当前位置: 首页>>代码示例>>Python>>正文


Python x509.UniformResourceIdentifier方法代码示例

本文整理汇总了Python中cryptography.x509.UniformResourceIdentifier方法的典型用法代码示例。如果您正苦于以下问题:Python x509.UniformResourceIdentifier方法的具体用法?Python x509.UniformResourceIdentifier怎么用?Python x509.UniformResourceIdentifier使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在cryptography.x509的用法示例。


在下文中一共展示了x509.UniformResourceIdentifier方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: test_verify_crl_unknown_scheme

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import UniformResourceIdentifier [as 别名]
def test_verify_crl_unknown_scheme(cert_builder, private_key):
    """Unknown distribution point URI schemes should be ignored."""
    ldap_uri = "ldap://ldap.example.org/cn=Example%20Certificate%20Authority?certificateRevocationList;binary"
    crl_dp = x509.DistributionPoint(
        [UniformResourceIdentifier(ldap_uri)],
        relative_name=None,
        reasons=None,
        crl_issuer=None,
    )
    cert = cert_builder.add_extension(
        x509.CRLDistributionPoints([crl_dp]), critical=False
    ).sign(private_key, hashes.SHA256(), default_backend())

    with mktempfile() as cert_tmp:
        with open(cert_tmp, "wb") as f:
            f.write(cert.public_bytes(serialization.Encoding.PEM))

        # Must not raise exception
        crl_verify(cert, cert_tmp) 
开发者ID:Netflix,项目名称:lemur,代码行数:21,代码来源:test_verify.py

示例2: test_verify_crl_unreachable

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import UniformResourceIdentifier [as 别名]
def test_verify_crl_unreachable(cert_builder, private_key):
    """Unreachable CRL distribution point results in error."""
    ldap_uri = "http://invalid.example.org/crl/foobar.crl"
    crl_dp = x509.DistributionPoint(
        [UniformResourceIdentifier(ldap_uri)],
        relative_name=None,
        reasons=None,
        crl_issuer=None,
    )
    cert = cert_builder.add_extension(
        x509.CRLDistributionPoints([crl_dp]), critical=False
    ).sign(private_key, hashes.SHA256(), default_backend())

    with mktempfile() as cert_tmp:
        with open(cert_tmp, "wb") as f:
            f.write(cert.public_bytes(serialization.Encoding.PEM))

        with pytest.raises(Exception, match="Unable to retrieve CRL:"):
            crl_verify(cert, cert_tmp) 
开发者ID:Netflix,项目名称:lemur,代码行数:21,代码来源:test_verify.py

示例3: get_common_extensions

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import UniformResourceIdentifier [as 别名]
def get_common_extensions(self, issuer_url=None, crl_url=None, ocsp_url=None):
        extensions = []
        if crl_url:
            urls = [x509.UniformResourceIdentifier(force_text(c)) for c in crl_url]
            dps = [x509.DistributionPoint(full_name=[c], relative_name=None, crl_issuer=None, reasons=None)
                   for c in urls]
            extensions.append((False, x509.CRLDistributionPoints(dps)))
        auth_info_access = []
        if ocsp_url:
            uri = x509.UniformResourceIdentifier(force_text(ocsp_url))
            auth_info_access.append(x509.AccessDescription(
                access_method=AuthorityInformationAccessOID.OCSP, access_location=uri))
        if issuer_url:
            uri = x509.UniformResourceIdentifier(force_text(issuer_url))
            auth_info_access.append(x509.AccessDescription(
                access_method=AuthorityInformationAccessOID.CA_ISSUERS, access_location=uri))
        if auth_info_access:
            extensions.append((False, x509.AuthorityInformationAccess(auth_info_access)))
        return extensions 
开发者ID:mathiasertl,项目名称:django-ca,代码行数:21,代码来源:managers.py

示例4: _serialize

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import UniformResourceIdentifier [as 别名]
def _serialize(self, value, attr, obj):
        general_names = []
        name_type = None

        if value:
            for name in value._general_names:
                value = name.value

                if isinstance(name, x509.DNSName):
                    name_type = "DNSName"

                elif isinstance(name, x509.IPAddress):
                    if isinstance(value, ipaddress.IPv4Network):
                        name_type = "IPNetwork"
                    else:
                        name_type = "IPAddress"

                    value = str(value)

                elif isinstance(name, x509.UniformResourceIdentifier):
                    name_type = "uniformResourceIdentifier"

                elif isinstance(name, x509.DirectoryName):
                    name_type = "directoryName"

                elif isinstance(name, x509.RFC822Name):
                    name_type = "rfc822Name"

                elif isinstance(name, x509.RegisteredID):
                    name_type = "registeredID"
                    value = value.dotted_string
                else:
                    current_app.logger.warning(
                        "Unknown SubAltName type: {name}".format(name=name)
                    )
                    continue

                general_names.append({"nameType": name_type, "value": value})

        return general_names 
开发者ID:Netflix,项目名称:lemur,代码行数:42,代码来源:fields.py

示例5: test_full_crl

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import UniformResourceIdentifier [as 别名]
def test_full_crl(self):
        ca = self.cas['root']
        child = self.cas['child']
        cert = self.certs['root-cert']
        full_name = 'http://localhost/crl'
        idp = self.get_idp(full_name=[x509.UniformResourceIdentifier(value=full_name)])

        crl = ca.get_crl(full_name=[full_name]).public_bytes(Encoding.PEM)
        self.assertCRL(crl, idp=idp, signer=ca)

        ca.crl_url = full_name
        ca.save()
        crl = ca.get_crl().public_bytes(Encoding.PEM)
        self.assertCRL(crl, idp=idp, crl_number=1, signer=ca)

        # revoke a cert
        cert.revoke()
        crl = ca.get_crl().public_bytes(Encoding.PEM)
        self.assertCRL(crl, idp=idp, certs=[cert], crl_number=2, signer=ca)

        # also revoke a CA
        child.revoke()
        crl = ca.get_crl().public_bytes(Encoding.PEM)
        self.assertCRL(crl, idp=idp, certs=[cert, child], crl_number=3, signer=ca)

        # unrevoke cert (so we have all three combinations)
        cert.revoked = False
        cert.revoked_date = None
        cert.revoked_reason = ''
        cert.save()

        crl = ca.get_crl().public_bytes(Encoding.PEM)
        self.assertCRL(crl, idp=idp, certs=[child], crl_number=4, signer=ca) 
开发者ID:mathiasertl,项目名称:django-ca,代码行数:35,代码来源:tests_models.py

示例6: test_no_auth_key_identifier

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import UniformResourceIdentifier [as 别名]
def test_no_auth_key_identifier(self):
        # All CAs have a authority key identifier, so we mock that this exception is not present
        def side_effect(cls):
            raise x509.ExtensionNotFound('mocked', x509.AuthorityKeyIdentifier.oid)

        ca = self.cas['child']
        full_name = 'http://localhost/crl'
        idp = self.get_idp(full_name=[x509.UniformResourceIdentifier(value=full_name)])

        with mock.patch('cryptography.x509.extensions.Extensions.get_extension_for_oid',
                        side_effect=side_effect):
            crl = ca.get_crl(full_name=[full_name]).public_bytes(Encoding.PEM)
        self.assertCRL(crl, idp=idp, signer=ca, skip_authority_key_identifier=True) 
开发者ID:mathiasertl,项目名称:django-ca,代码行数:15,代码来源:tests_models.py

示例7: test_uri

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import UniformResourceIdentifier [as 别名]
def test_uri(self):
        url = 'https://example.com'
        self.assertEqual(parse_general_name(url), x509.UniformResourceIdentifier(url))
        self.assertEqual(parse_general_name('uri:%s' % url), x509.UniformResourceIdentifier(url)) 
开发者ID:mathiasertl,项目名称:django-ca,代码行数:6,代码来源:tests_utils.py

示例8: uri

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import UniformResourceIdentifier [as 别名]
def uri(u):  # just a shortcut
    return x509.UniformResourceIdentifier(u) 
开发者ID:mathiasertl,项目名称:django-ca,代码行数:4,代码来源:base.py

示例9: test_full_scope

# 需要导入模块: from cryptography import x509 [as 别名]
# 或者: from cryptography.x509 import UniformResourceIdentifier [as 别名]
def test_full_scope(self):
        full_name = 'http://localhost/crl'
        idp = self.get_idp(full_name=[x509.UniformResourceIdentifier(value=full_name)])

        self.ca.crl_url = full_name
        self.ca.save()

        response = self.client.get(reverse('full', kwargs={'serial': self.ca.serial}))
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response['Content-Type'], 'application/pkix-crl')
        self.assertCRL(response.content, encoding=Encoding.DER, expires=600, idp=idp) 
开发者ID:mathiasertl,项目名称:django-ca,代码行数:13,代码来源:tests_views.py


注:本文中的cryptography.x509.UniformResourceIdentifier方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。