From 9089c91294497aaff3e5204b73365ba687c6ab7e Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 20 Apr 2015 22:15:20 -0500 Subject: handle otherName, x400Address, and ediPartyName in OpenSSL backend --- src/cryptography/hazmat/backends/openssl/x509.py | 7 +++++++ src/cryptography/x509.py | 17 +++++++++++++++++ 2 files changed, 24 insertions(+) (limited to 'src') diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py index dcde5e73..affb79da 100644 --- a/src/cryptography/hazmat/backends/openssl/x509.py +++ b/src/cryptography/hazmat/backends/openssl/x509.py @@ -63,6 +63,13 @@ def _build_general_name(backend, gn): if gn.type == backend._lib.GEN_DNS: data = backend._ffi.buffer(gn.d.dNSName.data, gn.d.dNSName.length)[:] return x509.DNSName(idna.decode(data)) + else: + # otherName, x400Address or ediPartyName + raise x509.UnsupportedGeneralNameType( + "{0} is not a supported type".format( + x509._GENERAL_NAMES.get(gn.type, gn.type) + ) + ) @utils.register_interface(x509.Certificate) diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py index 898ab6c7..3dc066fa 100644 --- a/src/cryptography/x509.py +++ b/src/cryptography/x509.py @@ -70,6 +70,19 @@ _OID_NAMES = { } +_GENERAL_NAMES = { + 0: "otherName", + 1: "rfc822Name", + 2: "dNSName", + 3: "x400Address", + 4: "directoryName", + 5: "ediPartyName", + 6: "uniformResourceIdentifier", + 7: "iPAddress", + 8: "registeredID", +} + + class Version(Enum): v1 = 0 v3 = 2 @@ -115,6 +128,10 @@ class ExtensionNotFound(Exception): self.oid = oid +class UnsupportedGeneralNameType(Exception): + pass + + class NameAttribute(object): def __init__(self, oid, value): if not isinstance(oid, ObjectIdentifier): -- cgit v1.2.3 From bed07357a90237ee92cedba788066f87a63e34b6 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 21 Apr 2015 08:31:10 -0500 Subject: update exception to contain detail --- src/cryptography/hazmat/backends/openssl/x509.py | 3 ++- src/cryptography/x509.py | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py index affb79da..07e79fed 100644 --- a/src/cryptography/hazmat/backends/openssl/x509.py +++ b/src/cryptography/hazmat/backends/openssl/x509.py @@ -68,7 +68,8 @@ def _build_general_name(backend, gn): raise x509.UnsupportedGeneralNameType( "{0} is not a supported type".format( x509._GENERAL_NAMES.get(gn.type, gn.type) - ) + ), + x509._GENERAL_NAMES.get(gn.type, gn.type) ) diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py index 3dc066fa..dd6ea926 100644 --- a/src/cryptography/x509.py +++ b/src/cryptography/x509.py @@ -129,7 +129,9 @@ class ExtensionNotFound(Exception): class UnsupportedGeneralNameType(Exception): - pass + def __init__(self, msg, type): + super(UnsupportedGeneralNameType, self).__init__(msg) + self.type = type class NameAttribute(object): -- cgit v1.2.3 From 0a621bf5da576d7aab394e5bdc342e2e8b1cbaa2 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 22 Apr 2015 09:22:56 -0500 Subject: return only an int for unsupported general name type, update docs --- src/cryptography/hazmat/backends/openssl/x509.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py index 07e79fed..cc4a92a6 100644 --- a/src/cryptography/hazmat/backends/openssl/x509.py +++ b/src/cryptography/hazmat/backends/openssl/x509.py @@ -69,7 +69,7 @@ def _build_general_name(backend, gn): "{0} is not a supported type".format( x509._GENERAL_NAMES.get(gn.type, gn.type) ), - x509._GENERAL_NAMES.get(gn.type, gn.type) + gn.type ) -- cgit v1.2.3