diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-05-02 22:31:47 -0500 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-05-02 22:31:47 -0500 |
| commit | f506bca3d2bb449c3889cbbaba11749304e81563 (patch) | |
| tree | f3b9206790a07fe1ec7d0ef5eca6dc6fd7f529e6 | |
| parent | 3e6d558d1b845cf2df31efec08235b15998174d4 (diff) | |
| download | cryptography-f506bca3d2bb449c3889cbbaba11749304e81563.tar.gz cryptography-f506bca3d2bb449c3889cbbaba11749304e81563.tar.bz2 cryptography-f506bca3d2bb449c3889cbbaba11749304e81563.zip | |
updates based on review feedback
| -rw-r--r-- | docs/x509.rst | 9 | ||||
| -rw-r--r-- | src/cryptography/x509.py | 6 | ||||
| -rw-r--r-- | tests/test_x509_ext.py | 2 |
3 files changed, 13 insertions, 4 deletions
diff --git a/docs/x509.rst b/docs/x509.rst index f66178ab..42468626 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -736,12 +736,19 @@ X.509 Extensions :type: :class:`ObjectIdentifier` - Either :data:`OID_OCSP` or :data:`OID_CA_ISSUERS` + The access method defines what the ``access_location`` means. It must + be either :data:`OID_OCSP` or :data:`OID_CA_ISSUERS`. If it is + :data:`OID_OCSP` the access location will be where to obtain OCSP + information for the certificate. If it is :data:`OID_CA_ISSUERS` the + access location will provide additional information about the issuing + certificate. .. attribute:: access_location :type: :class:`GeneralName` + Where to access the information defined by the access method. + Object Identifiers ~~~~~~~~~~~~~~~~~~ diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py index 2bbd14d7..27337092 100644 --- a/src/cryptography/x509.py +++ b/src/cryptography/x509.py @@ -67,8 +67,8 @@ _OID_NAMES = { "1.3.6.1.5.5.7.1.1": "authorityInfoAccess", "1.3.6.1.5.5.7.1.11": "subjectInfoAccess", "1.3.6.1.5.5.7.48.1.5": "OCSPNoCheck", - "1.3.6.1.5.5.7.48.2": "caIssuers", "1.3.6.1.5.5.7.48.1": "OCSP", + "1.3.6.1.5.5.7.48.2": "caIssuers", } @@ -428,7 +428,9 @@ class AuthorityInformationAccess(object): class AccessDescription(object): def __init__(self, access_method, access_location): if not (access_method == OID_OCSP or access_method == OID_CA_ISSUERS): - raise TypeError("access_method must be OID_OCSP or OID_CA_ISSUERS") + raise ValueError( + "access_method must be OID_OCSP or OID_CA_ISSUERS" + ) if not isinstance(access_location, GeneralName): raise TypeError("access_location must be a GeneralName") diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py index 711b6b7e..0e5cab50 100644 --- a/tests/test_x509_ext.py +++ b/tests/test_x509_ext.py @@ -992,7 +992,7 @@ class TestExtendedKeyUsageExtension(object): class TestAccessDescription(object): def test_invalid_access_method(self): - with pytest.raises(TypeError): + with pytest.raises(ValueError): x509.AccessDescription("notanoid", x509.DNSName(u"test")) def test_invalid_access_location(self): |