diff options
author | Noel Remy <mocramis@gmail.com> | 2019-11-10 16:45:30 +0100 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2019-11-10 10:45:30 -0500 |
commit | 68e49ae4400c0ff68aac2e7c5f95725e7af0de40 (patch) | |
tree | a0a1be4921d7ad4842325377db5c95772ee150dd /src/cryptography | |
parent | d06a3a8f9cfbdb04c091017bef15f10cc5fc0f45 (diff) | |
download | cryptography-68e49ae4400c0ff68aac2e7c5f95725e7af0de40.tar.gz cryptography-68e49ae4400c0ff68aac2e7c5f95725e7af0de40.tar.bz2 cryptography-68e49ae4400c0ff68aac2e7c5f95725e7af0de40.zip |
Let Oid enforce positive decimal integers (#5053)
Failing that would lead to an OpenSSL error when calling OBJ_txt2obj at
serialization.
Adds basic tests for oids.
Diffstat (limited to 'src/cryptography')
-rw-r--r-- | src/cryptography/hazmat/_oid.py | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/cryptography/hazmat/_oid.py b/src/cryptography/hazmat/_oid.py index 4b08722f..f98912f9 100644 --- a/src/cryptography/hazmat/_oid.py +++ b/src/cryptography/hazmat/_oid.py @@ -19,11 +19,16 @@ class ObjectIdentifier(object): # range 0..39. All nodes must be integers. for node in nodes: try: - intnodes.append(int(node, 0)) + node_value = int(node, 10) except ValueError: raise ValueError( "Malformed OID: %s (non-integer nodes)" % ( self._dotted_string)) + if node_value < 0: + raise ValueError( + "Malformed OID: %s (negative-integer nodes)" % ( + self._dotted_string)) + intnodes.append(node_value) if len(nodes) < 2: raise ValueError( |