当前位置: 首页>>代码示例>>Python>>正文


Python x509.CRLDistributionPoints方法代码示例

本文整理汇总了Python中cryptography.x509.CRLDistributionPoints方法的典型用法代码示例。如果您正苦于以下问题:Python x509.CRLDistributionPoints方法的具体用法?Python x509.CRLDistributionPoints怎么用?Python x509.CRLDistributionPoints使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在cryptography.x509的用法示例。


在下文中一共展示了x509.CRLDistributionPoints方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: test_verify_crl_unknown_scheme

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import CRLDistributionPoints [as 别名]
def test_verify_crl_unknown_scheme(cert_builder, private_key):
    """Unknown distribution point URI schemes should be ignored."""
    ldap_uri = "ldap://ldap.example.org/cn=Example%20Certificate%20Authority?certificateRevocationList;binary"
    crl_dp = x509.DistributionPoint(
        [UniformResourceIdentifier(ldap_uri)],
        relative_name=None,
        reasons=None,
        crl_issuer=None,
    )
    cert = cert_builder.add_extension(
        x509.CRLDistributionPoints([crl_dp]), critical=False
    ).sign(private_key, hashes.SHA256(), default_backend())

    with mktempfile() as cert_tmp:
        with open(cert_tmp, "wb") as f:
            f.write(cert.public_bytes(serialization.Encoding.PEM))

        # Must not raise exception
        crl_verify(cert, cert_tmp) 
开发者ID:Netflix,项目名称:lemur,代码行数:21,代码来源:test_verify.py

示例2: test_verify_crl_unreachable

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import CRLDistributionPoints [as 别名]
def test_verify_crl_unreachable(cert_builder, private_key):
    """Unreachable CRL distribution point results in error."""
    ldap_uri = "http://invalid.example.org/crl/foobar.crl"
    crl_dp = x509.DistributionPoint(
        [UniformResourceIdentifier(ldap_uri)],
        relative_name=None,
        reasons=None,
        crl_issuer=None,
    )
    cert = cert_builder.add_extension(
        x509.CRLDistributionPoints([crl_dp]), critical=False
    ).sign(private_key, hashes.SHA256(), default_backend())

    with mktempfile() as cert_tmp:
        with open(cert_tmp, "wb") as f:
            f.write(cert.public_bytes(serialization.Encoding.PEM))

        with pytest.raises(Exception, match="Unable to retrieve CRL:"):
            crl_verify(cert, cert_tmp) 
开发者ID:Netflix,项目名称:lemur,代码行数:21,代码来源:test_verify.py

示例3: get_common_extensions

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import CRLDistributionPoints [as 别名]
def get_common_extensions(self, issuer_url=None, crl_url=None, ocsp_url=None):
        extensions = []
        if crl_url:
            urls = [x509.UniformResourceIdentifier(force_text(c)) for c in crl_url]
            dps = [x509.DistributionPoint(full_name=[c], relative_name=None, crl_issuer=None, reasons=None)
                   for c in urls]
            extensions.append((False, x509.CRLDistributionPoints(dps)))
        auth_info_access = []
        if ocsp_url:
            uri = x509.UniformResourceIdentifier(force_text(ocsp_url))
            auth_info_access.append(x509.AccessDescription(
                access_method=AuthorityInformationAccessOID.OCSP, access_location=uri))
        if issuer_url:
            uri = x509.UniformResourceIdentifier(force_text(issuer_url))
            auth_info_access.append(x509.AccessDescription(
                access_method=AuthorityInformationAccessOID.CA_ISSUERS, access_location=uri))
        if auth_info_access:
            extensions.append((False, x509.AuthorityInformationAccess(auth_info_access)))
        return extensions 
开发者ID:mathiasertl,项目名称:django-ca,代码行数:21,代码来源:managers.py

示例4: _decode_crl_distribution_points

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import CRLDistributionPoints [as 别名]
def _decode_crl_distribution_points(backend, cdps):
    dist_points = _decode_dist_points(backend, cdps)
    return x509.CRLDistributionPoints(dist_points) 
开发者ID:tp4a,项目名称:teleport,代码行数:5,代码来源:decode_asn1.py

示例5: extension_type

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import CRLDistributionPoints [as 别名]
def extension_type(self):
        return x509.CRLDistributionPoints(distribution_points=[dp.for_extension_type for dp in self.value]) 
开发者ID:mathiasertl,项目名称:django-ca,代码行数:4,代码来源:extensions.py

示例6: extensions

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import CRLDistributionPoints [as 别名]
def extensions(self):
        # setup default values
        return_extensions = {"sub_alt_names": {"names": []}}

        try:
            for extension in self.parsed_cert.extensions:
                value = extension.value
                if isinstance(value, x509.BasicConstraints):
                    return_extensions["basic_constraints"] = value

                elif isinstance(value, x509.SubjectAlternativeName):
                    return_extensions["sub_alt_names"]["names"] = value

                elif isinstance(value, x509.ExtendedKeyUsage):
                    return_extensions["extended_key_usage"] = value

                elif isinstance(value, x509.KeyUsage):
                    return_extensions["key_usage"] = value

                elif isinstance(value, x509.SubjectKeyIdentifier):
                    return_extensions["subject_key_identifier"] = {"include_ski": True}

                elif isinstance(value, x509.AuthorityInformationAccess):
                    return_extensions["certificate_info_access"] = {"include_aia": True}

                elif isinstance(value, x509.AuthorityKeyIdentifier):
                    aki = {"use_key_identifier": False, "use_authority_cert": False}

                    if value.key_identifier:
                        aki["use_key_identifier"] = True

                    if value.authority_cert_issuer:
                        aki["use_authority_cert"] = True

                    return_extensions["authority_key_identifier"] = aki

                elif isinstance(value, x509.CRLDistributionPoints):
                    return_extensions["crl_distribution_points"] = {
                        "include_crl_dp": value
                    }

                # TODO: Not supporting custom OIDs yet. https://github.com/Netflix/lemur/issues/665
                else:
                    current_app.logger.warning(
                        "Custom OIDs not yet supported for clone operation."
                    )
        except InvalidCodepoint as e:
            sentry.captureException()
            current_app.logger.warning(
                "Unable to parse extensions due to underscore in dns name"
            )
        except ValueError as e:
            sentry.captureException()
            current_app.logger.warning("Unable to parse")
            current_app.logger.exception(e)

        return return_extensions 
开发者ID:Netflix,项目名称:lemur,代码行数:59,代码来源:models.py


注:本文中的cryptography.x509.CRLDistributionPoints方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。