Merge pull request #1859 from reaperhulk/san-unsupported

SAN unsupported type
author: Alex Gaynor <alex.gaynor@gmail.com> 2015-04-22 15:32:54 -0400
committer: Alex Gaynor <alex.gaynor@gmail.com> 2015-04-22 15:32:54 -0400
commit: dbac0e9a074c7244ad2d25e11b4001eb49a791b4 (patch)
tree: 24b07b6643387f3a82ed5733ab8155e0612978ab /src
parent: e37ca984fcf093f4382eb3f19abf10b0862600da (diff)
parent: 0a621bf5da576d7aab394e5bdc342e2e8b1cbaa2 (diff)
download: cryptography-dbac0e9a074c7244ad2d25e11b4001eb49a791b4.tar.gz
cryptography-dbac0e9a074c7244ad2d25e11b4001eb49a791b4.tar.bz2
cryptography-dbac0e9a074c7244ad2d25e11b4001eb49a791b4.zip
2 files changed, 27 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py
index dcde5e73..cc4a92a6 100644
--- a/src/cryptography/hazmat/backends/openssl/x509.py
+++ b/src/cryptography/hazmat/backends/openssl/x509.py
@@ -63,6 +63,14 @@ def _build_general_name(backend, gn):
     if gn.type == backend._lib.GEN_DNS:
         data = backend._ffi.buffer(gn.d.dNSName.data, gn.d.dNSName.length)[:]
         return x509.DNSName(idna.decode(data))
+    else:
+        # otherName, x400Address or ediPartyName
+        raise x509.UnsupportedGeneralNameType(
+            "{0} is not a supported type".format(
+                x509._GENERAL_NAMES.get(gn.type, gn.type)
+            ),
+            gn.type
+        )
 
 
 @utils.register_interface(x509.Certificate)
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 898ab6c7..dd6ea926 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -70,6 +70,19 @@ _OID_NAMES = {
 }
 
 
+_GENERAL_NAMES = {
+    0: "otherName",
+    1: "rfc822Name",
+    2: "dNSName",
+    3: "x400Address",
+    4: "directoryName",
+    5: "ediPartyName",
+    6: "uniformResourceIdentifier",
+    7: "iPAddress",
+    8: "registeredID",
+}
+
+
 class Version(Enum):
     v1 = 0
     v3 = 2
@@ -115,6 +128,12 @@ class ExtensionNotFound(Exception):
         self.oid = oid
 
 
+class UnsupportedGeneralNameType(Exception):
+    def __init__(self, msg, type):
+        super(UnsupportedGeneralNameType, self).__init__(msg)
+        self.type = type
+
+
 class NameAttribute(object):
     def __init__(self, oid, value):
         if not isinstance(oid, ObjectIdentifier):
author	Alex Gaynor <alex.gaynor@gmail.com>	2015-04-22 15:32:54 -0400
committer	Alex Gaynor <alex.gaynor@gmail.com>	2015-04-22 15:32:54 -0400
commit	dbac0e9a074c7244ad2d25e11b4001eb49a791b4 (patch)
tree	24b07b6643387f3a82ed5733ab8155e0612978ab /src
parent	e37ca984fcf093f4382eb3f19abf10b0862600da (diff)
parent	0a621bf5da576d7aab394e5bdc342e2e8b1cbaa2 (diff)
download	cryptography-dbac0e9a074c7244ad2d25e11b4001eb49a791b4.tar.gz cryptography-dbac0e9a074c7244ad2d25e11b4001eb49a791b4.tar.bz2 cryptography-dbac0e9a074c7244ad2d25e11b4001eb49a791b4.zip