diff options
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_crypto.py | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/tests/test_crypto.py b/tests/test_crypto.py index e75e3ad..e4cf496 100644 --- a/tests/test_crypto.py +++ b/tests/test_crypto.py @@ -3728,6 +3728,27 @@ class X509StoreContextTests(TestCase): store_ctx.set_store(store_good) self.assertEqual(store_ctx.verify_certificate(), None) + def test_verify_with_time(self): + """ + `verify_certificate` raises error when the verification time is + set at notAfter. + """ + store = X509Store() + store.add_cert(self.root_cert) + store.add_cert(self.intermediate_cert) + + expire_time = self.intermediate_server_cert.get_notAfter() + expire_datetime = datetime.strptime( + expire_time.decode('utf-8'), '%Y%m%d%H%M%SZ' + ) + store.set_time(expire_datetime) + + store_ctx = X509StoreContext(store, self.intermediate_server_cert) + with pytest.raises(X509StoreContextError) as exc: + store_ctx.verify_certificate() + + assert exc.value.args[0][2] == 'certificate has expired' + class SignVerifyTests(TestCase): """ |