diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2015-03-23 21:49:25 -0500 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2015-03-23 21:49:25 -0500 |
commit | 8c8ee123cbe76fc7cdfca9c9313b16e11059b511 (patch) | |
tree | ff769206a473cd59c12979efc4530b7cf2c7e191 /src | |
parent | a1f968aec9fa396739fbe0280c60262a8fbb6675 (diff) | |
parent | 5553d576f3bc3f65b84de99a2561360f82fc110f (diff) | |
download | cryptography-8c8ee123cbe76fc7cdfca9c9313b16e11059b511.tar.gz cryptography-8c8ee123cbe76fc7cdfca9c9313b16e11059b511.tar.bz2 cryptography-8c8ee123cbe76fc7cdfca9c9313b16e11059b511.zip |
Merge pull request #1768 from reaperhulk/basic-constraints
basic constraints class & extensions interface
Diffstat (limited to 'src')
-rw-r--r-- | src/cryptography/x509.py | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py index 1d2a9489..1ad7028d 100644 --- a/src/cryptography/x509.py +++ b/src/cryptography/x509.py @@ -42,6 +42,7 @@ _OID_NAMES = { "1.2.840.10040.4.3": "dsa-with-sha1", "2.16.840.1.101.3.4.3.1": "dsa-with-sha224", "2.16.840.1.101.3.4.3.2": "dsa-with-sha256", + "2.5.29.19": "basicConstraints", } @@ -138,6 +139,59 @@ class Name(object): return len(self._attributes) +OID_BASIC_CONSTRAINTS = ObjectIdentifier("2.5.29.19") + + +class Extension(object): + def __init__(self, oid, critical, value): + if not isinstance(oid, ObjectIdentifier): + raise TypeError( + "oid argument must be an ObjectIdentifier instance." + ) + + if not isinstance(critical, bool): + raise TypeError("critical must be a boolean value") + + self._oid = oid + self._critical = critical + self._value = value + + oid = utils.read_only_property("_oid") + critical = utils.read_only_property("_critical") + value = utils.read_only_property("_value") + + def __repr__(self): + return ("<Extension(oid={0.oid}, critical={0.critical}, " + "value={0.value})>").format(self) + + +class BasicConstraints(object): + def __init__(self, ca, path_length): + if not isinstance(ca, bool): + raise TypeError("ca must be a boolean value") + + if path_length is not None and not ca: + raise ValueError("path_length must be None when ca is False") + + if ( + path_length is not None and + (not isinstance(path_length, six.integer_types) or path_length < 0) + ): + raise TypeError( + "path_length must be a non-negative integer or None" + ) + + self._ca = ca + self._path_length = path_length + + ca = utils.read_only_property("_ca") + path_length = utils.read_only_property("_path_length") + + def __repr__(self): + return ("<BasicConstraints(ca={0.ca}, " + "path_length={0.path_length})>").format(self) + + OID_COMMON_NAME = ObjectIdentifier("2.5.4.3") OID_COUNTRY_NAME = ObjectIdentifier("2.5.4.6") OID_LOCALITY_NAME = ObjectIdentifier("2.5.4.7") |