def delta_crl_url(self, value): if value is None: self._freshest_crl = None return if self._delta_crl_indicator is not None: raise ValueError( _pretty_message(''' delta_crl_url can not be set if delta_of is set ''')) if not isinstance(value, str_cls): raise TypeError( _pretty_message( ''' delta_crl_url must be a unicode string, not %s ''', _type_name(value))) general_names = x509.GeneralNames([ x509.GeneralName(name='uniform_resource_identifier', value=value) ]) distribution_point_name = x509.DistributionPointName( name='full_name', value=general_names) distribution_point = x509.DistributionPoint( {'distribution_point': distribution_point_name}) self._freshest_crl = x509.CRLDistributionPoints([distribution_point])
def _make_crl_distribution_points(self, name, value): """ Constructs an asn1crypto.x509.CRLDistributionPoints object :param name: A unicode string of the attribute name to use in exceptions :param value: Either a unicode string of a URL, or a 2-element tuple of a unicode string of a URL, plus an asn1crypto.x509.Certificate object that will be signing the CRL (for indirect CRLs). :return: None or an asn1crypto.x509.CRLDistributionPoints object """ if value is None: return None is_tuple = isinstance(value, tuple) if not is_tuple and not isinstance(value, str_cls): raise TypeError( _pretty_message( ''' %s must be a unicode string or tuple of (unicode string, asn1crypto.x509.Certificate), not %s ''', name, _type_name(value))) issuer = None if is_tuple: if len(value) != 2: raise ValueError( _pretty_message( ''' %s must be a unicode string or 2-element tuple, not a %s-element tuple ''', name, len(value))) if not isinstance(value[0], str_cls) or not isinstance( value[1], x509.Certificate): raise TypeError( _pretty_message( ''' %s must be a tuple of (unicode string, ans1crypto.x509.Certificate), not (%s, %s) ''', name, _type_name(value[0]), _type_name(value[1]))) url = value[0] issuer = value[1].subject else: url = value general_names = x509.GeneralNames( [x509.GeneralName(name='uniform_resource_identifier', value=url)]) distribution_point_name = x509.DistributionPointName( name='full_name', value=general_names) distribution_point = x509.DistributionPoint( {'distribution_point': distribution_point_name}) if issuer: distribution_point['crl_issuer'] = x509.GeneralNames( [x509.GeneralName(name='directory_name', value=issuer)]) return x509.CRLDistributionPoints([distribution_point])