def test_ext_key_usage_good_oid(self):
allowed_usage = ["1.3.6.1.5.5.7.3.1"]
csr = x509_csr.X509Csr()
ext = x509_ext.X509ExtensionExtendedKeyUsage()
ext.set_usage(rfc5280.id_kp_serverAuth, True)
csr.add_extension(ext)
self.assertEqual(
None, custom.ext_key_usage(csr=csr, allowed_usage=allowed_usage))
def test_ext_key_usage_good_long(self):
allowed_usage = ['TLS Web Server Authentication']
csr = x509_csr.X509Csr()
ext = x509_ext.X509ExtensionExtendedKeyUsage()
ext.set_usage(rfc5280.id_kp_serverAuth, True)
csr.add_extension(ext)
self.assertEqual(
None, custom.ext_key_usage(csr=csr, allowed_usage=allowed_usage))
def test_ext_key_usage_bad(self):
allowed_usage = ['serverAuth']
csr = x509_csr.X509Csr()
ext = x509_ext.X509ExtensionExtendedKeyUsage()
ext.set_usage(rfc5280.id_kp_clientAuth, True)
csr.add_extension(ext)
with self.assertRaises(errors.ValidationError) as e:
custom.ext_key_usage(csr=csr, allowed_usage=allowed_usage)
self.assertEqual("Found some prohibited key usages: "
"clientAuth", str(e.exception))
def setUp(self):
self.ext = extension.X509ExtensionExtendedKeyUsage()