namespace OID extensions

author: Paul Kehrer <paul.l.kehrer@gmail.com> 2015-08-09 21:16:02 -0500
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2015-08-09 21:16:35 -0500
commit: c315c8962de7df03bd34e68edb6280f6e1b10e76 (patch)
tree: 14408a547b518fabc51aa4902fbed21a5c4a3c9f /src
parent: 40dbbea859a5e95c67d28bd5337c5104ebb29160 (diff)
download: cryptography-c315c8962de7df03bd34e68edb6280f6e1b10e76.tar.gz
cryptography-c315c8962de7df03bd34e68edb6280f6e1b10e76.tar.bz2
cryptography-c315c8962de7df03bd34e68edb6280f6e1b10e76.zip
3 files changed, 81 insertions, 87 deletions
diff --git a/src/cryptography/x509/__init__.py b/src/cryptography/x509/__init__.py
index 45923b31..c49ef91a 100644
--- a/src/cryptography/x509/__init__.py
+++ b/src/cryptography/x509/__init__.py
@@ -23,29 +23,44 @@ from cryptography.x509.base import (
 )
 from cryptography.x509.name import Name, NameAttribute
 from cryptography.x509.oid import (
-    OID_ANY_POLICY, OID_AUTHORITY_INFORMATION_ACCESS,
-    OID_AUTHORITY_KEY_IDENTIFIER, OID_BASIC_CONSTRAINTS, OID_CA_ISSUERS,
-    OID_CERTIFICATE_ISSUER, OID_CERTIFICATE_POLICIES, OID_CLIENT_AUTH,
+    ExtensionOID, OID_ANY_POLICY,
+    OID_CA_ISSUERS, OID_CERTIFICATE_ISSUER, OID_CLIENT_AUTH,
     OID_CODE_SIGNING, OID_COMMON_NAME, OID_COUNTRY_NAME, OID_CPS_QUALIFIER,
-    OID_CPS_USER_NOTICE, OID_CRL_DISTRIBUTION_POINTS, OID_CRL_REASON,
+    OID_CPS_USER_NOTICE, OID_CRL_REASON,
     OID_DN_QUALIFIER, OID_DOMAIN_COMPONENT, OID_DSA_WITH_SHA1,
     OID_DSA_WITH_SHA224, OID_DSA_WITH_SHA256, OID_ECDSA_WITH_SHA1,
     OID_ECDSA_WITH_SHA224, OID_ECDSA_WITH_SHA256, OID_ECDSA_WITH_SHA384,
     OID_ECDSA_WITH_SHA512, OID_EMAIL_ADDRESS, OID_EMAIL_PROTECTION,
-    OID_EXTENDED_KEY_USAGE, OID_FRESHEST_CRL, OID_GENERATION_QUALIFIER,
-    OID_GIVEN_NAME, OID_INHIBIT_ANY_POLICY, OID_INVALIDITY_DATE,
-    OID_ISSUER_ALTERNATIVE_NAME, OID_KEY_USAGE, OID_LOCALITY_NAME,
-    OID_NAME_CONSTRAINTS, OID_OCSP, OID_OCSP_NO_CHECK, OID_OCSP_SIGNING,
+    OID_GENERATION_QUALIFIER, OID_GIVEN_NAME, OID_INVALIDITY_DATE,
+    OID_LOCALITY_NAME, OID_OCSP, OID_OCSP_SIGNING,
     OID_ORGANIZATIONAL_UNIT_NAME, OID_ORGANIZATION_NAME,
-    OID_POLICY_CONSTRAINTS, OID_POLICY_MAPPINGS, OID_PSEUDONYM,
-    OID_RSA_WITH_MD5, OID_RSA_WITH_SHA1, OID_RSA_WITH_SHA224,
+    OID_PSEUDONYM, OID_RSA_WITH_MD5, OID_RSA_WITH_SHA1, OID_RSA_WITH_SHA224,
     OID_RSA_WITH_SHA256, OID_RSA_WITH_SHA384, OID_RSA_WITH_SHA512,
     OID_SERIAL_NUMBER, OID_SERVER_AUTH, OID_STATE_OR_PROVINCE_NAME,
-    OID_SUBJECT_ALTERNATIVE_NAME, OID_SUBJECT_DIRECTORY_ATTRIBUTES,
-    OID_SUBJECT_INFORMATION_ACCESS, OID_SUBJECT_KEY_IDENTIFIER, OID_SURNAME,
-    OID_TIME_STAMPING, OID_TITLE, _SIG_OIDS_TO_HASH
+    OID_SURNAME, OID_TIME_STAMPING, OID_TITLE, _SIG_OIDS_TO_HASH
 )
 
+
+OID_AUTHORITY_INFORMATION_ACCESS = ExtensionOID.AUTHORITY_INFORMATION_ACCESS
+OID_AUTHORITY_KEY_IDENTIFIER = ExtensionOID.AUTHORITY_KEY_IDENTIFIER
+OID_BASIC_CONSTRAINTS = ExtensionOID.BASIC_CONSTRAINTS
+OID_CERTIFICATE_POLICIES = ExtensionOID.CERTIFICATE_POLICIES
+OID_CRL_DISTRIBUTION_POINTS = ExtensionOID.CRL_DISTRIBUTION_POINTS
+OID_EXTENDED_KEY_USAGE = ExtensionOID.EXTENDED_KEY_USAGE
+OID_FRESHEST_CRL = ExtensionOID.FRESHEST_CRL
+OID_INHIBIT_ANY_POLICY = ExtensionOID.INHIBIT_ANY_POLICY
+OID_ISSUER_ALTERNATIVE_NAME = ExtensionOID.ISSUER_ALTERNATIVE_NAME
+OID_KEY_USAGE = ExtensionOID.KEY_USAGE
+OID_NAME_CONSTRAINTS = ExtensionOID.NAME_CONSTRAINTS
+OID_OCSP_NO_CHECK = ExtensionOID.OCSP_NO_CHECK
+OID_POLICY_CONSTRAINTS = ExtensionOID.POLICY_CONSTRAINTS
+OID_POLICY_MAPPINGS = ExtensionOID.POLICY_MAPPINGS
+OID_SUBJECT_ALTERNATIVE_NAME = ExtensionOID.SUBJECT_ALTERNATIVE_NAME
+OID_SUBJECT_DIRECTORY_ATTRIBUTES = ExtensionOID.SUBJECT_DIRECTORY_ATTRIBUTES
+OID_SUBJECT_INFORMATION_ACCESS = ExtensionOID.SUBJECT_INFORMATION_ACCESS
+OID_SUBJECT_KEY_IDENTIFIER = ExtensionOID.SUBJECT_KEY_IDENTIFIER
+
+
 __all__ = [
     "load_pem_x509_certificate",
     "load_der_x509_certificate",
@@ -97,27 +112,9 @@ __all__ = [
     "CertificateSigningRequestBuilder",
     "CertificateBuilder",
     "Version",
-    "OID_SUBJECT_DIRECTORY_ATTRIBUTES",
-    "OID_SUBJECT_KEY_IDENTIFIER",
-    "OID_KEY_USAGE",
-    "OID_SUBJECT_ALTERNATIVE_NAME",
-    "OID_ISSUER_ALTERNATIVE_NAME",
-    "OID_BASIC_CONSTRAINTS",
     "OID_CRL_REASON",
     "OID_INVALIDITY_DATE",
     "OID_CERTIFICATE_ISSUER",
-    "OID_NAME_CONSTRAINTS",
-    "OID_CRL_DISTRIBUTION_POINTS",
-    "OID_CERTIFICATE_POLICIES",
-    "OID_POLICY_MAPPINGS",
-    "OID_AUTHORITY_KEY_IDENTIFIER",
-    "OID_POLICY_CONSTRAINTS",
-    "OID_EXTENDED_KEY_USAGE",
-    "OID_FRESHEST_CRL",
-    "OID_INHIBIT_ANY_POLICY",
-    "OID_AUTHORITY_INFORMATION_ACCESS",
-    "OID_SUBJECT_INFORMATION_ACCESS",
-    "OID_OCSP_NO_CHECK",
     "OID_COMMON_NAME",
     "OID_COUNTRY_NAME",
     "OID_LOCALITY_NAME",
diff --git a/src/cryptography/x509/base.py b/src/cryptography/x509/base.py
index 29e6e878..78a3edbb 100644
--- a/src/cryptography/x509/base.py
+++ b/src/cryptography/x509/base.py
@@ -25,13 +25,7 @@ from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric import dsa, ec, rsa
 from cryptography.x509.name import Name
 from cryptography.x509.oid import (
-    OID_AUTHORITY_INFORMATION_ACCESS,
-    OID_AUTHORITY_KEY_IDENTIFIER, OID_BASIC_CONSTRAINTS,
-    OID_CA_ISSUERS, OID_CERTIFICATE_POLICIES, OID_CRL_DISTRIBUTION_POINTS,
-    OID_EXTENDED_KEY_USAGE, OID_INHIBIT_ANY_POLICY,
-    OID_ISSUER_ALTERNATIVE_NAME, OID_KEY_USAGE, OID_NAME_CONSTRAINTS,
-    OID_OCSP, OID_OCSP_NO_CHECK, OID_SUBJECT_ALTERNATIVE_NAME,
-    OID_SUBJECT_KEY_IDENTIFIER, ObjectIdentifier
+    ExtensionOID, OID_CA_ISSUERS, OID_OCSP, ObjectIdentifier
 )
 
 
@@ -194,7 +188,7 @@ class ExtensionType(object):
 
 @utils.register_interface(ExtensionType)
 class ExtendedKeyUsage(object):
-    oid = OID_EXTENDED_KEY_USAGE
+    oid = ExtensionOID.EXTENDED_KEY_USAGE
 
     def __init__(self, usages):
         if not all(isinstance(x, ObjectIdentifier) for x in usages):
@@ -225,12 +219,12 @@ class ExtendedKeyUsage(object):
 
 @utils.register_interface(ExtensionType)
 class OCSPNoCheck(object):
-    oid = OID_OCSP_NO_CHECK
+    oid = ExtensionOID.OCSP_NO_CHECK
 
 
 @utils.register_interface(ExtensionType)
 class BasicConstraints(object):
-    oid = OID_BASIC_CONSTRAINTS
+    oid = ExtensionOID.BASIC_CONSTRAINTS
 
     def __init__(self, ca, path_length):
         if not isinstance(ca, bool):
@@ -269,7 +263,7 @@ class BasicConstraints(object):
 
 @utils.register_interface(ExtensionType)
 class KeyUsage(object):
-    oid = OID_KEY_USAGE
+    oid = ExtensionOID.KEY_USAGE
 
     def __init__(self, digital_signature, content_commitment, key_encipherment,
                  data_encipherment, key_agreement, key_cert_sign, crl_sign,
@@ -355,7 +349,7 @@ class KeyUsage(object):
 
 @utils.register_interface(ExtensionType)
 class AuthorityInformationAccess(object):
-    oid = OID_AUTHORITY_INFORMATION_ACCESS
+    oid = ExtensionOID.AUTHORITY_INFORMATION_ACCESS
 
     def __init__(self, descriptions):
         if not all(isinstance(x, AccessDescription) for x in descriptions):
@@ -422,7 +416,7 @@ class AccessDescription(object):
 
 @utils.register_interface(ExtensionType)
 class CertificatePolicies(object):
-    oid = OID_CERTIFICATE_POLICIES
+    oid = ExtensionOID.CERTIFICATE_POLICIES
 
     def __init__(self, policies):
         if not all(isinstance(x, PolicyInformation) for x in policies):
@@ -562,7 +556,7 @@ class NoticeReference(object):
 
 @utils.register_interface(ExtensionType)
 class SubjectKeyIdentifier(object):
-    oid = OID_SUBJECT_KEY_IDENTIFIER
+    oid = ExtensionOID.SUBJECT_KEY_IDENTIFIER
 
     def __init__(self, digest):
         self._digest = digest
@@ -590,7 +584,7 @@ class SubjectKeyIdentifier(object):
 
 @utils.register_interface(ExtensionType)
 class NameConstraints(object):
-    oid = OID_NAME_CONSTRAINTS
+    oid = ExtensionOID.NAME_CONSTRAINTS
 
     def __init__(self, permitted_subtrees, excluded_subtrees):
         if permitted_subtrees is not None:
@@ -657,7 +651,7 @@ class NameConstraints(object):
 
 @utils.register_interface(ExtensionType)
 class CRLDistributionPoints(object):
-    oid = OID_CRL_DISTRIBUTION_POINTS
+    oid = ExtensionOID.CRL_DISTRIBUTION_POINTS
 
     def __init__(self, distribution_points):
         if not all(
@@ -781,7 +775,7 @@ class ReasonFlags(Enum):
 
 @utils.register_interface(ExtensionType)
 class InhibitAnyPolicy(object):
-    oid = OID_INHIBIT_ANY_POLICY
+    oid = ExtensionOID.INHIBIT_ANY_POLICY
 
     def __init__(self, skip_certs):
         if not isinstance(skip_certs, six.integer_types):
@@ -1074,7 +1068,7 @@ class GeneralNames(object):
 
 @utils.register_interface(ExtensionType)
 class SubjectAlternativeName(object):
-    oid = OID_SUBJECT_ALTERNATIVE_NAME
+    oid = ExtensionOID.SUBJECT_ALTERNATIVE_NAME
 
     def __init__(self, general_names):
         self._general_names = GeneralNames(general_names)
@@ -1103,7 +1097,7 @@ class SubjectAlternativeName(object):
 
 @utils.register_interface(ExtensionType)
 class IssuerAlternativeName(object):
-    oid = OID_ISSUER_ALTERNATIVE_NAME
+    oid = ExtensionOID.ISSUER_ALTERNATIVE_NAME
 
     def __init__(self, general_names):
         self._general_names = GeneralNames(general_names)
@@ -1132,7 +1126,7 @@ class IssuerAlternativeName(object):
 
 @utils.register_interface(ExtensionType)
 class AuthorityKeyIdentifier(object):
-    oid = OID_AUTHORITY_KEY_IDENTIFIER
+    oid = ExtensionOID.AUTHORITY_KEY_IDENTIFIER
 
     def __init__(self, key_identifier, authority_cert_issuer,
                  authority_cert_serial_number):
diff --git a/src/cryptography/x509/oid.py b/src/cryptography/x509/oid.py
index a3cc065e..57cf3c24 100644
--- a/src/cryptography/x509/oid.py
+++ b/src/cryptography/x509/oid.py
@@ -33,27 +33,30 @@ class ObjectIdentifier(object):
     dotted_string = utils.read_only_property("_dotted_string")
 
 
-OID_SUBJECT_DIRECTORY_ATTRIBUTES = ObjectIdentifier("2.5.29.9")
-OID_SUBJECT_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.14")
-OID_KEY_USAGE = ObjectIdentifier("2.5.29.15")
-OID_SUBJECT_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.17")
-OID_ISSUER_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.18")
-OID_BASIC_CONSTRAINTS = ObjectIdentifier("2.5.29.19")
+class ExtensionOID(object):
+    SUBJECT_DIRECTORY_ATTRIBUTES = ObjectIdentifier("2.5.29.9")
+    SUBJECT_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.14")
+    KEY_USAGE = ObjectIdentifier("2.5.29.15")
+    SUBJECT_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.17")
+    ISSUER_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.18")
+    BASIC_CONSTRAINTS = ObjectIdentifier("2.5.29.19")
+    NAME_CONSTRAINTS = ObjectIdentifier("2.5.29.30")
+    CRL_DISTRIBUTION_POINTS = ObjectIdentifier("2.5.29.31")
+    CERTIFICATE_POLICIES = ObjectIdentifier("2.5.29.32")
+    POLICY_MAPPINGS = ObjectIdentifier("2.5.29.33")
+    AUTHORITY_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.35")
+    POLICY_CONSTRAINTS = ObjectIdentifier("2.5.29.36")
+    EXTENDED_KEY_USAGE = ObjectIdentifier("2.5.29.37")
+    FRESHEST_CRL = ObjectIdentifier("2.5.29.46")
+    INHIBIT_ANY_POLICY = ObjectIdentifier("2.5.29.54")
+    AUTHORITY_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.1")
+    SUBJECT_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.11")
+    OCSP_NO_CHECK = ObjectIdentifier("1.3.6.1.5.5.7.48.1.5")
+
+
 OID_CRL_REASON = ObjectIdentifier("2.5.29.21")
 OID_INVALIDITY_DATE = ObjectIdentifier("2.5.29.24")
 OID_CERTIFICATE_ISSUER = ObjectIdentifier("2.5.29.29")
-OID_NAME_CONSTRAINTS = ObjectIdentifier("2.5.29.30")
-OID_CRL_DISTRIBUTION_POINTS = ObjectIdentifier("2.5.29.31")
-OID_CERTIFICATE_POLICIES = ObjectIdentifier("2.5.29.32")
-OID_POLICY_MAPPINGS = ObjectIdentifier("2.5.29.33")
-OID_AUTHORITY_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.35")
-OID_POLICY_CONSTRAINTS = ObjectIdentifier("2.5.29.36")
-OID_EXTENDED_KEY_USAGE = ObjectIdentifier("2.5.29.37")
-OID_FRESHEST_CRL = ObjectIdentifier("2.5.29.46")
-OID_INHIBIT_ANY_POLICY = ObjectIdentifier("2.5.29.54")
-OID_AUTHORITY_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.1")
-OID_SUBJECT_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.11")
-OID_OCSP_NO_CHECK = ObjectIdentifier("1.3.6.1.5.5.7.48.1.5")
 
 OID_COMMON_NAME = ObjectIdentifier("2.5.4.3")
 OID_COUNTRY_NAME = ObjectIdentifier("2.5.4.6")
@@ -153,27 +156,27 @@ _OID_NAMES = {
     OID_EMAIL_PROTECTION: "emailProtection",
     OID_TIME_STAMPING: "timeStamping",
     OID_OCSP_SIGNING: "OCSPSigning",
-    OID_SUBJECT_DIRECTORY_ATTRIBUTES: "subjectDirectoryAttributes",
-    OID_SUBJECT_KEY_IDENTIFIER: "subjectKeyIdentifier",
-    OID_KEY_USAGE: "keyUsage",
-    OID_SUBJECT_ALTERNATIVE_NAME: "subjectAltName",
-    OID_ISSUER_ALTERNATIVE_NAME: "issuerAltName",
-    OID_BASIC_CONSTRAINTS: "basicConstraints",
+    ExtensionOID.SUBJECT_DIRECTORY_ATTRIBUTES: "subjectDirectoryAttributes",
+    ExtensionOID.SUBJECT_KEY_IDENTIFIER: "subjectKeyIdentifier",
+    ExtensionOID.KEY_USAGE: "keyUsage",
+    ExtensionOID.SUBJECT_ALTERNATIVE_NAME: "subjectAltName",
+    ExtensionOID.ISSUER_ALTERNATIVE_NAME: "issuerAltName",
+    ExtensionOID.BASIC_CONSTRAINTS: "basicConstraints",
     OID_CRL_REASON: "cRLReason",
     OID_INVALIDITY_DATE: "invalidityDate",
     OID_CERTIFICATE_ISSUER: "certificateIssuer",
-    OID_NAME_CONSTRAINTS: "nameConstraints",
-    OID_CRL_DISTRIBUTION_POINTS: "cRLDistributionPoints",
-    OID_CERTIFICATE_POLICIES: "certificatePolicies",
-    OID_POLICY_MAPPINGS: "policyMappings",
-    OID_AUTHORITY_KEY_IDENTIFIER: "authorityKeyIdentifier",
-    OID_POLICY_CONSTRAINTS: "policyConstraints",
-    OID_EXTENDED_KEY_USAGE: "extendedKeyUsage",
-    OID_FRESHEST_CRL: "freshestCRL",
-    OID_INHIBIT_ANY_POLICY: "inhibitAnyPolicy",
-    OID_AUTHORITY_INFORMATION_ACCESS: "authorityInfoAccess",
-    OID_SUBJECT_INFORMATION_ACCESS: "subjectInfoAccess",
-    OID_OCSP_NO_CHECK: "OCSPNoCheck",
+    ExtensionOID.NAME_CONSTRAINTS: "nameConstraints",
+    ExtensionOID.CRL_DISTRIBUTION_POINTS: "cRLDistributionPoints",
+    ExtensionOID.CERTIFICATE_POLICIES: "certificatePolicies",
+    ExtensionOID.POLICY_MAPPINGS: "policyMappings",
+    ExtensionOID.AUTHORITY_KEY_IDENTIFIER: "authorityKeyIdentifier",
+    ExtensionOID.POLICY_CONSTRAINTS: "policyConstraints",
+    ExtensionOID.EXTENDED_KEY_USAGE: "extendedKeyUsage",
+    ExtensionOID.FRESHEST_CRL: "freshestCRL",
+    ExtensionOID.INHIBIT_ANY_POLICY: "inhibitAnyPolicy",
+    ExtensionOID.AUTHORITY_INFORMATION_ACCESS: "authorityInfoAccess",
+    ExtensionOID.SUBJECT_INFORMATION_ACCESS: "subjectInfoAccess",
+    ExtensionOID.OCSP_NO_CHECK: "OCSPNoCheck",
     OID_OCSP: "OCSP",
     OID_CA_ISSUERS: "caIssuers",
     OID_CPS_QUALIFIER: "id-qt-cps",
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2015-08-09 21:16:02 -0500
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2015-08-09 21:16:35 -0500
commit	c315c8962de7df03bd34e68edb6280f6e1b10e76 (patch)
tree	14408a547b518fabc51aa4902fbed21a5c4a3c9f /src
parent	40dbbea859a5e95c67d28bd5337c5104ebb29160 (diff)
download	cryptography-c315c8962de7df03bd34e68edb6280f6e1b10e76.tar.gz cryptography-c315c8962de7df03bd34e68edb6280f6e1b10e76.tar.bz2 cryptography-c315c8962de7df03bd34e68edb6280f6e1b10e76.zip