diff options
| author | Nick Bastin <nick.bastin@gmail.com> | 2015-12-14 12:26:24 -0800 |
|---|---|---|
| committer | Nick Bastin <nick.bastin@gmail.com> | 2015-12-14 12:26:24 -0800 |
| commit | 6721fb8dd70a2d392aa70b67b35e3c6efa34230b (patch) | |
| tree | b7bcfb34a4a4e579a57c1e55cc2c1d999928ed8e /src | |
| parent | 06042de08fb9ff549b9c9cb7244e7f27ff57eece (diff) | |
| download | cryptography-6721fb8dd70a2d392aa70b67b35e3c6efa34230b.tar.gz cryptography-6721fb8dd70a2d392aa70b67b35e3c6efa34230b.tar.bz2 cryptography-6721fb8dd70a2d392aa70b67b35e3c6efa34230b.zip | |
OID validation
Diffstat (limited to 'src')
| -rw-r--r-- | src/cryptography/x509/oid.py | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/src/cryptography/x509/oid.py b/src/cryptography/x509/oid.py index ead40169..ba77a8b8 100644 --- a/src/cryptography/x509/oid.py +++ b/src/cryptography/x509/oid.py @@ -12,6 +12,30 @@ class ObjectIdentifier(object): def __init__(self, dotted_string): self._dotted_string = dotted_string + nodes = self._dotted_string.split(".") + intnodes = [] + + # There must be at least 2 nodes, the first node must be 0..2, and + # if less than 2, the second node cannot have a value outside the + # range 0..39. All nodes must be integers. + for node in nodes: + try: + intnodes.append(int(node, 0)) + except ValueError: + raise ValueError( + "Malformed OID: %s (non-integer nodes)" % ( + self._dotted_string)) + + if intnodes[0] > 2: + raise ValueError( + "Malformed OID: %s (first node outside valid range)" % ( + self._dotted_string)) + + if intnodes[0] < 2 and intnodes[1] >= 40: + raise ValueError( + "Malformed OID: %s (second node outside valid range)" % ( + self._dotted_string)) + def __eq__(self, other): if not isinstance(other, ObjectIdentifier): return NotImplemented |