diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2015-04-28 17:35:08 -0400 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2015-04-28 17:35:08 -0400 |
commit | 813c3280a47dfb163367cc12e7b85e6f301a7695 (patch) | |
tree | 40385fb33c3ecf0581c901bff694f39ca284a042 /src | |
parent | 9ef13b9e23396f56420ef2aa3334d8c8af50bc73 (diff) | |
parent | b8ef82e3f7aba8c1fce95a4f65bd655790ad1e45 (diff) | |
download | cryptography-813c3280a47dfb163367cc12e7b85e6f301a7695.tar.gz cryptography-813c3280a47dfb163367cc12e7b85e6f301a7695.tar.bz2 cryptography-813c3280a47dfb163367cc12e7b85e6f301a7695.zip |
Merge pull request #1862 from reaperhulk/san-uri
add URI general name support
Diffstat (limited to 'src')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/x509.py | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py index c21aeeb1..3a660d81 100644 --- a/src/cryptography/hazmat/backends/openssl/x509.py +++ b/src/cryptography/hazmat/backends/openssl/x509.py @@ -17,6 +17,10 @@ import datetime import idna +import six + +from six.moves import urllib_parse + from cryptography import utils, x509 from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.primitives import hashes @@ -63,6 +67,30 @@ def _build_general_name(backend, gn): if gn.type == backend._lib.GEN_DNS: data = backend._ffi.buffer(gn.d.dNSName.data, gn.d.dNSName.length)[:] return x509.DNSName(idna.decode(data)) + elif gn.type == backend._lib.GEN_URI: + data = backend._ffi.buffer( + gn.d.uniformResourceIdentifier.data, + gn.d.uniformResourceIdentifier.length + )[:].decode("ascii") + parsed = urllib_parse.urlparse(data) + hostname = idna.decode(parsed.hostname) + if parsed.port: + netloc = hostname + u":" + six.text_type(parsed.port) + else: + netloc = hostname + + # Note that building a URL in this fashion means it should be + # semantically indistinguishable from the original but is not + # guaranteed to be exactly the same. + uri = urllib_parse.urlunparse(( + parsed.scheme, + netloc, + parsed.path, + parsed.params, + parsed.query, + parsed.fragment + )) + return x509.UniformResourceIdentifier(uri) elif gn.type == backend._lib.GEN_RID: oid = _obj2txt(backend, gn.d.registeredID) return x509.RegisteredID(x509.ObjectIdentifier(oid)) |