本文整理汇总了Python中cryptography.x509.CRLNumber方法的典型用法代码示例。如果您正苦于以下问题:Python x509.CRLNumber方法的具体用法?Python x509.CRLNumber怎么用?Python x509.CRLNumber使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类cryptography.x509
的用法示例。
在下文中一共展示了x509.CRLNumber方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _decode_crl_number
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import CRLNumber [as 别名]
def _decode_crl_number(backend, ext):
asn1_int = backend._ffi.cast("ASN1_INTEGER *", ext)
asn1_int = backend._ffi.gc(asn1_int, backend._lib.ASN1_INTEGER_free)
return x509.CRLNumber(_asn1_integer_to_int(backend, asn1_int))
示例2: assertCRL
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import CRLNumber [as 别名]
def assertCRL(self, crl, certs=None, signer=None, expires=86400, algorithm=None, encoding=Encoding.PEM,
idp=None, extensions=None, crl_number=0, skip_authority_key_identifier=False):
certs = certs or []
signer = signer or self.cas['child']
algorithm = algorithm or ca_settings.CA_DIGEST_ALGORITHM
extensions = extensions or []
expires = datetime.utcnow() + timedelta(seconds=expires)
if idp is not None: # pragma: no branch
extensions.append(idp)
extensions.append(x509.Extension(
value=x509.CRLNumber(crl_number=crl_number),
critical=False, oid=ExtensionOID.CRL_NUMBER
))
if not skip_authority_key_identifier:
extensions.append(signer.authority_key_identifier.as_extension())
if encoding == Encoding.PEM:
crl = x509.load_pem_x509_crl(crl, default_backend())
else:
crl = x509.load_der_x509_crl(crl, default_backend())
self.assertIsInstance(crl.signature_hash_algorithm, type(algorithm))
self.assertTrue(crl.is_signature_valid(signer.x509.public_key()))
self.assertEqual(crl.issuer, signer.x509.subject)
self.assertEqual(crl.last_update, datetime.utcnow())
self.assertEqual(crl.next_update, expires)
self.assertCountEqual(list(crl.extensions), extensions)
entries = {e.serial_number: e for e in crl}
expected = {c.x509.serial_number: c for c in certs}
self.assertCountEqual(entries, expected)
for serial, entry in entries.items():
self.assertEqual(entry.revocation_date, datetime.utcnow())
self.assertEqual(list(entry.extensions), [])