diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-10-30 10:23:30 +0800 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-10-29 22:23:30 -0400 |
| commit | 74ce48c5d00e4846740d248a65d35b874f15afe2 (patch) | |
| tree | 6926bba7f30e2d435dea5a86ec102130be084dd5 /src | |
| parent | d91401d4d38d7f738392a69df43b4fd8b8e6c6e8 (diff) | |
| download | cryptography-74ce48c5d00e4846740d248a65d35b874f15afe2.tar.gz cryptography-74ce48c5d00e4846740d248a65d35b874f15afe2.tar.bz2 cryptography-74ce48c5d00e4846740d248a65d35b874f15afe2.zip | |
Add eq/ne/hash to PrecertificateSignedCertificateTimestamps (#4534)
* Add eq/ne/hash to PrecertificateSignedCertificateTimestamps
This requires adding it to SignedCertificateTimestamps as well
* slightly more consistent
* right, these need to be conditional
* compare by signature
* don't use private API
Diffstat (limited to 'src')
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/x509.py | 20 | ||||
| -rw-r--r-- | src/cryptography/x509/extensions.py | 15 |
2 files changed, 35 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py index ad838b7f..ac1838c6 100644 --- a/src/cryptography/hazmat/backends/openssl/x509.py +++ b/src/cryptography/hazmat/backends/openssl/x509.py @@ -534,3 +534,23 @@ class _SignedCertificateTimestamp(object): # we only have precerts. assert entry_type == self._backend._lib.CT_LOG_ENTRY_TYPE_PRECERT return x509.certificate_transparency.LogEntryType.PRE_CERTIFICATE + + @property + def _signature(self): + ptrptr = self._backend._ffi.new("unsigned char **") + res = self._backend._lib.SCT_get0_signature(self._sct, ptrptr) + self._backend.openssl_assert(res > 0) + self._backend.openssl_assert(ptrptr[0] != self._backend._ffi.NULL) + return self._backend._ffi.buffer(ptrptr[0], res)[:] + + def __hash__(self): + return hash(self._signature) + + def __eq__(self, other): + if not isinstance(other, _SignedCertificateTimestamp): + return NotImplemented + + return self._signature == other._signature + + def __ne__(self, other): + return not self == other diff --git a/src/cryptography/x509/extensions.py b/src/cryptography/x509/extensions.py index b2d9908e..6301af5a 100644 --- a/src/cryptography/x509/extensions.py +++ b/src/cryptography/x509/extensions.py @@ -1402,6 +1402,21 @@ class PrecertificateSignedCertificateTimestamps(object): ) ) + def __hash__(self): + return hash(tuple(self._signed_certificate_timestamps)) + + def __eq__(self, other): + if not isinstance(other, PrecertificateSignedCertificateTimestamps): + return NotImplemented + + return ( + self._signed_certificate_timestamps == + other._signed_certificate_timestamps + ) + + def __ne__(self, other): + return not self == other + @utils.register_interface(ExtensionType) class OCSPNonce(object): |