From c15b6ec44164f448547bfc7c024366b3aadfe964 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan-Jonas=20S=C3=A4mann?= <sprinterfreak@binary-kitchen.de>
Date: Sat, 1 Jul 2023 14:29:48 +0200
Subject: [PATCH] Instantiate HashAlgorithm in OCSPRequestBuilder

Installations of more recent cryptography require parameter hash
algorithm to be an instance of hashes.HashAlgorithm, not the bare object
itself.

Fixes #63
---
 acertmgr/tools.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/acertmgr/tools.py b/acertmgr/tools.py
index 716da0b..7201e19 100644
--- a/acertmgr/tools.py
+++ b/acertmgr/tools.py
@@ -432,7 +432,7 @@ def is_ocsp_valid(cert, issuer, hash_algo):
 
         # This is a bit of a hack due to validation problems within cryptography (TODO: Check if this is still true)
         # Correct replacement:  ocsprequest = ocsp.OCSPRequestBuilder().add_certificate(cert, issuer, algorithm).build()
-        ocsprequest = ocsp.OCSPRequestBuilder((cert, issuer, algorithm)).build()
+        ocsprequest = ocsp.OCSPRequestBuilder((cert, issuer, (algorithm)())).build()
         ocsprequestdata = ocsprequest.public_bytes(serialization.Encoding.DER)
         for ocsp_url in ocsp_urls:
             response = get_url(ocsp_url,