def KeyUsage(self):
X509V3_KEY_USAGE_BIT_FIELDS = (
'digitalSignature',
'nonRepudiation',
'keyEncipherment',
'dataEncipherment',
'keyAgreement',
'keyCertSign',
'CRLSign',
'encipherOnly',
'decipherOnly',
)
if self.cert == '':
return []
ku = []
for ext in self.cert["extensions"]:
# Ищем расширение keyUsage
if str(ext['extnID']) != "2.5.29.15":
continue
print('2.5.29.15')
os16 = ext['extnValue'].prettyPrint()
os16 = '0404' + os16[2:]
os = binascii.unhexlify(os16[0:])
octet_strings = os
e, f = decoder.decode(
decoder.decode(octet_strings)[0], rfc2459.KeyUsage())
n = 0
while n < len(e):
if e[n]:
ku.append(X509V3_KEY_USAGE_BIT_FIELDS[n])
n += 1
return ku
return []
def _build_key_usage(value):
ext = rfc2459.Extension()
extoid = utility.OID_ku
extval = rfc2459.KeyUsage(value)
encapsulated = univ.OctetString(encoder.encode(extval))
ext.setComponentByName('extnID', extoid)
ext.setComponentByName('extnValue', encapsulated)
return ext
def __init__(self, mask):
"""Создание EKU
:ekus: список OID-ов расш. использования
"""
val = rfc2459.KeyUsage(str(','.join(mask)))
super(KeyUsage, self).__init__(csp.szOID_KEY_USAGE,
encoder.encode(val))
def addKeyUsage(self, keyUsage, critical):
keyUsageExtension = rfc2459.KeyUsage(keyUsage)
self.addExtension(rfc2459.id_ce_keyUsage, keyUsageExtension, critical)
