def __init__(self, policies): '''создане CertificatePolicies :policies: список вида [(OID, [(квалификатор, значение), ...]), ... ] OID - идент-р политики квалификатор - OID значение - произвольная информация в base64 ''' pass val = rfc2459.CertificatePolicies() for (i, (t, v)) in enumerate(policies or []): pol = rfc2459.PolicyInformation() pol.setComponentByPosition(0, rfc2459.CertPolicyId(str(t))) v = v or [] if len(v): sq = univ.SequenceOf(componentType=rfc2459.PolicyQualifierInfo( )).subtype( subtypeSpec=constraint.ValueSizeConstraint(1, rfc2459.MAX)) for n, (ident, qualif) in enumerate(v): pqi = rfc2459.PolicyQualifierInfo() pqi.setComponentByPosition( 0, rfc2459.PolicyQualifierId(str(ident))) pqi.setComponentByPosition(1, univ.OctetString(qualif)) sq.setComponentByPosition(n, pqi) pol.setComponentByPosition(1, sq) val.setComponentByPosition(i, pol) super(CertificatePolicies, self).__init__(rfc2459.id_ce_certificatePolicies, encoder.encode(val))
def addCertificatePolicies(self, policyOID, critical): policies = rfc2459.CertificatePolicies() policy = rfc2459.PolicyInformation() if policyOID == 'any': policyOID = '2.5.29.32.0' policyIdentifier = rfc2459.CertPolicyId(policyOID) policy.setComponentByName('policyIdentifier', policyIdentifier) policies.setComponentByPosition(0, policy) self.addExtension(rfc2459.id_ce_certificatePolicies, policies, critical)
def addCertificatePolicies(self, policyOIDs, critical): policies = rfc2459.CertificatePolicies() for pos, policyOID in enumerate(policyOIDs.split(",")): if policyOID == "any": policyOID = "2.5.29.32.0" policy = rfc2459.PolicyInformation() policyIdentifier = rfc2459.CertPolicyId(policyOID) policy["policyIdentifier"] = policyIdentifier policies.setComponentByPosition(pos, policy) self.addExtension(rfc2459.id_ce_certificatePolicies, policies, critical)