ext),'CA:FALSE')
+       def test_extenson_find(self):
+               cert=X509(self.cert1)
+               exts=cert.extensions.find(Oid('subjectAltName'))
+               self.assertEqual(len(exts),1)
+               self.assertEqual(exts[0].oid,Oid('subjectAltName'))
+       def test_extenson_critical(self):
+               cert=X509(self.digicert_cert)
+               crit_exts=cert.extensions.find_critical()
+               self.assertEqual(len(crit_exts),2)
+               other_exts=cert.extensions.find_critical(False)
+               self.assertEqual(len(crit_exts)+len(other_exts),len(cert.extensions))
+               self.assertEqual(crit_exts[0].critical,True)
+               self.assertEqual(other_exts[0].critical,False)
        def test_verify_by_key(self):
                ca=X509(self.ca_cert)
                pubkey=ca.pubkey
@@ -171,7 +215,6 @@ zVMSW4SOwg/H7ZMZ2cn6j1g0djIvruFQFGHUqFijyDATI+/GJYw2jxyA
                # signed by some commercial CA should be rejected too
                self.assertFalse(gitcert.verify(store))
                trusted.close()
-               pass
        def test_verify_by_dirstore(self):
                pass
 if __name__ == '__main__':