def KeyUsage(self): X509V3_KEY_USAGE_BIT_FIELDS = ( 'digitalSignature', 'nonRepudiation', 'keyEncipherment', 'dataEncipherment', 'keyAgreement', 'keyCertSign', 'CRLSign', 'encipherOnly', 'decipherOnly', ) if self.cert == '': return [] ku = [] for ext in self.cert["extensions"]: # Ищем расширение keyUsage if str(ext['extnID']) != "2.5.29.15": continue print('2.5.29.15') os16 = ext['extnValue'].prettyPrint() os16 = '0404' + os16[2:] os = binascii.unhexlify(os16[0:]) octet_strings = os e, f = decoder.decode( decoder.decode(octet_strings)[0], rfc2459.KeyUsage()) n = 0 while n < len(e): if e[n]: ku.append(X509V3_KEY_USAGE_BIT_FIELDS[n]) n += 1 return ku return []
def _build_key_usage(value): ext = rfc2459.Extension() extoid = utility.OID_ku extval = rfc2459.KeyUsage(value) encapsulated = univ.OctetString(encoder.encode(extval)) ext.setComponentByName('extnID', extoid) ext.setComponentByName('extnValue', encapsulated) return ext
def __init__(self, mask): """Создание EKU :ekus: список OID-ов расш. использования """ val = rfc2459.KeyUsage(str(','.join(mask))) super(KeyUsage, self).__init__(csp.szOID_KEY_USAGE, encoder.encode(val))
def addKeyUsage(self, keyUsage, critical): keyUsageExtension = rfc2459.KeyUsage(keyUsage) self.addExtension(rfc2459.id_ce_keyUsage, keyUsageExtension, critical)