diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-12-18 10:25:59 -0600 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-12-18 10:25:59 -0600 |
commit | 22192569968f553ea686379a8c874311af592699 (patch) | |
tree | c95d7a5bb9f87cdee809e9ddb9c10e7581fb284e /src | |
parent | 89f386a76998223f6ade27a7336c610cd1308163 (diff) | |
parent | 241c390d5622be832b034141a634eeac38e325fb (diff) | |
download | cryptography-22192569968f553ea686379a8c874311af592699.tar.gz cryptography-22192569968f553ea686379a8c874311af592699.tar.bz2 cryptography-22192569968f553ea686379a8c874311af592699.zip |
Merge pull request #2530 from nbastin/20151214-oid-val
OID validation
Diffstat (limited to 'src')
-rw-r--r-- | src/cryptography/x509/oid.py | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/src/cryptography/x509/oid.py b/src/cryptography/x509/oid.py index ead40169..27fab86b 100644 --- a/src/cryptography/x509/oid.py +++ b/src/cryptography/x509/oid.py @@ -12,6 +12,35 @@ class ObjectIdentifier(object): def __init__(self, dotted_string): self._dotted_string = dotted_string + nodes = self._dotted_string.split(".") + intnodes = [] + + # There must be at least 2 nodes, the first node must be 0..2, and + # if less than 2, the second node cannot have a value outside the + # range 0..39. All nodes must be integers. + for node in nodes: + try: + intnodes.append(int(node, 0)) + except ValueError: + raise ValueError( + "Malformed OID: %s (non-integer nodes)" % ( + self._dotted_string)) + + if len(nodes) < 2: + raise ValueError( + "Malformed OID: %s (insufficient number of nodes)" % ( + self._dotted_string)) + + if intnodes[0] > 2: + raise ValueError( + "Malformed OID: %s (first node outside valid range)" % ( + self._dotted_string)) + + if intnodes[0] < 2 and intnodes[1] >= 40: + raise ValueError( + "Malformed OID: %s (second node outside valid range)" % ( + self._dotted_string)) + def __eq__(self, other): if not isinstance(other, ObjectIdentifier): return NotImplemented |