diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2015-12-31 10:01:22 -0500 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2015-12-31 10:01:22 -0500 |
commit | e22309c15e6e3725463d4884a1867c2f3089346b (patch) | |
tree | 226cb5e478fc8838a95df27b0a2d31d6236ff805 /src | |
parent | 5660526e6baadb10a1969a32a2dda3bc14c78133 (diff) | |
parent | f5bc3eb17944d21ec4a72b9b6fd40fa1fa1b4394 (diff) | |
download | cryptography-e22309c15e6e3725463d4884a1867c2f3089346b.tar.gz cryptography-e22309c15e6e3725463d4884a1867c2f3089346b.tar.bz2 cryptography-e22309c15e6e3725463d4884a1867c2f3089346b.zip |
Merge pull request #2607 from reaperhulk/unrecognized-extension-support-redux
support unrecognized extensions in x509
Diffstat (limited to 'src')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/x509.py | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py index 293c6288..b8614e0b 100644 --- a/src/cryptography/hazmat/backends/openssl/x509.py +++ b/src/cryptography/hazmat/backends/openssl/x509.py @@ -213,6 +213,15 @@ class _X509ExtensionParser(object): "Critical extension {0} is not currently supported" .format(oid), oid ) + else: + # Dump the DER payload into an UnrecognizedExtension object + data = backend._lib.X509_EXTENSION_get_data(ext) + backend.openssl_assert(data != backend._ffi.NULL) + der = backend._ffi.buffer(data.data, data.length)[:] + unrecognized = x509.UnrecognizedExtension(oid, der) + extensions.append( + x509.Extension(oid, critical, unrecognized) + ) else: # For extensions which are not supported by OpenSSL we pass the # extension object directly to the parsing routine so it can |