Skip TPM attestation test if SHA1 is unsupported.

2023-04-21 15:33:42 +02:00 · 2023-04-21 15:33:42 +02:00 · 1143d471ef
parent 54cee2216a
commit 1143d471ef
1 changed files with 9 additions and 0 deletions
--- a/tests/test_attestation.py
+++ b/tests/test_attestation.py
@ -41,6 +41,7 @@ from fido2.attestation import (
    UnsupportedType,
    verify_x509_chain,
 )
+from cryptography.exceptions import UnsupportedAlgorithm, _Reasons

 import unittest

@ -222,6 +223,14 @@ ee18128ed50dd7a855e54d2459db005""".replace(
            "057a0ecbe7e3e99e8926941614f6af078c802b110be89eb221d69be2e17a1ba4"
        )

+        try:
+            res = attestation.verify(statement, auth_data, client_param)
+        except UnsupportedAlgorithm as e:
+            if e._reason is _Reasons.UNSUPPORTED_HASH:
+                self.skipTest(
+                    "SHA1 signature verification not supported on this machine"
+                )
+
        res = attestation.verify(statement, auth_data, client_param)
        self.assertEqual(res.attestation_type, AttestationType.ATT_CA)
        verify_x509_chain(res.trust_path)