def test_no_nonce_asn1crypto(self) -> None:
"""Test fetching without a nonce, test using asn1crypto."""
builder = ocspbuilder.OCSPRequestBuilder(
certificate=asn1crypto.x509.Certificate.load(self.cert.pub.der),
issuer=asn1crypto.x509.Certificate.load(self.cert.ca.pub.der),
)
builder.nonce = False
data = base64.b64encode(builder.build().dump()).decode("utf-8")
response = self.client.get(reverse("get", kwargs={"data": data}))
self.assertEqual(response.status_code, HTTPStatus.OK)
self.assertOCSP(response, requested=[self.cert], nonce=None)
def test_no_nonce_asn1crypto(self):
cert = self.certs['child-cert']
builder = ocspbuilder.OCSPRequestBuilder(
certificate=asn1crypto.x509.Certificate.load(
cert.x509.public_bytes(Encoding.DER)),
issuer=asn1crypto.x509.Certificate.load(
cert.ca.x509.public_bytes(Encoding.DER)))
builder.nonce = False
data = base64.b64encode(builder.build().dump()).decode('utf-8')
response = self.client.get(reverse('get', kwargs={'data': data}))
self.assertEqual(response.status_code, 200)
self.assertOCSP(response, requested=[cert], nonce=None)
def ocsp_request(self):
"""
Generate an OCSP request or return an already cached request.
:return bytes: A binary representation of a
:class:`asn1crypto.ocsp.OCSPRequest` which is in turn represented
by a :class:`asn1crypto.core.Sequence`.
"""
ocsp_request_builder = ocspbuilder.OCSPRequestBuilder(
asymmetric.load_certificate(self.end_entity),
asymmetric.load_certificate(self.chain[-2]))
ocsp_request_builder.nonce = False
ocsp_request = ocsp_request_builder.build().dump()
# This data can be posted to the OCSP URI to debug further
if LOG.isEnabledFor(logging.DEBUG):
LOG.debug(
"Request data: \n%s",
pretty_base64(ocsp_request, line_len=75, prefix=" " * 36))
return ocsp_request