Python源码示例:cryptography.x509.PolicyInformation()
示例1
def test_certs(self):
self.load_all_cas()
self.load_all_certs()
for name, cert in list(self.cas.items()) + list(self.certs.items()):
try:
val = cert.x509.extensions.get_extension_for_oid(ExtensionOID.CERTIFICATE_POLICIES).value
except x509.ExtensionNotFound:
continue
for policy in val:
pi = PolicyInformation(policy)
self.assertEqual(pi.for_extension_type, policy)
# pass the serialized value to the constructor and see if it's still the same
pi2 = PolicyInformation(pi.serialize())
self.assertEqual(pi, pi2)
self.assertEqual(pi.serialize(), pi2.serialize())
self.assertEqual(pi2.for_extension_type, policy)
示例2
def test_constructor(self):
# just some constructors that are otherwise not called
pi = PolicyInformation()
self.assertIsNone(pi.policy_identifier)
self.assertIsNone(pi.policy_qualifiers)
pi = PolicyInformation({
'policy_identifier': '1.2.3',
'policy_qualifiers': [
x509.UserNotice(notice_reference=None, explicit_text='foobar'),
],
})
# todo: test pi
pi = PolicyInformation({
'policy_identifier': '1.2.3',
'policy_qualifiers': [{
'notice_reference': x509.NoticeReference(organization='foobar', notice_numbers=[1]),
}],
})
# todo: test pi
示例3
def test_hash(self):
self.assertEqual(hash(self.pi1), hash(self.pi1))
self.assertEqual(hash(self.pi2), hash(self.pi2))
self.assertEqual(hash(self.pi3), hash(self.pi3))
self.assertEqual(hash(self.pi4), hash(self.pi4))
self.assertEqual(hash(self.pi_empty), hash(self.pi_empty))
self.assertEqual(hash(self.pi1), hash(PolicyInformation(self.s1)))
self.assertEqual(hash(self.pi2), hash(PolicyInformation(self.s2)))
self.assertEqual(hash(self.pi3), hash(PolicyInformation(self.s3)))
self.assertEqual(hash(self.pi4), hash(PolicyInformation(self.s4)))
self.assertEqual(hash(self.pi_empty), hash(PolicyInformation()))
self.assertNotEqual(hash(self.pi1), hash(self.pi2))
self.assertNotEqual(hash(self.pi1), hash(self.pi3))
self.assertNotEqual(hash(self.pi1), hash(self.pi4))
self.assertNotEqual(hash(self.pi2), hash(self.pi3))
self.assertNotEqual(hash(self.pi2), hash(self.pi4))
self.assertNotEqual(hash(self.pi3), hash(self.pi4))
示例4
def test_pop(self):
self.pi_empty.policy_identifier = self.oid
self.assertEqual(self.pi1.pop(), self.s1['policy_qualifiers'][0])
self.assertEqual(self.pi1, self.pi_empty)
self.assertEqual(self.pi4.pop(1), self.s4['policy_qualifiers'][1])
self.assertEqual(self.pi4, PolicyInformation({
'policy_identifier': self.oid,
'policy_qualifiers': [self.q4],
}))
self.assertEqual(self.pi4.pop(), self.s4['policy_qualifiers'][0])
self.assertEqual(self.pi4, self.pi_empty)
with self.assertRaisesRegex(IndexError, r'^pop from empty list$'):
self.pi_empty.pop()
示例5
def test_remove(self):
self.pi_empty.policy_identifier = self.oid
self.pi1.remove(self.q1)
self.assertEqual(self.pi1, self.pi_empty)
self.pi2.remove(self.s2['policy_qualifiers'][0])
self.assertEqual(self.pi1, self.pi_empty)
self.pi4.remove(self.q4)
self.assertEqual(self.pi4, PolicyInformation({
'policy_identifier': self.oid,
'policy_qualifiers': [self.q5],
}))
with self.assertRaisesRegex(ValueError, r'^list\.remove\(x\): x not in list$'):
self.pi_empty.remove(self.s3['policy_qualifiers'][0])
示例6
def _decode_certificate_policies(backend, cp):
cp = backend._ffi.cast("Cryptography_STACK_OF_POLICYINFO *", cp)
cp = backend._ffi.gc(cp, backend._lib.sk_POLICYINFO_free)
num = backend._lib.sk_POLICYINFO_num(cp)
certificate_policies = []
for i in range(num):
qualifiers = None
pi = backend._lib.sk_POLICYINFO_value(cp, i)
oid = x509.ObjectIdentifier(_obj2txt(backend, pi.policyid))
if pi.qualifiers != backend._ffi.NULL:
qnum = backend._lib.sk_POLICYQUALINFO_num(pi.qualifiers)
qualifiers = []
for j in range(qnum):
pqi = backend._lib.sk_POLICYQUALINFO_value(
pi.qualifiers, j
)
pqualid = x509.ObjectIdentifier(
_obj2txt(backend, pqi.pqualid)
)
if pqualid == CertificatePoliciesOID.CPS_QUALIFIER:
cpsuri = backend._ffi.buffer(
pqi.d.cpsuri.data, pqi.d.cpsuri.length
)[:].decode('ascii')
qualifiers.append(cpsuri)
else:
assert pqualid == CertificatePoliciesOID.CPS_USER_NOTICE
user_notice = _decode_user_notice(
backend, pqi.d.usernotice
)
qualifiers.append(user_notice)
certificate_policies.append(
x509.PolicyInformation(oid, qualifiers)
)
return x509.CertificatePolicies(certificate_policies)
示例7
def _decode_certificate_policies(backend, cp):
cp = backend._ffi.cast("Cryptography_STACK_OF_POLICYINFO *", cp)
cp = backend._ffi.gc(cp, backend._lib.sk_POLICYINFO_free)
num = backend._lib.sk_POLICYINFO_num(cp)
certificate_policies = []
for i in range(num):
qualifiers = None
pi = backend._lib.sk_POLICYINFO_value(cp, i)
oid = x509.ObjectIdentifier(_obj2txt(backend, pi.policyid))
if pi.qualifiers != backend._ffi.NULL:
qnum = backend._lib.sk_POLICYQUALINFO_num(pi.qualifiers)
qualifiers = []
for j in range(qnum):
pqi = backend._lib.sk_POLICYQUALINFO_value(
pi.qualifiers, j
)
pqualid = x509.ObjectIdentifier(
_obj2txt(backend, pqi.pqualid)
)
if pqualid == CertificatePoliciesOID.CPS_QUALIFIER:
cpsuri = backend._ffi.buffer(
pqi.d.cpsuri.data, pqi.d.cpsuri.length
)[:].decode('ascii')
qualifiers.append(cpsuri)
else:
assert pqualid == CertificatePoliciesOID.CPS_USER_NOTICE
user_notice = _decode_user_notice(
backend, pqi.d.usernotice
)
qualifiers.append(user_notice)
certificate_policies.append(
x509.PolicyInformation(oid, qualifiers)
)
return x509.CertificatePolicies(certificate_policies)
示例8
def _decode_certificate_policies(backend, cp):
cp = backend._ffi.cast("Cryptography_STACK_OF_POLICYINFO *", cp)
cp = backend._ffi.gc(cp, backend._lib.CERTIFICATEPOLICIES_free)
num = backend._lib.sk_POLICYINFO_num(cp)
certificate_policies = []
for i in range(num):
qualifiers = None
pi = backend._lib.sk_POLICYINFO_value(cp, i)
oid = x509.ObjectIdentifier(_obj2txt(backend, pi.policyid))
if pi.qualifiers != backend._ffi.NULL:
qnum = backend._lib.sk_POLICYQUALINFO_num(pi.qualifiers)
qualifiers = []
for j in range(qnum):
pqi = backend._lib.sk_POLICYQUALINFO_value(
pi.qualifiers, j
)
pqualid = x509.ObjectIdentifier(
_obj2txt(backend, pqi.pqualid)
)
if pqualid == CertificatePoliciesOID.CPS_QUALIFIER:
cpsuri = backend._ffi.buffer(
pqi.d.cpsuri.data, pqi.d.cpsuri.length
)[:].decode('ascii')
qualifiers.append(cpsuri)
else:
assert pqualid == CertificatePoliciesOID.CPS_USER_NOTICE
user_notice = _decode_user_notice(
backend, pqi.d.usernotice
)
qualifiers.append(user_notice)
certificate_policies.append(
x509.PolicyInformation(oid, qualifiers)
)
return x509.CertificatePolicies(certificate_policies)
示例9
def _decode_certificate_policies(backend, cp):
cp = backend._ffi.cast("Cryptography_STACK_OF_POLICYINFO *", cp)
cp = backend._ffi.gc(cp, backend._lib.CERTIFICATEPOLICIES_free)
num = backend._lib.sk_POLICYINFO_num(cp)
certificate_policies = []
for i in range(num):
qualifiers = None
pi = backend._lib.sk_POLICYINFO_value(cp, i)
oid = x509.ObjectIdentifier(_obj2txt(backend, pi.policyid))
if pi.qualifiers != backend._ffi.NULL:
qnum = backend._lib.sk_POLICYQUALINFO_num(pi.qualifiers)
qualifiers = []
for j in range(qnum):
pqi = backend._lib.sk_POLICYQUALINFO_value(
pi.qualifiers, j
)
pqualid = x509.ObjectIdentifier(
_obj2txt(backend, pqi.pqualid)
)
if pqualid == CertificatePoliciesOID.CPS_QUALIFIER:
cpsuri = backend._ffi.buffer(
pqi.d.cpsuri.data, pqi.d.cpsuri.length
)[:].decode('ascii')
qualifiers.append(cpsuri)
else:
assert pqualid == CertificatePoliciesOID.CPS_USER_NOTICE
user_notice = _decode_user_notice(
backend, pqi.d.usernotice
)
qualifiers.append(user_notice)
certificate_policies.append(
x509.PolicyInformation(oid, qualifiers)
)
return x509.CertificatePolicies(certificate_policies)
示例10
def _decode_certificate_policies(backend, cp):
cp = backend._ffi.cast("Cryptography_STACK_OF_POLICYINFO *", cp)
cp = backend._ffi.gc(cp, backend._lib.CERTIFICATEPOLICIES_free)
num = backend._lib.sk_POLICYINFO_num(cp)
certificate_policies = []
for i in range(num):
qualifiers = None
pi = backend._lib.sk_POLICYINFO_value(cp, i)
oid = x509.ObjectIdentifier(_obj2txt(backend, pi.policyid))
if pi.qualifiers != backend._ffi.NULL:
qnum = backend._lib.sk_POLICYQUALINFO_num(pi.qualifiers)
qualifiers = []
for j in range(qnum):
pqi = backend._lib.sk_POLICYQUALINFO_value(
pi.qualifiers, j
)
pqualid = x509.ObjectIdentifier(
_obj2txt(backend, pqi.pqualid)
)
if pqualid == CertificatePoliciesOID.CPS_QUALIFIER:
cpsuri = backend._ffi.buffer(
pqi.d.cpsuri.data, pqi.d.cpsuri.length
)[:].decode('ascii')
qualifiers.append(cpsuri)
else:
assert pqualid == CertificatePoliciesOID.CPS_USER_NOTICE
user_notice = _decode_user_notice(
backend, pqi.d.usernotice
)
qualifiers.append(user_notice)
certificate_policies.append(
x509.PolicyInformation(oid, qualifiers)
)
return x509.CertificatePolicies(certificate_policies)
示例11
def _decode_certificate_policies(backend, cp):
cp = backend._ffi.cast("Cryptography_STACK_OF_POLICYINFO *", cp)
cp = backend._ffi.gc(cp, backend._lib.CERTIFICATEPOLICIES_free)
num = backend._lib.sk_POLICYINFO_num(cp)
certificate_policies = []
for i in range(num):
qualifiers = None
pi = backend._lib.sk_POLICYINFO_value(cp, i)
oid = x509.ObjectIdentifier(_obj2txt(backend, pi.policyid))
if pi.qualifiers != backend._ffi.NULL:
qnum = backend._lib.sk_POLICYQUALINFO_num(pi.qualifiers)
qualifiers = []
for j in range(qnum):
pqi = backend._lib.sk_POLICYQUALINFO_value(
pi.qualifiers, j
)
pqualid = x509.ObjectIdentifier(
_obj2txt(backend, pqi.pqualid)
)
if pqualid == CertificatePoliciesOID.CPS_QUALIFIER:
cpsuri = backend._ffi.buffer(
pqi.d.cpsuri.data, pqi.d.cpsuri.length
)[:].decode('ascii')
qualifiers.append(cpsuri)
else:
assert pqualid == CertificatePoliciesOID.CPS_USER_NOTICE
user_notice = _decode_user_notice(
backend, pqi.d.usernotice
)
qualifiers.append(user_notice)
certificate_policies.append(
x509.PolicyInformation(oid, qualifiers)
)
return x509.CertificatePolicies(certificate_policies)
示例12
def __init__(self, data=None):
if isinstance(data, x509.PolicyInformation):
self.policy_identifier = data.policy_identifier
self.policy_qualifiers = data.policy_qualifiers
elif isinstance(data, dict):
self.policy_identifier = data['policy_identifier']
self.policy_qualifiers = self.parse_policy_qualifiers(data.get('policy_qualifiers'))
elif data is None:
self.policy_identifier = None
self.policy_qualifiers = None
else:
raise ValueError('PolicyInformation data must be either x509.PolicyInformation or dict')
示例13
def __eq__(self, other):
return isinstance(other, PolicyInformation) and self.policy_identifier == other.policy_identifier \
and self.policy_qualifiers == other.policy_qualifiers
示例14
def __repr__(self):
if self.policy_identifier is None:
ident = 'None'
else:
ident = self.policy_identifier.dotted_string
return '<PolicyInformation(oid=%s, qualifiers=%r)>' % (ident, self.serialize_policy_qualifiers())
示例15
def for_extension_type(self):
return x509.PolicyInformation(policy_identifier=self.policy_identifier,
policy_qualifiers=self.policy_qualifiers)
示例16
def parse_value(self, v):
if isinstance(v, PolicyInformation):
return v
return PolicyInformation(v)
示例17
def test_append(self):
self.pi1.append(self.q2)
self.pi1.append(self.s3['policy_qualifiers'][0])
self.assertEqual(self.pi1, PolicyInformation({
'policy_identifier': self.oid,
'policy_qualifiers': [self.q1, self.q2, self.q3],
}))
self.pi_empty.policy_identifier = self.oid
self.pi_empty.append(self.q3)
self.assertEqual(self.pi3, self.pi_empty)
示例18
def test_as_text(self):
self.assertEqual(self.pi1.as_text(), 'Policy Identifier: 2.5.29.32.0\n'
'Policy Qualifiers:\n* text1')
self.assertEqual(self.pi2.as_text(), 'Policy Identifier: 2.5.29.32.0\n'
'Policy Qualifiers:\n'
'* UserNotice:\n'
' * Explicit text: text2')
self.assertEqual(self.pi3.as_text(),
'Policy Identifier: 2.5.29.32.0\n'
'Policy Qualifiers:\n'
'* UserNotice:\n'
' * Reference:\n'
' * Organiziation: text3\n'
' * Notice Numbers: [1]')
self.assertEqual(self.pi4.as_text(),
'Policy Identifier: 2.5.29.32.0\n'
'Policy Qualifiers:\n'
'* text4\n'
'* UserNotice:\n'
' * Explicit text: text5\n'
' * Reference:\n'
' * Organiziation: text6\n'
' * Notice Numbers: [1, 2, 3]')
self.assertEqual(self.pi_empty.as_text(), 'Policy Identifier: None\nNo Policy Qualifiers')
self.load_all_cas()
self.load_all_certs()
for name, cert in list(self.cas.items()) + list(self.certs.items()):
try:
ext = cert.x509.extensions.get_extension_for_oid(ExtensionOID.CERTIFICATE_POLICIES).value
except x509.ExtensionNotFound:
continue
for index, policy in enumerate(ext):
pi = PolicyInformation(policy)
self.assertEqual(pi.as_text(), certs[name]['policy_texts'][index])
示例19
def test_constructor_errors(self):
with self.assertRaisesRegex(
ValueError, r'^PolicyInformation data must be either x509.PolicyInformation or dict$'):
PolicyInformation(True)
with self.assertRaisesRegex(ValueError, r'^PolicyQualifier must be string, dict or x509.UserNotice$'):
PolicyInformation({'policy_identifier': '1.2.3', 'policy_qualifiers': [True]})
with self.assertRaisesRegex(
ValueError, r'^NoticeReference must be either None, a dict or an x509.NoticeReference$'):
PolicyInformation({'policy_identifier': '1.2.3', 'policy_qualifiers': [{
'notice_reference': True,
}]})
示例20
def test_insert(self):
self.pi1.insert(0, self.q2)
self.assertEqual(self.pi1, PolicyInformation({
'policy_identifier': self.oid,
'policy_qualifiers': [self.q2, self.q1],
}))
self.pi1.insert(1, self.s3['policy_qualifiers'][0])
self.assertEqual(self.pi1, PolicyInformation({
'policy_identifier': self.oid,
'policy_qualifiers': [self.q2, self.q3, self.q1],
}))
self.pi_empty.insert(1, self.q2)
self.pi_empty.policy_identifier = self.oid
self.assertEqual(self.pi2, self.pi_empty)
示例21
def test_policy_identifier_setter(self):
value = '1.2.3'
expected = ObjectIdentifier(value)
pi = PolicyInformation({'policy_identifier': value})
pi.policy_identifier = value
self.assertEqual(pi.policy_identifier, expected)
pi = PolicyInformation({'policy_identifier': expected})
self.assertEqual(pi.policy_identifier, expected)
new_value = '2.3.4'
new_expected = ObjectIdentifier(new_value)
pi.policy_identifier = new_value
self.assertEqual(pi.policy_identifier, new_expected)
示例22
def _decode_certificate_policies(backend, cp):
cp = backend._ffi.cast("Cryptography_STACK_OF_POLICYINFO *", cp)
cp = backend._ffi.gc(cp, backend._lib.CERTIFICATEPOLICIES_free)
num = backend._lib.sk_POLICYINFO_num(cp)
certificate_policies = []
for i in range(num):
qualifiers = None
pi = backend._lib.sk_POLICYINFO_value(cp, i)
oid = x509.ObjectIdentifier(_obj2txt(backend, pi.policyid))
if pi.qualifiers != backend._ffi.NULL:
qnum = backend._lib.sk_POLICYQUALINFO_num(pi.qualifiers)
qualifiers = []
for j in range(qnum):
pqi = backend._lib.sk_POLICYQUALINFO_value(
pi.qualifiers, j
)
pqualid = x509.ObjectIdentifier(
_obj2txt(backend, pqi.pqualid)
)
if pqualid == CertificatePoliciesOID.CPS_QUALIFIER:
cpsuri = backend._ffi.buffer(
pqi.d.cpsuri.data, pqi.d.cpsuri.length
)[:].decode('ascii')
qualifiers.append(cpsuri)
else:
assert pqualid == CertificatePoliciesOID.CPS_USER_NOTICE
user_notice = _decode_user_notice(
backend, pqi.d.usernotice
)
qualifiers.append(user_notice)
certificate_policies.append(
x509.PolicyInformation(oid, qualifiers)
)
return x509.CertificatePolicies(certificate_policies)
示例23
def _decode_certificate_policies(backend, cp):
cp = backend._ffi.cast("Cryptography_STACK_OF_POLICYINFO *", cp)
cp = backend._ffi.gc(cp, backend._lib.CERTIFICATEPOLICIES_free)
num = backend._lib.sk_POLICYINFO_num(cp)
certificate_policies = []
for i in range(num):
qualifiers = None
pi = backend._lib.sk_POLICYINFO_value(cp, i)
oid = x509.ObjectIdentifier(_obj2txt(backend, pi.policyid))
if pi.qualifiers != backend._ffi.NULL:
qnum = backend._lib.sk_POLICYQUALINFO_num(pi.qualifiers)
qualifiers = []
for j in range(qnum):
pqi = backend._lib.sk_POLICYQUALINFO_value(
pi.qualifiers, j
)
pqualid = x509.ObjectIdentifier(
_obj2txt(backend, pqi.pqualid)
)
if pqualid == CertificatePoliciesOID.CPS_QUALIFIER:
cpsuri = backend._ffi.buffer(
pqi.d.cpsuri.data, pqi.d.cpsuri.length
)[:].decode('ascii')
qualifiers.append(cpsuri)
else:
assert pqualid == CertificatePoliciesOID.CPS_USER_NOTICE
user_notice = _decode_user_notice(
backend, pqi.d.usernotice
)
qualifiers.append(user_notice)
certificate_policies.append(
x509.PolicyInformation(oid, qualifiers)
)
return x509.CertificatePolicies(certificate_policies)
示例24
def _decode_certificate_policies(backend, cp):
cp = backend._ffi.cast("Cryptography_STACK_OF_POLICYINFO *", cp)
cp = backend._ffi.gc(cp, backend._lib.CERTIFICATEPOLICIES_free)
num = backend._lib.sk_POLICYINFO_num(cp)
certificate_policies = []
for i in range(num):
qualifiers = None
pi = backend._lib.sk_POLICYINFO_value(cp, i)
oid = x509.ObjectIdentifier(_obj2txt(backend, pi.policyid))
if pi.qualifiers != backend._ffi.NULL:
qnum = backend._lib.sk_POLICYQUALINFO_num(pi.qualifiers)
qualifiers = []
for j in range(qnum):
pqi = backend._lib.sk_POLICYQUALINFO_value(
pi.qualifiers, j
)
pqualid = x509.ObjectIdentifier(
_obj2txt(backend, pqi.pqualid)
)
if pqualid == CertificatePoliciesOID.CPS_QUALIFIER:
cpsuri = backend._ffi.buffer(
pqi.d.cpsuri.data, pqi.d.cpsuri.length
)[:].decode('ascii')
qualifiers.append(cpsuri)
else:
assert pqualid == CertificatePoliciesOID.CPS_USER_NOTICE
user_notice = _decode_user_notice(
backend, pqi.d.usernotice
)
qualifiers.append(user_notice)
certificate_policies.append(
x509.PolicyInformation(oid, qualifiers)
)
return x509.CertificatePolicies(certificate_policies)
