diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2016-01-05 19:02:32 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2016-01-05 19:02:32 -0600 |
| commit | 0d943bbd2d239db90bfea61fdcd94bb87adfeb83 (patch) | |
| tree | e3d3f334b7932c882e57a9226eb449feccca7b75 /src/cryptography/x509/extensions.py | |
| parent | 262dd383ab1dcc7f98ea0e7ae0a0fa297500312c (diff) | |
| download | cryptography-0d943bbd2d239db90bfea61fdcd94bb87adfeb83.tar.gz cryptography-0d943bbd2d239db90bfea61fdcd94bb87adfeb83.tar.bz2 cryptography-0d943bbd2d239db90bfea61fdcd94bb87adfeb83.zip | |
refactor the init validation of AuthorityKeyIdentifier
Fixes #2640
Diffstat (limited to 'src/cryptography/x509/extensions.py')
| -rw-r--r-- | src/cryptography/x509/extensions.py | 37 |
1 files changed, 20 insertions, 17 deletions
diff --git a/src/cryptography/x509/extensions.py b/src/cryptography/x509/extensions.py index f7b5d7f5..3e6fc3b3 100644 --- a/src/cryptography/x509/extensions.py +++ b/src/cryptography/x509/extensions.py @@ -155,25 +155,28 @@ class AuthorityKeyIdentifier(object): def __init__(self, key_identifier, authority_cert_issuer, authority_cert_serial_number): - if authority_cert_issuer or authority_cert_serial_number: - if not authority_cert_issuer or not authority_cert_serial_number: - raise ValueError( - "authority_cert_issuer and authority_cert_serial_number " - "must both be present or both None" - ) + if (authority_cert_issuer is None) != ( + authority_cert_serial_number is None + ): + raise ValueError( + "authority_cert_issuer and authority_cert_serial_number " + "must both be present or both None" + ) - if not all( - isinstance(x, GeneralName) for x in authority_cert_issuer - ): - raise TypeError( - "authority_cert_issuer must be a list of GeneralName " - "objects" - ) + if authority_cert_issuer is not None and not all( + isinstance(x, GeneralName) for x in authority_cert_issuer + ): + raise TypeError( + "authority_cert_issuer must be a list of GeneralName " + "objects" + ) - if not isinstance(authority_cert_serial_number, six.integer_types): - raise TypeError( - "authority_cert_serial_number must be an integer" - ) + if authority_cert_serial_number is not None and not isinstance( + authority_cert_serial_number, six.integer_types + ): + raise TypeError( + "authority_cert_serial_number must be an integer" + ) self._key_identifier = key_identifier self._authority_cert_issuer = authority_cert_issuer |