@@ -1016,6 +1016,22 @@ def test_pkcs7_verify_der_no_content(
1016
1016
with pytest .raises (ValueError ):
1017
1017
pkcs7 .pkcs7_verify_der (signature )
1018
1018
1019
+ def test_pkcs7_verify_der_ecdsa_certificate (self , backend , data ):
1020
+ # Getting an ECDSA certificate
1021
+ certificate , private_key = _load_cert_key ()
1022
+
1023
+ # Signature
1024
+ builder = (
1025
+ pkcs7 .PKCS7SignatureBuilder ()
1026
+ .set_data (data )
1027
+ .add_signer (certificate , private_key , hashes .SHA256 ())
1028
+ )
1029
+ signature = builder .sign (serialization .Encoding .DER , [])
1030
+
1031
+ # Verification with another certificate
1032
+ options = [pkcs7 .PKCS7Options .NoVerify ]
1033
+ pkcs7 .pkcs7_verify_der (signature , options = options )
1034
+
1019
1035
def test_pkcs7_verify_invalid_signature (
1020
1036
self , backend , data , certificate , private_key
1021
1037
):
@@ -1051,6 +1067,21 @@ def test_pkcs7_verify_der_wrong_certificate(
1051
1067
with pytest .raises (ValueError ):
1052
1068
pkcs7 .pkcs7_verify_der (signature , certificate = rsa_certificate )
1053
1069
1070
+ def test_pkcs7_verify_der_unsupported_digest_algorithm (
1071
+ self , backend , data , certificate , private_key
1072
+ ):
1073
+ # Signature
1074
+ builder = (
1075
+ pkcs7 .PKCS7SignatureBuilder ()
1076
+ .set_data (data )
1077
+ .add_signer (certificate , private_key , hashes .SHA384 ())
1078
+ )
1079
+ signature = builder .sign (serialization .Encoding .DER , [])
1080
+
1081
+ # Verification with another certificate
1082
+ with pytest .raises (exceptions .UnsupportedAlgorithm ):
1083
+ pkcs7 .pkcs7_verify_der (signature )
1084
+
1054
1085
def test_pkcs7_verify_pem (self , backend , data , certificate , private_key ):
1055
1086
# Signature
1056
1087
builder = (
0 commit comments