separate full_name/relative_name and change reasons to an enumeration

author: Paul Kehrer <paul.l.kehrer@gmail.com> 2015-05-09 10:38:23 -0500
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2015-05-09 10:38:23 -0500
commit: 4e8dacd02ec4c4b8238e5ebdfcd5ab26348ec658 (patch)
tree: 5ea4ca72489bd85f20dd94b4c4135b19da5cf15d /src
parent: 5a48552b4b7fc4d108b6d45232769f111fe38896 (diff)
download: cryptography-4e8dacd02ec4c4b8238e5ebdfcd5ab26348ec658.tar.gz
cryptography-4e8dacd02ec4c4b8238e5ebdfcd5ab26348ec658.tar.bz2
cryptography-4e8dacd02ec4c4b8238e5ebdfcd5ab26348ec658.zip
1 files changed, 50 insertions, 74 deletions
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 671294e2..cee0cc39 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -513,20 +513,21 @@ class CRLDistributionPoints(object):
 
 
 class DistributionPoint(object):
-    def __init__(self, distribution_point, reasons, crl_issuer):
-        if distribution_point:
-            if (
-                (
-                    isinstance(distribution_point, list) and
-                    not all(
-                        isinstance(x, GeneralName) for x in distribution_point
-                    )
-                ) or not isinstance(distribution_point, (list, Name))
-            ):
-                raise TypeError(
-                    "distribution_point must be None, a list of general names"
-                    ", or a Name"
-                )
+    def __init__(self, full_name, relative_name, reasons, crl_issuer):
+        if full_name and relative_name:
+            raise ValueError(
+                "At least one of full_name and relative_name must be None"
+            )
+
+        if full_name and not all(
+            isinstance(x, GeneralName) for x in full_name
+        ):
+            raise TypeError(
+                "full_name must be a list of GeneralName objects"
+            )
+
+        if relative_name and not isinstance(relative_name, Name):
+            raise TypeError("relative_name must be a Name")
 
         if crl_issuer and not all(
             isinstance(x, GeneralName) for x in crl_issuer
@@ -535,23 +536,36 @@ class DistributionPoint(object):
                 "crl_issuer must be None or a list of general names"
             )
 
-        if reasons and not isinstance(reasons, ReasonFlags):
-            raise TypeError("reasons must be None or ReasonFlags")
+        if reasons and not all(
+            isinstance(x, ReasonFlags) for x in reasons
+        ):
+            raise TypeError("reasons must be None or list of ReasonFlags")
+
+        if reasons and (
+            ReasonFlags.unspecified in reasons or
+            ReasonFlags.remove_from_crl in reasons
+        ):
+            raise ValueError(
+                "unspecified and remove_from_crl are not valid reasons in a "
+                "DistributionPoint"
+            )
 
-        if reasons and not crl_issuer and not distribution_point:
+        if reasons and not crl_issuer and not (full_name or relative_name):
             raise ValueError(
-                "You must supply crl_issuer or distribution_point when "
+                "You must supply crl_issuer, full_name, or relative_name when "
                 "reasons is not None"
             )
 
-        self._distribution_point = distribution_point
+        self._full_name = full_name
+        self._relative_name = relative_name
         self._reasons = reasons
         self._crl_issuer = crl_issuer
 
     def __repr__(self):
         return (
-            "<DistributionPoint(distribution_point={0.distribution_point}, rea"
-            "sons={0.reasons}, crl_issuer={0.crl_issuer})>".format(self)
+            "<DistributionPoint(full_name={0.full_name}, relative_name={0.rela"
+            "tive_name}, reasons={0.reasons}, crl_issuer={0.crl_is"
+            "suer})>".format(self)
         )
 
     def __eq__(self, other):
@@ -559,7 +573,8 @@ class DistributionPoint(object):
             return NotImplemented
 
         return (
-            self.distribution_point == other.distribution_point and
+            self.full_name == other.full_name and
+            self.relative_name == other.relative_name and
             self.reasons == other.reasons and
             self.crl_issuer == other.crl_issuer
         )
@@ -567,62 +582,23 @@ class DistributionPoint(object):
     def __ne__(self, other):
         return not self == other
 
-    distribution_point = utils.read_only_property("_distribution_point")
+    full_name = utils.read_only_property("_full_name")
+    relative_name = utils.read_only_property("_relative_name")
     reasons = utils.read_only_property("_reasons")
     crl_issuer = utils.read_only_property("_crl_issuer")
 
 
-class ReasonFlags(object):
-    def __init__(self, key_compromise, ca_compromise, affiliation_changed,
-                 superseded, cessation_of_operation, certificate_hold,
-                 privilege_withdrawn, aa_compromise):
-        self._key_compromise = key_compromise
-        self._ca_compromise = ca_compromise
-        self._affiliation_changed = affiliation_changed
-        self._superseded = superseded
-        self._cessation_of_operation = cessation_of_operation
-        self._certificate_hold = certificate_hold
-        self._privilege_withdrawn = privilege_withdrawn
-        self._aa_compromise = aa_compromise
-
-    def __repr__(self):
-        return (
-            "<ReasonFlags(key_compromise={0.key_compromise}, ca_compromise"
-            "={0.ca_compromise}, affiliation_changed={0.affiliation_changed},"
-            "superseded={0.superseded}, cessation_of_operation={0.cessation_o"
-            "f_operation}, certificate_hold={0.certificate_hold}, privilege_w"
-            "ithdrawn={0.privilege_withdrawn}, aa_compromise={0.aa_compromise"
-            "})>".format(self)
-        )
-
-    def __eq__(self, other):
-        if not isinstance(other, ReasonFlags):
-            return NotImplemented
-
-        return (
-            self.key_compromise == other.key_compromise and
-            self.ca_compromise == other.ca_compromise and
-            self.affiliation_changed == other.affiliation_changed and
-            self.superseded == other.superseded and
-            self.cessation_of_operation == other.cessation_of_operation and
-            self.certificate_hold == other.certificate_hold and
-            self.privilege_withdrawn == other.privilege_withdrawn and
-            self.aa_compromise == other.aa_compromise
-        )
-
-    def __ne__(self, other):
-        return not self == other
-
-    key_compromise = utils.read_only_property("_key_compromise")
-    ca_compromise = utils.read_only_property("_ca_compromise")
-    affiliation_changed = utils.read_only_property("_affiliation_changed")
-    superseded = utils.read_only_property("_superseded")
-    cessation_of_operation = utils.read_only_property(
-        "_cessation_of_operation"
-    )
-    certificate_hold = utils.read_only_property("_certificate_hold")
-    privilege_withdrawn = utils.read_only_property("_privilege_withdrawn")
-    aa_compromise = utils.read_only_property("_aa_compromise")
+class ReasonFlags(Enum):
+    unspecified = "unspecified"
+    key_compromise = "keyCompromise"
+    ca_compromise = "cACompromise"
+    affiliation_changed = "affiliationChanged"
+    superseded = "superseded"
+    cessation_of_operation = "cessationOfOperation"
+    certificate_hold = "certificateHold"
+    privilege_withdrawn = "privilegeWithdrawn"
+    aa_compromise = "aACompromise"
+    remove_from_crl = "removeFromCRL"
 
 
 @six.add_metaclass(abc.ABCMeta)
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2015-05-09 10:38:23 -0500
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2015-05-09 10:38:23 -0500
commit	4e8dacd02ec4c4b8238e5ebdfcd5ab26348ec658 (patch)
tree	5ea4ca72489bd85f20dd94b4c4135b19da5cf15d /src
parent	5a48552b4b7fc4d108b6d45232769f111fe38896 (diff)
download	cryptography-4e8dacd02ec4c4b8238e5ebdfcd5ab26348ec658.tar.gz cryptography-4e8dacd02ec4c4b8238e5ebdfcd5ab26348ec658.tar.bz2 cryptography-4e8dacd02ec4c4b8238e5ebdfcd5ab26348ec658.zip