diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-09-24 08:44:12 +0800 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2017-09-23 20:44:12 -0400 |
| commit | b76bcf88bd272dcde26858c936a743a229aefd5a (patch) | |
| tree | 3a6504ab0be963aceb49e95c1acb0f09ec3de84d /src/cryptography/x509 | |
| parent | 5e3cc98473ad54db390736ac81bb74210e85056d (diff) | |
| download | cryptography-b76bcf88bd272dcde26858c936a743a229aefd5a.tar.gz cryptography-b76bcf88bd272dcde26858c936a743a229aefd5a.tar.bz2 cryptography-b76bcf88bd272dcde26858c936a743a229aefd5a.zip | |
FreshestCRL extension support (#3937)
* add freshest CRL support
* add tests
* add changelog
* add tests for FreshestCRL generation
Diffstat (limited to 'src/cryptography/x509')
| -rw-r--r-- | src/cryptography/x509/__init__.py | 7 | ||||
| -rw-r--r-- | src/cryptography/x509/extensions.py | 41 |
2 files changed, 45 insertions, 3 deletions
diff --git a/src/cryptography/x509/__init__.py b/src/cryptography/x509/__init__.py index e168adb7..224c9af6 100644 --- a/src/cryptography/x509/__init__.py +++ b/src/cryptography/x509/__init__.py @@ -19,9 +19,9 @@ from cryptography.x509.extensions import ( AuthorityKeyIdentifier, BasicConstraints, CRLDistributionPoints, CRLNumber, CRLReason, CertificateIssuer, CertificatePolicies, DeltaCRLIndicator, DistributionPoint, DuplicateExtension, ExtendedKeyUsage, - Extension, ExtensionNotFound, ExtensionType, Extensions, GeneralNames, - InhibitAnyPolicy, InvalidityDate, IssuerAlternativeName, KeyUsage, - NameConstraints, NoticeReference, OCSPNoCheck, PolicyConstraints, + Extension, ExtensionNotFound, ExtensionType, Extensions, FreshestCRL, + GeneralNames, InhibitAnyPolicy, InvalidityDate, IssuerAlternativeName, + KeyUsage, NameConstraints, NoticeReference, OCSPNoCheck, PolicyConstraints, PolicyInformation, PrecertificateSignedCertificateTimestamps, ReasonFlags, SubjectAlternativeName, SubjectKeyIdentifier, TLSFeature, TLSFeatureType, UnrecognizedExtension, UserNotice @@ -131,6 +131,7 @@ __all__ = [ "Extensions", "Extension", "ExtendedKeyUsage", + "FreshestCRL", "TLSFeature", "TLSFeatureType", "OCSPNoCheck", diff --git a/src/cryptography/x509/extensions.py b/src/cryptography/x509/extensions.py index beb20bad..eb4b927f 100644 --- a/src/cryptography/x509/extensions.py +++ b/src/cryptography/x509/extensions.py @@ -444,6 +444,47 @@ class CRLDistributionPoints(object): return hash(tuple(self._distribution_points)) +@utils.register_interface(ExtensionType) +class FreshestCRL(object): + oid = ExtensionOID.FRESHEST_CRL + + def __init__(self, distribution_points): + distribution_points = list(distribution_points) + if not all( + isinstance(x, DistributionPoint) for x in distribution_points + ): + raise TypeError( + "distribution_points must be a list of DistributionPoint " + "objects" + ) + + self._distribution_points = distribution_points + + def __iter__(self): + return iter(self._distribution_points) + + def __len__(self): + return len(self._distribution_points) + + def __repr__(self): + return "<FreshestCRL({0})>".format(self._distribution_points) + + def __eq__(self, other): + if not isinstance(other, FreshestCRL): + return NotImplemented + + return self._distribution_points == other._distribution_points + + def __ne__(self, other): + return not self == other + + def __getitem__(self, idx): + return self._distribution_points[idx] + + def __hash__(self): + return hash(tuple(self._distribution_points)) + + class DistributionPoint(object): def __init__(self, full_name, relative_name, reasons, crl_issuer): if full_name and relative_name: |