aboutsummaryrefslogtreecommitdiffstats
path: root/src/cryptography/x509/ocsp.py
diff options
context:
space:
mode:
authorPaul Kehrer <paul.l.kehrer@gmail.com>2018-08-31 10:47:56 -0400
committerAlex Gaynor <alex.gaynor@gmail.com>2018-08-31 10:47:56 -0400
commit0f629bbdbb7ff595bffe43209490cc2647763fd3 (patch)
tree40a0c92380cb77bdefc0828b12e6ebfdeb3404ca /src/cryptography/x509/ocsp.py
parent5a54f1aec2d9b739c95ed862661efe7b8ff75d31 (diff)
downloadcryptography-0f629bbdbb7ff595bffe43209490cc2647763fd3.tar.gz
cryptography-0f629bbdbb7ff595bffe43209490cc2647763fd3.tar.bz2
cryptography-0f629bbdbb7ff595bffe43209490cc2647763fd3.zip
refactor ocsp request parsing and generation to support only one cert (#4439)
* refactor ocsp request parsing and generation to support only one cert * small doc change * notimplementederror
Diffstat (limited to 'src/cryptography/x509/ocsp.py')
-rw-r--r--src/cryptography/x509/ocsp.py47
1 files changed, 14 insertions, 33 deletions
diff --git a/src/cryptography/x509/ocsp.py b/src/cryptography/x509/ocsp.py
index 0567197d..c3225daa 100644
--- a/src/cryptography/x509/ocsp.py
+++ b/src/cryptography/x509/ocsp.py
@@ -27,10 +27,13 @@ def load_der_ocsp_request(data):
class OCSPRequestBuilder(object):
- def __init__(self, requests=[]):
- self._requests = requests
+ def __init__(self, request=None):
+ self._request = request
+
+ def add_certificate(self, cert, issuer, algorithm):
+ if self._request is not None:
+ raise ValueError("Only one certificate can be added to a request")
- def add_request(self, cert, issuer, algorithm):
allowed_hashes = (
hashes.SHA1, hashes.SHA224, hashes.SHA256,
hashes.SHA384, hashes.SHA512
@@ -45,45 +48,18 @@ class OCSPRequestBuilder(object):
):
raise TypeError("cert and issuer must be a Certificate")
- return OCSPRequestBuilder(self._requests + [(cert, issuer, algorithm)])
+ return OCSPRequestBuilder((cert, issuer, algorithm))
def build(self):
from cryptography.hazmat.backends.openssl.backend import backend
- if len(self._requests) == 0:
- raise ValueError("You must add a request before building")
+ if self._request is None:
+ raise ValueError("You must add a certificate before building")
return backend.create_ocsp_request(self)
@six.add_metaclass(abc.ABCMeta)
class OCSPRequest(object):
- @abc.abstractmethod
- def __iter__(self):
- """
- Iteration of Requests
- """
-
- @abc.abstractmethod
- def __len__(self):
- """
- Number of Requests inside the OCSPRequest object
- """
-
- @abc.abstractmethod
- def __getitem__(self, idx):
- """
- Returns a Request or range of Requests
- """
-
- @abc.abstractmethod
- def public_bytes(self, encoding):
- """
- Serializes the request to DER
- """
-
-
-@six.add_metaclass(abc.ABCMeta)
-class Request(object):
@abc.abstractproperty
def issuer_key_hash(self):
"""
@@ -107,3 +83,8 @@ class Request(object):
"""
The serial number of the cert whose status is being checked
"""
+ @abc.abstractmethod
+ def public_bytes(self, encoding):
+ """
+ Serializes the request to DER
+ """