wbond
commented
4 years ago It would appear that this exception is just missing from the :raises: docs.
Open atmenta opened 4 years ago
wbond
commented
4 years ago It would appear that this exception is just missing from the :raises: docs.
When certvalidator fetches an OCSP response, but request and response nonces do not match
OCSPValidationErroris raised:https://github.com/wbond/certvalidator/blob/5bc5c390c1955195507c23db91b8926bb03f7385/certvalidator/ocsp_client.py#L101-L103
However, this error is neither caught (and handled), nor documented.
Note: Other OCSP related errors are converted into derived exceptions (
OCSPValidationIndeterminateErrorandOCSPNoMatchesError) which are handled invalidate._validate_path:https://github.com/wbond/certvalidator/blob/5bc5c390c1955195507c23db91b8926bb03f7385/certvalidator/validate.py#L375-L397
However, its not clear for me how not matching nonces should be handled at the end.