diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-05-02 21:57:56 -0500 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-05-02 22:15:10 -0500 |
| commit | 3e6d558d1b845cf2df31efec08235b15998174d4 (patch) | |
| tree | ed7ae98d910e7d80cd2ebdebf6a04b7829806b2f /src | |
| parent | 04ee495f2b8c9d0d4f9d0a5462901feeeb7eba0c (diff) | |
| download | cryptography-3e6d558d1b845cf2df31efec08235b15998174d4.tar.gz cryptography-3e6d558d1b845cf2df31efec08235b15998174d4.tar.bz2 cryptography-3e6d558d1b845cf2df31efec08235b15998174d4.zip | |
add authority information access classes
Diffstat (limited to 'src')
| -rw-r--r-- | src/cryptography/x509.py | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py index a37e2d08..2bbd14d7 100644 --- a/src/cryptography/x509.py +++ b/src/cryptography/x509.py @@ -67,6 +67,8 @@ _OID_NAMES = { "1.3.6.1.5.5.7.1.1": "authorityInfoAccess", "1.3.6.1.5.5.7.1.11": "subjectInfoAccess", "1.3.6.1.5.5.7.48.1.5": "OCSPNoCheck", + "1.3.6.1.5.5.7.48.2": "caIssuers", + "1.3.6.1.5.5.7.48.1": "OCSP", } @@ -394,6 +396,68 @@ class KeyUsage(object): self, encipher_only, decipher_only) +class AuthorityInformationAccess(object): + def __init__(self, descriptions): + if not all(isinstance(x, AccessDescription) for x in descriptions): + raise TypeError( + "Every item in the descriptions list must be an " + "AccessDescription" + ) + + self._descriptions = descriptions + + def __iter__(self): + return iter(self._descriptions) + + def __len__(self): + return len(self._descriptions) + + def __repr__(self): + return "<AuthorityInformationAccess({0})>".format(self._descriptions) + + def __eq__(self, other): + if not isinstance(other, AuthorityInformationAccess): + return NotImplemented + + return self._descriptions == other._descriptions + + def __ne__(self, other): + return not self == other + + +class AccessDescription(object): + def __init__(self, access_method, access_location): + if not (access_method == OID_OCSP or access_method == OID_CA_ISSUERS): + raise TypeError("access_method must be OID_OCSP or OID_CA_ISSUERS") + + if not isinstance(access_location, GeneralName): + raise TypeError("access_location must be a GeneralName") + + self._access_method = access_method + self._access_location = access_location + + def __repr__(self): + return ( + "<AccessDescription(access_method={0.access_method}, access_locati" + "on={0.access_location})>".format(self) + ) + + def __eq__(self, other): + if not isinstance(other, AccessDescription): + return NotImplemented + + return ( + self.access_method == other.access_method and + self.access_location == other.access_location + ) + + def __ne__(self, other): + return not self == other + + access_method = utils.read_only_property("_access_method") + access_location = utils.read_only_property("_access_location") + + class SubjectKeyIdentifier(object): def __init__(self, digest): self._digest = digest @@ -680,6 +744,9 @@ OID_EMAIL_PROTECTION = ObjectIdentifier("1.3.6.1.5.5.7.3.4") OID_TIME_STAMPING = ObjectIdentifier("1.3.6.1.5.5.7.3.8") OID_OCSP_SIGNING = ObjectIdentifier("1.3.6.1.5.5.7.3.9") +OID_CA_ISSUERS = ObjectIdentifier("1.3.6.1.5.5.7.48.2") +OID_OCSP = ObjectIdentifier("1.3.6.1.5.5.7.48.1") + @six.add_metaclass(abc.ABCMeta) class Certificate(object): |