Exemple #1
0
 def addNameConstraints(self, constraints, critical):
     nameConstraints = rfc2459.NameConstraints()
     if constraints.startswith('permitted:'):
         (subtreesType, subtreesTag) = ('permittedSubtrees', 0)
     elif constraints.startswith('excluded:'):
         (subtreesType, subtreesTag) = ('excludedSubtrees', 1)
     else:
         raise UnknownNameConstraintsSpecificationError(constraints)
     generalSubtrees = rfc2459.GeneralSubtrees().subtype(
         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed,
                             subtreesTag))
     subtrees = constraints[(constraints.find(':') + 1):]
     for pos, name in enumerate(subtrees.split(',')):
         generalName = rfc2459.GeneralName()
         if '/' in name:
             directoryName = stringToDN(
                 name, tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))
             generalName['directoryName'] = directoryName
         else:
             generalName['dNSName'] = name
         generalSubtree = rfc2459.GeneralSubtree()
         generalSubtree['base'] = generalName
         generalSubtrees.setComponentByPosition(pos, generalSubtree)
     nameConstraints[subtreesType] = generalSubtrees
     self.addExtension(rfc2459.id_ce_nameConstraints, nameConstraints,
                       critical)
Exemple #2
0
    def addNameConstraints(self, constraints, critical):
        nameConstraints = rfc2459.NameConstraints()
        subtrees = {'permitted': [], 'excluded': []}
        for constraint in constraints.split(','):
            (subtreeName, nameData) = constraint.split(':')
            if subtreeName not in subtrees.keys():
                raise UnknownNameConstraintsSpecificationError(subtreeName)
            subtree = subtrees[subtreeName]
            subtree.append(nameData)

        for key in subtrees.keys():
            if 'permitted' == key:
                (subtreesType, subtreesTag) = ('permittedSubtrees', 0)
            if 'excluded' == key:
                (subtreesType, subtreesTag) = ('excludedSubtrees', 1)

            generalSubtrees = rfc2459.GeneralSubtrees().subtype(
                implicitTag=tag.Tag(tag.tagClassContext,
                                    tag.tagFormatConstructed, subtreesTag))

            for pos, name in enumerate(subtrees[key]):
                generalName = rfc2459.GeneralName()
                if '/' in name:
                    directoryName = stringToDN(
                        name,
                        tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))
                    generalName['directoryName'] = directoryName
                else:
                    generalName['dNSName'] = name
                generalSubtree = rfc2459.GeneralSubtree()
                generalSubtree['base'] = generalName
                generalSubtrees.setComponentByPosition(pos, generalSubtree)
            nameConstraints[subtreesType] = generalSubtrees
        self.addExtension(rfc2459.id_ce_nameConstraints, nameConstraints,
                          critical)