diff options
| author | Jean-Paul Calderone <exarkun@twistedmatrix.com> | 2011-05-18 19:42:10 -0400 |
|---|---|---|
| committer | Jean-Paul Calderone <exarkun@twistedmatrix.com> | 2011-05-18 19:42:10 -0400 |
| commit | 2755fa56514d8f4fd84206023c68ebbca5aa19c9 (patch) | |
| tree | 60fbb891dd42ae58b71ebfc28a1ed66cc84b7ceb | |
| parent | ff404b84ff478309c182801333b5e786931c5a69 (diff) | |
| download | pyopenssl-2755fa56514d8f4fd84206023c68ebbca5aa19c9.tar.gz | |
Put the get_signature_algorithm test in the right case; add a test for the undefined case and change the implementation to raise a ValueError for it instead of returning a stupid string
| -rw-r--r-- | OpenSSL/crypto/x509.c | 4 | ||||
| -rw-r--r-- | OpenSSL/test/test_crypto.py | 46 |
2 files changed, 40 insertions, 10 deletions
diff --git a/OpenSSL/crypto/x509.c b/OpenSSL/crypto/x509.c index f763695..4f29b97 100644 --- a/OpenSSL/crypto/x509.c +++ b/OpenSSL/crypto/x509.c @@ -539,6 +539,10 @@ crypto_X509_get_signature_algorithm(crypto_X509Obj *self, PyObject *args) { alg = self->x509->cert_info->signature->algorithm; nid = OBJ_obj2nid(alg); + if (nid == NID_undef) { + PyErr_SetString(PyExc_ValueError, "Undefined signature algorithm"); + return NULL; + } return PyString_FromString(OBJ_nid2ln(nid)); } diff --git a/OpenSSL/test/test_crypto.py b/OpenSSL/test/test_crypto.py index fcf834f..1fcb543 100644 --- a/OpenSSL/test/test_crypto.py +++ b/OpenSSL/test/test_crypto.py @@ -652,15 +652,6 @@ class X509NameTests(TestCase): name = self._x509name() self.assertRaises(AttributeError, setattr, name, "no such thing", None) - def test_get_signature_algorithm(self): - """ - L{X509Type.get_signature_algorithm} returns a string which means - the algorithm used to sign the certificate. - """ - cert = load_certificate(FILETYPE_PEM, self.pemData) - self.assertEqual(cert.get_signature_algorithm(), "sha1WithRSAEncryption") - - def test_attributes(self): """ @@ -1483,12 +1474,47 @@ WpOdIpB8KksUTCzV591Nr1wd """ cert = load_certificate(FILETYPE_PEM, self.pemData) self.assertIn( - cert.subject_name_hash(), + cert.subject_name_hash(), [3350047874, # OpenSSL 0.9.8, MD5 3278919224, # OpenSSL 1.0.0, SHA1 ]) + def test_get_signature_algorithm(self): + """ + L{X509Type.get_signature_algorithm} returns a string which means + the algorithm used to sign the certificate. + """ + cert = load_certificate(FILETYPE_PEM, self.pemData) + self.assertEqual(cert.get_signature_algorithm(), "sha1WithRSAEncryption") + + + def test_get_undefined_signature_algorithm(self): + certPEM = """\ +-----BEGIN CERTIFICATE----- +MIIC/zCCAmigAwIBAgIBATAGBgJ8BQUAMHsxCzAJBgNVBAYTAlNHMREwDwYDVQQK +EwhNMkNyeXB0bzEUMBIGA1UECxMLTTJDcnlwdG8gQ0ExJDAiBgNVBAMTG00yQ3J5 +cHRvIENlcnRpZmljYXRlIE1hc3RlcjEdMBsGCSqGSIb3DQEJARYObmdwc0Bwb3N0 +MS5jb20wHhcNMDAwOTEwMDk1MTMwWhcNMDIwOTEwMDk1MTMwWjBTMQswCQYDVQQG +EwJTRzERMA8GA1UEChMITTJDcnlwdG8xEjAQBgNVBAMTCWxvY2FsaG9zdDEdMBsG +CSqGSIb3DQEJARYObmdwc0Bwb3N0MS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBI +AkEArL57d26W9fNXvOhNlZzlPOACmvwOZ5AdNgLzJ1/MfsQQJ7hHVeHmTAjM664V ++fXvwUGJLziCeBo1ysWLRnl8CQIDAQABo4IBBDCCAQAwCQYDVR0TBAIwADAsBglg +hkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0O +BBYEFM+EgpK+eyZiwFU1aOPSbczbPSpVMIGlBgNVHSMEgZ0wgZqAFPuHI2nrnDqT +FeXFvylRT/7tKDgBoX+kfTB7MQswCQYDVQQGEwJTRzERMA8GA1UEChMITTJDcnlw +dG8xFDASBgNVBAsTC00yQ3J5cHRvIENBMSQwIgYDVQQDExtNMkNyeXB0byBDZXJ0 +aWZpY2F0ZSBNYXN0ZXIxHTAbBgkqhkiG9w0BCQEWDm5ncHNAcG9zdDEuY29tggEA +MA0GCSqGSIb3DQEBBAUAA4GBADv8KpPo+gfJxN2ERK1Y1l17sz/ZhzoGgm5XCdbx +jEY7xKfpQngV599k1xhl11IMqizDwu0855agrckg2MCTmOI9DZzDD77tAYb+Dk0O +PEVk0Mk/V0aIsDE9bolfCi/i/QWZ3N8s5nTWMNyBBBmoSliWCm4jkkRZRD0ejgTN +tgI5 +-----END CERTIFICATE----- +""" + cert = load_certificate(FILETYPE_PEM, certPEM) + self.assertRaises(ValueError, cert.get_signature_algorithm) + + class PKCS12Tests(TestCase): """ |