diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2015-08-08 23:46:38 -0400 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2015-08-08 23:46:38 -0400 |
commit | ba62a0ba66cdf7476dd741a0bf0f08cab518524c (patch) | |
tree | e8db8b3700443db0565d70ce170a1380cb92a9ff /src/cryptography/hazmat/backends/openssl/backend.py | |
parent | 57df4852891c509917bffca53dffad88a4e914ab (diff) | |
parent | aedeedb8ce32caedf68ae0bf0066a70175c9f694 (diff) | |
download | cryptography-ba62a0ba66cdf7476dd741a0bf0f08cab518524c.tar.gz cryptography-ba62a0ba66cdf7476dd741a0bf0f08cab518524c.tar.bz2 cryptography-ba62a0ba66cdf7476dd741a0bf0f08cab518524c.zip |
Merge pull request #2230 from reaperhulk/encode-iap
support InhibitAnyPolicy in CertificateBuilder
Diffstat (limited to 'src/cryptography/hazmat/backends/openssl/backend.py')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 6675f677..c583214d 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -102,6 +102,17 @@ def _encode_asn1_str_gc(backend, data, length): return s +def _encode_inhibit_any_policy(backend, inhibit_any_policy): + asn1int = _encode_asn1_int_gc(backend, inhibit_any_policy.skip_certs) + pp = backend._ffi.new('unsigned char **') + r = backend._lib.i2d_ASN1_INTEGER(asn1int, pp) + assert r > 0 + pp = backend._ffi.gc( + pp, lambda pointer: backend._lib.OPENSSL_free(pointer[0]) + ) + return pp, r + + def _encode_name(backend, attributes): """ The X509_NAME created will not be gc'd. Use _encode_name_gc if needed. @@ -1274,6 +1285,8 @@ class Backend(object): pp, r = _encode_authority_key_identifier(self, extension.value) elif isinstance(extension.value, x509.KeyUsage): pp, r = _encode_key_usage(self, extension.value) + elif isinstance(extension.value, x509.InhibitAnyPolicy): + pp, r = _encode_inhibit_any_policy(self, extension.value) elif isinstance(extension.value, x509.ExtendedKeyUsage): pp, r = _encode_extended_key_usage(self, extension.value) elif isinstance(extension.value, x509.SubjectAlternativeName): |