def delta_crl_url(self, value):
if value is None:
self._freshest_crl = None
return
if self._delta_crl_indicator is not None:
raise ValueError(
_pretty_message('''
delta_crl_url can not be set if delta_of is set
'''))
if not isinstance(value, str_cls):
raise TypeError(
_pretty_message(
'''
delta_crl_url must be a unicode string, not %s
''', _type_name(value)))
general_names = x509.GeneralNames([
x509.GeneralName(name='uniform_resource_identifier', value=value)
])
distribution_point_name = x509.DistributionPointName(
name='full_name', value=general_names)
distribution_point = x509.DistributionPoint(
{'distribution_point': distribution_point_name})
self._freshest_crl = x509.CRLDistributionPoints([distribution_point])
def url(self, value):
if not isinstance(value, str_cls):
raise TypeError(
_pretty_message(
'''
url must be a unicode string, not %s
''', _type_name(value)))
if self._issuing_distribution_point is None:
general_names = x509.GeneralNames([
x509.GeneralName(name='uniform_resource_identifier',
value=value)
])
distribution_point_name = x509.DistributionPointName(
name='full_name', value=general_names)
self._issuing_distribution_point = crl.IssuingDistributionPoint(
{'distribution_point': distribution_point_name})
else:
distribution_point_name = self._issuing_distribution_point[
'distribution_point']
general_names = distribution_point_name.chosen
general_names[0] = x509.GeneralName(
name='uniform_resource_identifier', value=value)
def _make_crl_distribution_points(self, name, value):
"""
Constructs an asn1crypto.x509.CRLDistributionPoints object
:param name:
A unicode string of the attribute name to use in exceptions
:param value:
Either a unicode string of a URL, or a 2-element tuple of a
unicode string of a URL, plus an asn1crypto.x509.Certificate
object that will be signing the CRL (for indirect CRLs).
:return:
None or an asn1crypto.x509.CRLDistributionPoints object
"""
if value is None:
return None
is_tuple = isinstance(value, tuple)
if not is_tuple and not isinstance(value, str_cls):
raise TypeError(
_pretty_message(
'''
%s must be a unicode string or tuple of (unicode string,
asn1crypto.x509.Certificate), not %s
''', name, _type_name(value)))
issuer = None
if is_tuple:
if len(value) != 2:
raise ValueError(
_pretty_message(
'''
%s must be a unicode string or 2-element tuple, not a
%s-element tuple
''', name, len(value)))
if not isinstance(value[0], str_cls) or not isinstance(
value[1], x509.Certificate):
raise TypeError(
_pretty_message(
'''
%s must be a tuple of (unicode string,
ans1crypto.x509.Certificate), not (%s, %s)
''', name, _type_name(value[0]), _type_name(value[1])))
url = value[0]
issuer = value[1].subject
else:
url = value
general_names = x509.GeneralNames(
[x509.GeneralName(name='uniform_resource_identifier', value=url)])
distribution_point_name = x509.DistributionPointName(
name='full_name', value=general_names)
distribution_point = x509.DistributionPoint(
{'distribution_point': distribution_point_name})
if issuer:
distribution_point['crl_issuer'] = x509.GeneralNames(
[x509.GeneralName(name='directory_name', value=issuer)])
return x509.CRLDistributionPoints([distribution_point])