From 3b54ce272df125430907f27c61c86d27531b7f33 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Mon, 3 Aug 2015 16:44:57 +0100
Subject: add support for AIA to CertificateBuilder and OpenSSL backend

---
 src/cryptography/hazmat/backends/openssl/backend.py | 8 +++++++-
 src/cryptography/x509.py                            | 4 ++++
 2 files changed, 11 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 7917402f..570782a2 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -210,7 +210,9 @@ def _encode_authority_information_access(backend, authority_info_access):
     )
     for access_description in authority_info_access:
         ad = backend._lib.ACCESS_DESCRIPTION_new()
-        method = _txt2obj(backend, access_description.access_method)
+        method = _txt2obj(
+            backend, access_description.access_method.dotted_string
+        )
         gn = _encode_general_name(backend, access_description.access_location)
         ad.method = method
         ad.location = gn
@@ -1163,6 +1165,10 @@ class Backend(object):
                 pp, r = _encode_basic_constraints(self, extension.value)
             elif isinstance(extension.value, x509.SubjectAlternativeName):
                 pp, r = _encode_subject_alt_name(self, extension.value)
+            elif isinstance(extension.value, x509.AuthorityInformationAccess):
+                pp, r = _encode_authority_information_access(
+                    self, extension.value
+                )
             else:
                 raise NotImplementedError('Extension not yet supported.')
 
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index f35582b0..6e27cdb7 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -1724,6 +1724,10 @@ class CertificateBuilder(object):
             extension = Extension(
                 OID_SUBJECT_ALTERNATIVE_NAME, critical, extension
             )
+        elif isinstance(extension, AuthorityInformationAccess):
+            extension = Extension(
+                OID_AUTHORITY_INFORMATION_ACCESS, critical, extension
+            )
         elif isinstance(extension, InhibitAnyPolicy):
             extension = Extension(OID_INHIBIT_ANY_POLICY, critical, extension)
         else:
-- 
cgit v1.2.3