diff options
| -rw-r--r-- | docs/x509.rst | 7 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/x509.py | 3 | ||||
| -rw-r--r-- | src/cryptography/x509.py | 4 | ||||
| -rw-r--r-- | tests/test_x509_ext.py | 4 |
4 files changed, 15 insertions, 3 deletions
diff --git a/docs/x509.rst b/docs/x509.rst index 0ce90168..2e4a0efb 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -274,6 +274,9 @@ X.509 Certificate Object :raises cryptography.x509.UnsupportedExtension: If the certificate contains an extension that is not supported. + :raises cryptography.x509.UnsupportedGeneralNameType: If an extension + contains a general name that is not supported. + .. doctest:: >>> for ext in cert.extensions: @@ -969,6 +972,10 @@ Exceptions This is raised when a certificate contains an unsupported general name type in an extension. + .. attribute:: type + + :type: :term:`text` or int + .. _`public key infrastructure`: https://en.wikipedia.org/wiki/Public_key_infrastructure .. _`TLS`: https://en.wikipedia.org/wiki/Transport_Layer_Security diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py index affb79da..07e79fed 100644 --- a/src/cryptography/hazmat/backends/openssl/x509.py +++ b/src/cryptography/hazmat/backends/openssl/x509.py @@ -68,7 +68,8 @@ def _build_general_name(backend, gn): raise x509.UnsupportedGeneralNameType( "{0} is not a supported type".format( x509._GENERAL_NAMES.get(gn.type, gn.type) - ) + ), + x509._GENERAL_NAMES.get(gn.type, gn.type) ) diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py index 3dc066fa..dd6ea926 100644 --- a/src/cryptography/x509.py +++ b/src/cryptography/x509.py @@ -129,7 +129,9 @@ class ExtensionNotFound(Exception): class UnsupportedGeneralNameType(Exception): - pass + def __init__(self, msg, type): + super(UnsupportedGeneralNameType, self).__init__(msg) + self.type = type class NameAttribute(object): diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py index 5f175c4d..c17beba5 100644 --- a/tests/test_x509_ext.py +++ b/tests/test_x509_ext.py @@ -766,5 +766,7 @@ class TestRSASubjectAlternativeNameExtension(object): x509.load_pem_x509_certificate, backend ) - with pytest.raises(x509.UnsupportedGeneralNameType): + with pytest.raises(x509.UnsupportedGeneralNameType) as exc: cert.extensions + + assert exc.value.type == "otherName" |