diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2015-12-26 11:08:25 -0500 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2015-12-26 11:08:25 -0500 |
| commit | 0860ef60adc7974dc26cfdd3c7adeb5e4e6e6448 (patch) | |
| tree | 8c69e549f05a2512cb66776dfe57428ba105009c /src | |
| parent | 045fc7ea5e788eaeb2e444985d9dd94280dd6452 (diff) | |
| parent | 49bb7565120b181752dc2574cd0e3660393c707c (diff) | |
| download | cryptography-0860ef60adc7974dc26cfdd3c7adeb5e4e6e6448.tar.gz cryptography-0860ef60adc7974dc26cfdd3c7adeb5e4e6e6448.tar.bz2 cryptography-0860ef60adc7974dc26cfdd3c7adeb5e4e6e6448.zip | |
Merge pull request #2575 from reaperhulk/crlentry-extensions-classes
start switching the CRL entry extensions to be full-fledged classes
Diffstat (limited to 'src')
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/x509.py | 2 | ||||
| -rw-r--r-- | src/cryptography/x509/__init__.py | 8 | ||||
| -rw-r--r-- | src/cryptography/x509/extensions.py | 33 |
3 files changed, 38 insertions, 5 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py index f3286b05..05390809 100644 --- a/src/cryptography/hazmat/backends/openssl/x509.py +++ b/src/cryptography/hazmat/backends/openssl/x509.py @@ -743,7 +743,7 @@ def _decode_cert_issuer(backend, ext): CRLEntryExtensionOID.CERTIFICATE_ISSUER)) gns = backend._ffi.gc(gns, backend._lib.GENERAL_NAMES_free) - return x509.GeneralNames(_decode_general_names(backend, gns)) + return x509.CertificateIssuer(_decode_general_names(backend, gns)) @utils.register_interface(x509.RevokedCertificate) diff --git a/src/cryptography/x509/__init__.py b/src/cryptography/x509/__init__.py index 32543e67..9946daa0 100644 --- a/src/cryptography/x509/__init__.py +++ b/src/cryptography/x509/__init__.py @@ -15,9 +15,10 @@ from cryptography.x509.base import ( from cryptography.x509.extensions import ( AccessDescription, AuthorityInformationAccess, AuthorityKeyIdentifier, BasicConstraints, CRLDistributionPoints, - CRLNumber, CertificatePolicies, DistributionPoint, DuplicateExtension, - ExtendedKeyUsage, Extension, ExtensionNotFound, ExtensionType, Extensions, - GeneralNames, InhibitAnyPolicy, IssuerAlternativeName, KeyUsage, + CRLNumber, CertificateIssuer, CertificatePolicies, + DistributionPoint, DuplicateExtension, ExtendedKeyUsage, Extension, + ExtensionNotFound, ExtensionType, Extensions, GeneralNames, + InhibitAnyPolicy, IssuerAlternativeName, KeyUsage, NameConstraints, NoticeReference, OCSPNoCheck, PolicyInformation, ReasonFlags, SubjectAlternativeName, SubjectKeyIdentifier, UnsupportedExtension, UserNotice @@ -165,4 +166,5 @@ __all__ = [ "OID_OCSP", "_GENERAL_NAMES", "CRLExtensionOID", + "CertificateIssuer", ] diff --git a/src/cryptography/x509/extensions.py b/src/cryptography/x509/extensions.py index 7ec653d0..3c017ea1 100644 --- a/src/cryptography/x509/extensions.py +++ b/src/cryptography/x509/extensions.py @@ -18,7 +18,9 @@ from cryptography import utils from cryptography.hazmat.primitives import constant_time, serialization from cryptography.x509.general_name import GeneralName, IPAddress, OtherName from cryptography.x509.name import Name -from cryptography.x509.oid import ExtensionOID, ObjectIdentifier +from cryptography.x509.oid import ( + CRLEntryExtensionOID, ExtensionOID, ObjectIdentifier +) class _SubjectPublicKeyInfo(univ.Sequence): @@ -945,3 +947,32 @@ class IssuerAlternativeName(object): def __ne__(self, other): return not self == other + + +@utils.register_interface(ExtensionType) +class CertificateIssuer(object): + oid = CRLEntryExtensionOID.CERTIFICATE_ISSUER + + def __init__(self, general_names): + self._general_names = GeneralNames(general_names) + + def __iter__(self): + return iter(self._general_names) + + def __len__(self): + return len(self._general_names) + + def get_values_for_type(self, type): + return self._general_names.get_values_for_type(type) + + def __repr__(self): + return "<CertificateIssuer({0})>".format(self._general_names) + + def __eq__(self, other): + if not isinstance(other, CertificateIssuer): + return NotImplemented + + return self._general_names == other._general_names + + def __ne__(self, other): + return not self == other |