本文整理汇总了Python中cryptography.x509.DistributionPoint方法的典型用法代码示例。如果您正苦于以下问题:Python x509.DistributionPoint方法的具体用法?Python x509.DistributionPoint怎么用?Python x509.DistributionPoint使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类cryptography.x509
的用法示例。
在下文中一共展示了x509.DistributionPoint方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_verify_crl_unknown_scheme
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import DistributionPoint [as 别名]
def test_verify_crl_unknown_scheme(cert_builder, private_key):
"""Unknown distribution point URI schemes should be ignored."""
ldap_uri = "ldap://ldap.example.org/cn=Example%20Certificate%20Authority?certificateRevocationList;binary"
crl_dp = x509.DistributionPoint(
[UniformResourceIdentifier(ldap_uri)],
relative_name=None,
reasons=None,
crl_issuer=None,
)
cert = cert_builder.add_extension(
x509.CRLDistributionPoints([crl_dp]), critical=False
).sign(private_key, hashes.SHA256(), default_backend())
with mktempfile() as cert_tmp:
with open(cert_tmp, "wb") as f:
f.write(cert.public_bytes(serialization.Encoding.PEM))
# Must not raise exception
crl_verify(cert, cert_tmp)
示例2: test_verify_crl_unreachable
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import DistributionPoint [as 别名]
def test_verify_crl_unreachable(cert_builder, private_key):
"""Unreachable CRL distribution point results in error."""
ldap_uri = "http://invalid.example.org/crl/foobar.crl"
crl_dp = x509.DistributionPoint(
[UniformResourceIdentifier(ldap_uri)],
relative_name=None,
reasons=None,
crl_issuer=None,
)
cert = cert_builder.add_extension(
x509.CRLDistributionPoints([crl_dp]), critical=False
).sign(private_key, hashes.SHA256(), default_backend())
with mktempfile() as cert_tmp:
with open(cert_tmp, "wb") as f:
f.write(cert.public_bytes(serialization.Encoding.PEM))
with pytest.raises(Exception, match="Unable to retrieve CRL:"):
crl_verify(cert, cert_tmp)
示例3: get_common_extensions
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import DistributionPoint [as 别名]
def get_common_extensions(self, issuer_url=None, crl_url=None, ocsp_url=None):
extensions = []
if crl_url:
urls = [x509.UniformResourceIdentifier(force_text(c)) for c in crl_url]
dps = [x509.DistributionPoint(full_name=[c], relative_name=None, crl_issuer=None, reasons=None)
for c in urls]
extensions.append((False, x509.CRLDistributionPoints(dps)))
auth_info_access = []
if ocsp_url:
uri = x509.UniformResourceIdentifier(force_text(ocsp_url))
auth_info_access.append(x509.AccessDescription(
access_method=AuthorityInformationAccessOID.OCSP, access_location=uri))
if issuer_url:
uri = x509.UniformResourceIdentifier(force_text(issuer_url))
auth_info_access.append(x509.AccessDescription(
access_method=AuthorityInformationAccessOID.CA_ISSUERS, access_location=uri))
if auth_info_access:
extensions.append((False, x509.AuthorityInformationAccess(auth_info_access)))
return extensions
示例4: __init__
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import DistributionPoint [as 别名]
def __init__(self, data=None):
if data is None:
data = {}
if isinstance(data, x509.DistributionPoint):
self.full_name = _gnl_or_empty(data.full_name)
self.relative_name = data.relative_name
self.crl_issuer = _gnl_or_empty(data.crl_issuer)
self.reasons = data.reasons
elif isinstance(data, dict):
self.full_name = _gnl_or_empty(data.get('full_name'))
self.relative_name = data.get('relative_name')
self.crl_issuer = _gnl_or_empty(data.get('crl_issuer'))
self.reasons = data.get('reasons')
if self.full_name is not None and self.relative_name is not None:
raise ValueError('full_name and relative_name cannot both have a value')
if self.relative_name is not None:
self.relative_name = x509_relative_name(self.relative_name)
if self.reasons is not None:
self.reasons = frozenset([x509.ReasonFlags[r] for r in self.reasons])
else:
raise ValueError('data must be x509.DistributionPoint or dict')
示例5: test_init_basic
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import DistributionPoint [as 别名]
def test_init_basic(self):
dp = DistributionPoint()
self.assertIsNone(dp.full_name)
self.assertIsNone(dp.relative_name)
self.assertIsNone(dp.crl_issuer)
self.assertIsNone(dp.reasons)
dp = DistributionPoint({
'full_name': ['http://example.com'],
'crl_issuer': ['http://example.net'],
})
self.assertEqual(dp.full_name, [uri('http://example.com')])
self.assertIsNone(dp.relative_name)
self.assertEqual(dp.crl_issuer, [uri('http://example.net')])
self.assertIsNone(dp.reasons)
dp = DistributionPoint({
'full_name': 'http://example.com',
'crl_issuer': 'http://example.net',
})
self.assertEqual(dp.full_name, [uri('http://example.com')])
self.assertIsNone(dp.relative_name)
self.assertEqual(dp.crl_issuer, [uri('http://example.net')])
self.assertIsNone(dp.reasons)
示例6: as_text
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import DistributionPoint [as 别名]
def as_text(self):
return '\n'.join('* DistributionPoint:\n%s' % textwrap.indent(dp.as_text(), ' ')
for dp in self.value)
示例7: parse_value
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import DistributionPoint [as 别名]
def parse_value(self, v):
if isinstance(v, DistributionPoint):
return v
return DistributionPoint(v)
示例8: __eq__
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import DistributionPoint [as 别名]
def __eq__(self, other):
return isinstance(other, DistributionPoint) and self.full_name == other.full_name \
and self.relative_name == other.relative_name and self.crl_issuer == other.crl_issuer \
and self.reasons == other.reasons
示例9: for_extension_type
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import DistributionPoint [as 别名]
def for_extension_type(self):
return x509.DistributionPoint(full_name=self.full_name, relative_name=self.relative_name,
crl_issuer=self.crl_issuer, reasons=self.reasons)
示例10: test_init_errors
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import DistributionPoint [as 别名]
def test_init_errors(self):
with self.assertRaisesRegex(ValueError, r'^data must be x509.DistributionPoint or dict$'):
DistributionPoint('foobar')
with self.assertRaisesRegex(ValueError, r'^full_name and relative_name cannot both have a value$'):
DistributionPoint({
'full_name': ['http://example.com'],
'relative_name': '/CN=example.com',
})
示例11: test_str
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import DistributionPoint [as 别名]
def test_str(self):
dp = DistributionPoint({'full_name': 'http://example.com'})
self.assertEqual(str(dp), "<DistributionPoint: full_name=['URI:http://example.com']>")
示例12: _decode_dist_points
# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import DistributionPoint [as 别名]
def _decode_dist_points(backend, cdps):
cdps = backend._ffi.cast("Cryptography_STACK_OF_DIST_POINT *", cdps)
cdps = backend._ffi.gc(cdps, backend._lib.CRL_DIST_POINTS_free)
num = backend._lib.sk_DIST_POINT_num(cdps)
dist_points = []
for i in range(num):
full_name = None
relative_name = None
crl_issuer = None
reasons = None
cdp = backend._lib.sk_DIST_POINT_value(cdps, i)
if cdp.reasons != backend._ffi.NULL:
reasons = _decode_reasons(backend, cdp.reasons)
if cdp.CRLissuer != backend._ffi.NULL:
crl_issuer = _decode_general_names(backend, cdp.CRLissuer)
# Certificates may have a crl_issuer/reasons and no distribution
# point so make sure it's not null.
if cdp.distpoint != backend._ffi.NULL:
full_name, relative_name = _decode_distpoint(
backend, cdp.distpoint
)
dist_points.append(
x509.DistributionPoint(
full_name, relative_name, reasons, crl_issuer
)
)
return dist_points
# ReasonFlags ::= BIT STRING {
# unused (0),
# keyCompromise (1),
# cACompromise (2),
# affiliationChanged (3),
# superseded (4),
# cessationOfOperation (5),
# certificateHold (6),
# privilegeWithdrawn (7),
# aACompromise (8) }