handle otherName, x400Address, and ediPartyName in OpenSSL backend

author: Paul Kehrer <paul.l.kehrer@gmail.com> 2015-04-20 22:15:20 -0500
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2015-04-21 22:54:33 -0500
commit: 9089c91294497aaff3e5204b73365ba687c6ab7e (patch)
tree: e0dd71ca9767ba57de90d1e7cafed2c2d168a4b3 /src
parent: e37ca984fcf093f4382eb3f19abf10b0862600da (diff)
download: cryptography-9089c91294497aaff3e5204b73365ba687c6ab7e.tar.gz
cryptography-9089c91294497aaff3e5204b73365ba687c6ab7e.tar.bz2
cryptography-9089c91294497aaff3e5204b73365ba687c6ab7e.zip
2 files changed, 24 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py
index dcde5e73..affb79da 100644
--- a/src/cryptography/hazmat/backends/openssl/x509.py
+++ b/src/cryptography/hazmat/backends/openssl/x509.py
@@ -63,6 +63,13 @@ def _build_general_name(backend, gn):
     if gn.type == backend._lib.GEN_DNS:
         data = backend._ffi.buffer(gn.d.dNSName.data, gn.d.dNSName.length)[:]
         return x509.DNSName(idna.decode(data))
+    else:
+        # otherName, x400Address or ediPartyName
+        raise x509.UnsupportedGeneralNameType(
+            "{0} is not a supported type".format(
+                x509._GENERAL_NAMES.get(gn.type, gn.type)
+            )
+        )
 
 
 @utils.register_interface(x509.Certificate)
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 898ab6c7..3dc066fa 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -70,6 +70,19 @@ _OID_NAMES = {
 }
 
 
+_GENERAL_NAMES = {
+    0: "otherName",
+    1: "rfc822Name",
+    2: "dNSName",
+    3: "x400Address",
+    4: "directoryName",
+    5: "ediPartyName",
+    6: "uniformResourceIdentifier",
+    7: "iPAddress",
+    8: "registeredID",
+}
+
+
 class Version(Enum):
     v1 = 0
     v3 = 2
@@ -115,6 +128,10 @@ class ExtensionNotFound(Exception):
         self.oid = oid
 
 
+class UnsupportedGeneralNameType(Exception):
+    pass
+
+
 class NameAttribute(object):
     def __init__(self, oid, value):
         if not isinstance(oid, ObjectIdentifier):
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2015-04-20 22:15:20 -0500
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2015-04-21 22:54:33 -0500
commit	9089c91294497aaff3e5204b73365ba687c6ab7e (patch)
tree	e0dd71ca9767ba57de90d1e7cafed2c2d168a4b3 /src
parent	e37ca984fcf093f4382eb3f19abf10b0862600da (diff)
download	cryptography-9089c91294497aaff3e5204b73365ba687c6ab7e.tar.gz cryptography-9089c91294497aaff3e5204b73365ba687c6ab7e.tar.bz2 cryptography-9089c91294497aaff3e5204b73365ba687c6ab7e.zip