def User_Supplied_Extension_Default(root, PolicySet, ExtOID): javaclass = "userExtensionDefaultImpl" result = common.check_policy(PolicySet, javaclass) if result is False: # Get Policy ID pvalue = get_policyId(PolicySet) # Description s1 = "This default populates a User-Supplied Extension (%s) to the request.", ExtOID # Policy Value Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue) # Policy Definition Policy_definition = etree.SubElement( Policy_Value, "def", id="User Supplied Extension Default", classid="userExtensionDefaultImpl" ) Policy_description = etree.SubElement(Policy_definition, "description").text = s1 # Policy Attributes User_Supplied_Extension_Default_attributes = [("userExtOID", "string", "readonly", "Object Identifier", "NULL")] # Policy Params User_Supplied_Extension_Default_params = [("userExtOID", ExtOID)] common.policy_parameters(Policy_definition, User_Supplied_Extension_Default_params) # No Constraint constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass) userExtOID_param = Policy_Value.find('./def/params[@name="userExtOID"]/value') userExtOID_param.text = ExtOID
def Netscape_Certificate_Type_Extension_Default(root, PolicySet, extlist): javaclass = "nsCertTypeExtDefaultImpl" result = common.check_policy(PolicySet, javaclass) if result is False: # Get Policy ID pvalue = get_policyId(PolicySet) # Description Netscape_Certificate_Type_Extension_Default_description = ( "This default populates a Netscape Certificate Type Extension" ) # Policy Value Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue) # Policy Definition Policy_definition = etree.SubElement( Policy_Value, "def", id="Netscape Certificate Type Extension Default", classId="nsCertTypeExtDefaultImpl" ) Policy_description = etree.SubElement( Policy_definition, "description" ).text = Netscape_Certificate_Type_Extension_Default_description # Policy Attributes Netscape_Certificate_Type_Extension_Default_attributes = [ ("nsCertCritical", "boolean", "NULL", "Criticality", "false"), ("nsCertSSLClient", "boolean", "NULL", "SSL Client", "false"), ("nsCertSSLServer", "boolean", "NULL", "SSL Server", "false"), ("nsCertEmail", "boolean", "NULL", "Email", "false"), ("nsCertObjectSigning", "boolean", "NULL", "Object Signing", "false"), ("nsCertSSLCA", "boolean", "NULL", "SSL CA", "false"), ("nsCertEmailCA", "boolean", "NULL", "Email CA", "false"), ("nsCertObjectSigningCA", "boolean", "NULL", "Object Signing CA", "false"), ] # Policy Parameters Netscape_Certificate_Type_Extension_Default_params = [ ("nsCertCritical", common.check_ext_key_usage(extlist, "nsCertCritical")), ("nsCertSSLClient", common.check_ext_key_usage(extlist, "nsCertSSLClient")), ("nsCertSSLServer", common.check_ext_key_usage(extlist, "nsCertSSLServer")), ("nsCertEmail", common.check_ext_key_usage(extlist, "nsCertEmail")), ("nsCertObjectSigning", common.check_ext_key_usage(extlist, "nsCertObjectSigning")), ("nsCertSSLCA", common.check_ext_key_usage(extlist, "nsCertSSLCA")), ("nsCertEmailCA", common.check_ext_key_usage(extlist, "nsCertEmailCA")), ("nsCertObjectSigningCA", common.check_ext_key_usage(extlist, "nsCertObjectSigningCA")), ] common.policy_parameters(Policy_definition, Netscape_Certificate_Type_Extension_Default_params) # Constraints constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass) for v in extlist: result = Policy_Value.find('./def/params[@name="%s"]' % v) result[0].text = "true"
def Subject_Alt_Name_Constraint(root, PolicySet, altType, altPattern): javaclass = 'subjectAltNameExtDefaultImpl' result = common.check_policy(PolicySet, javaclass) if result is False: #Get Policy ID pvalue = get_policyId(PolicySet) #Description s1 = 'This default populates a Subject Alternative Name Extension (2.5.29.17) to the request.' s2 = 'The default values are Criticality=false, Record #0{Pattern:$request.requestor_email$,Pattern Type:RFC822Name,Enable:true}' Subject_Alt_Name_Constraint_description = s1 + s2 # Policy Value Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue) # Policy Definition Policy_definition = etree.SubElement( Policy_Value, 'def', id='Subject Alt Name Constraint', classId='subjectAltNameExtDefaultImpl') Policy_description = etree.SubElement( Policy_definition, 'description').text = Subject_Alt_Name_Constraint_description # Policy Attributes Subject_Alt_Name_Constraint_attributes = [ ('subjAltNameExtCritical', 'boolean', 'NULL', 'Criticality', 'false'), ('subjAltNames', 'string_list', 'NULL', 'General Names', 'NULL') ] common.policy_attributes(Policy_definition, Subject_Alt_Name_Constraint_attributes) # Policy Parameters Subject_Alt_Name_Constraint_params = [ ('subjAltNameExtCritical', 'false'), ('subjAltNameNumGNs', '1'), ('subjAltExtType_0', altType), ('subjAltExtPattern_0', altPattern), ('subjAltExtGNEnable_0', 'true') ] common.policy_parameters(Policy_definition, Subject_Alt_Name_Constraint_params) # constraints constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass) subjAltExtType_0_param = Policy_Value.find( './def/params[@name="subjAltExtType_0"]/value') subjAltExtType_0_param.text = altType subjAltExtPattern_0_param = Policy_Value.find( './def/params[@name="subjAltExtPattern_0"]/value') subjAltExtPattern_0_param.text = altPattern
def crl_Distribution_Points_Ext_Default(root, PolicySet, crlurl): javaclass = 'crlDistributionPointsExtDefaultImpl' result = common.check_policy(PolicySet, javaclass) if result is False: #Get Policy ID pvalue = get_policyId(PolicySet) #Description s1 = 'This default populates a CRL Distribution Points Extension (2.5.29.31) to the request' s2 = 'The default values are Criticality=false, Record #0{Point Type:URIName,Point Name:http://localhost.localdomain:9180/ca/ee/ca/getCRL' s3 = '?crlIssuingPoint=MasterCRL&op=getCRL&crlDisplayType=cachedCRL&submit=Submit,Reasons:,Issuer Type' s4 = ':,Issuer Name:,Enable:true}' clrDistribution_Point_Name = 'http://localhost.localdomain:9180/ca/ee/ca/getCRL?crlIssuingPoint=MasterCRL&op=getCRL&crlDisplayType=cachedCRL&submit=Submit' # Policy Value Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue) Policy_definition = etree.SubElement( Policy_Value, 'def', id='crlDistributionPointsExtDefaultImpl', classId='crlDistributionPointsExtDefaultImpl') Policy_description = etree.SubElement( Policy_definition, 'description').text = s1 + s2 + s3 + s4 # Policy Attributes crl_Distribution_Points_Ext_Default_attributes = [ ('crlDistPointsCritical', 'boolean', 'NULL', 'Criticality', 'false'), ('crlDistPointsValue', 'string_list', 'NULL', 'CRL Distribution Points', 'NULL') ] # Params crl_Distribution_Points_Ext_Default_params = [ ('crlDistPointsNum', '1'), ('crlDistPointsPointType_0', 'URIName'), ('crlDistPointsPointName_0', crlurl), ('crlDistPointsReasons_0', 'NULL'), ('crlDistPointsIssuerType_0', 'NULL'), ('crlDistPointsIssuerName_0', 'NULL'), ('crlDistPointsEnable_0', 'true') ] common.policy_parameters(Policy_definition, crl_Distribution_Points_Ext_Default_params) #No Constraint constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass) crlDistPointsPointName_value = Policy_Value.find( './def/params[@name="crlDistPointsPointName_0"]/value') crlDistPointsPointName_value[0].text = crlurl
def AIA_Extension_Default(root, PolicySet): ''' This Function defines AIA Extension Default Policy ''' javaclass = 'authInfoAccessExtDefaultImpl' result = common.check_policy(PolicySet, javaclass) if result is False: #Get Policy ID pvalue = get_policyId(PolicySet) s1 = 'This default populates a Authority Info Access Extension (1.3.6.1.5.5.7.1.1) to the request. ' s2 = 'The default values are Criticality=false,Record #0{Method:1.3.6.1.5.5.7.48.1,Location Type:URIName,Location:,Enable:true}' AIA_Extension_description = s1 + s2 # Policy Value Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue) # Policy Definition Policy_definition = etree.SubElement( Policy_Value, 'def', id='AIA Extension Default', classId='authInfoAccessExtDefaultImpl') Policy_description = etree.SubElement( Policy_definition, 'description').text = AIA_Extension_description # Policy Attributes AIA_Extension_Default_attributes = [ ('authInfoAccessCritical', 'boolean', 'NULL', 'Criticality', 'false'), ('authInfoAccessGeneralNames', 'string_list', 'NULL', 'General Names', 'NULL') ] common.policy_attributes(Policy_definition, AIA_Extension_Default_attributes) # Policy Parameters AIA_Extension_Default_params = [ ('authInfoAccessCritical', 'false'), ('authInfoAccessNumADs', '1'), ('authInfoAccessADMethod_0', '1.3.6.1.5.5.7.48.1'), ('authInfoAccessADLocationType_0', 'URIName'), ('authInfoAccessADLocation_0', ''), ('authInfoAccessADEnable_0', 'true') ] common.policy_parameters(Policy_definition, AIA_Extension_Default_params) # Constraint constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def Subject_Alt_Name_Constraint(root, PolicySet, altType, altPattern): javaclass = "subjectAltNameExtDefaultImpl" result = common.check_policy(PolicySet, javaclass) if result is False: # Get Policy ID pvalue = get_policyId(PolicySet) # Description s1 = "This default populates a Subject Alternative Name Extension (2.5.29.17) to the request." s2 = "The default values are Criticality=false, Record #0{Pattern:$request.requestor_email$,Pattern Type:RFC822Name,Enable:true}" Subject_Alt_Name_Constraint_description = s1 + s2 # Policy Value Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue) # Policy Definition Policy_definition = etree.SubElement( Policy_Value, "def", id="Subject Alt Name Constraint", classId="subjectAltNameExtDefaultImpl" ) Policy_description = etree.SubElement( Policy_definition, "description" ).text = Subject_Alt_Name_Constraint_description # Policy Attributes Subject_Alt_Name_Constraint_attributes = [ ("subjAltNameExtCritical", "boolean", "NULL", "Criticality", "false"), ("subjAltNames", "string_list", "NULL", "General Names", "NULL"), ] common.policy_attributes(Policy_definition, Subject_Alt_Name_Constraint_attributes) # Policy Parameters Subject_Alt_Name_Constraint_params = [ ("subjAltNameExtCritical", "false"), ("subjAltNameNumGNs", "1"), ("subjAltExtType_0", altType), ("subjAltExtPattern_0", altPattern), ("subjAltExtGNEnable_0", "true"), ] common.policy_parameters(Policy_definition, Subject_Alt_Name_Constraint_params) # constraints constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass) subjAltExtType_0_param = Policy_Value.find('./def/params[@name="subjAltExtType_0"]/value') subjAltExtType_0_param.text = altType subjAltExtPattern_0_param = Policy_Value.find('./def/params[@name="subjAltExtPattern_0"]/value') subjAltExtPattern_0_param.text = altPattern
def Extended_Key_Usage_Extension_Default(root, PolicySet): javaclass = 'extendedKeyUsageExtDefaultImpl' result = common.check_policy(PolicySet, javaclass) if result is False: #Get Policy ID pvalue = get_policyId(PolicySet) #Description s1 = 'This default populates an Extended Key Usage Extension () to the request.' s2 = 'The default values are Criticality=false, OIDs=1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4' Extended_Key_Usage_Extension_Default_Description = s1 + s2 # policy Value Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue) # Policy Definition Policy_definition = etree.SubElement( Policy_Value, 'def', id='Extended Key Usage Extension Default', classId='extendedKeyUsageExtDefaultImpl') Policy_description = etree.SubElement( Policy_definition, 'description' ).text = Extended_Key_Usage_Extension_Default_Description # Policy Attributes Extended_Key_Usage_Extension_Default_attributes = [ ('exKeyUsageCritical', 'boolean', 'NULL', 'Criticality', 'false'), ('exKeyUsageOIDs', 'string_list', 'NULL', 'Comma-Separated list of Object Identifiers', 'false') ] common.policy_attributes( Policy_definition, Extended_Key_Usage_Extension_Default_attributes) # Policy Parameters Extended_Key_Usage_Extension_Default_params = [ ('exKeyUsageCritical', 'false'), ('exKeyUsageOIDs', '1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4') ] common.policy_parameters(Policy_definition, Extended_Key_Usage_Extension_Default_params) # Constraint constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def crl_Distribution_Points_Ext_Default(root, PolicySet, crlurl): javaclass = "crlDistributionPointsExtDefaultImpl" result = common.check_policy(PolicySet, javaclass) if result is False: # Get Policy ID pvalue = get_policyId(PolicySet) # Description s1 = "This default populates a CRL Distribution Points Extension (2.5.29.31) to the request" s2 = "The default values are Criticality=false, Record #0{Point Type:URIName,Point Name:http://localhost.localdomain:9180/ca/ee/ca/getCRL" s3 = "?crlIssuingPoint=MasterCRL&op=getCRL&crlDisplayType=cachedCRL&submit=Submit,Reasons:,Issuer Type" s4 = ":,Issuer Name:,Enable:true}" clrDistribution_Point_Name = "http://localhost.localdomain:9180/ca/ee/ca/getCRL?crlIssuingPoint=MasterCRL&op=getCRL&crlDisplayType=cachedCRL&submit=Submit" # Policy Value Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue) Policy_definition = etree.SubElement( Policy_Value, "def", id="crlDistributionPointsExtDefaultImpl", classId="crlDistributionPointsExtDefaultImpl" ) Policy_description = etree.SubElement(Policy_definition, "description").text = s1 + s2 + s3 + s4 # Policy Attributes crl_Distribution_Points_Ext_Default_attributes = [ ("crlDistPointsCritical", "boolean", "NULL", "Criticality", "false"), ("crlDistPointsValue", "string_list", "NULL", "CRL Distribution Points", "NULL"), ] # Params crl_Distribution_Points_Ext_Default_params = [ ("crlDistPointsNum", "1"), ("crlDistPointsPointType_0", "URIName"), ("crlDistPointsPointName_0", crlurl), ("crlDistPointsReasons_0", "NULL"), ("crlDistPointsIssuerType_0", "NULL"), ("crlDistPointsIssuerName_0", "NULL"), ("crlDistPointsEnable_0", "true"), ] common.policy_parameters(Policy_definition, crl_Distribution_Points_Ext_Default_params) # No Constraint constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass) crlDistPointsPointName_value = Policy_Value.find('./def/params[@name="crlDistPointsPointName_0"]/value') crlDistPointsPointName_value[0].text = crlurl
def AIA_Extension_Default(root, PolicySet): """ This Function defines AIA Extension Default Policy """ javaclass = "authInfoAccessExtDefaultImpl" result = common.check_policy(PolicySet, javaclass) if result is False: # Get Policy ID pvalue = get_policyId(PolicySet) s1 = "This default populates a Authority Info Access Extension (1.3.6.1.5.5.7.1.1) to the request. " s2 = "The default values are Criticality=false,Record #0{Method:1.3.6.1.5.5.7.48.1,Location Type:URIName,Location:,Enable:true}" AIA_Extension_description = s1 + s2 # Policy Value Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue) # Policy Definition Policy_definition = etree.SubElement( Policy_Value, "def", id="AIA Extension Default", classId="authInfoAccessExtDefaultImpl" ) Policy_description = etree.SubElement(Policy_definition, "description").text = AIA_Extension_description # Policy Attributes AIA_Extension_Default_attributes = [ ("authInfoAccessCritical", "boolean", "NULL", "Criticality", "false"), ("authInfoAccessGeneralNames", "string_list", "NULL", "General Names", "NULL"), ] common.policy_attributes(Policy_definition, AIA_Extension_Default_attributes) # Policy Parameters AIA_Extension_Default_params = [ ("authInfoAccessCritical", "false"), ("authInfoAccessNumADs", "1"), ("authInfoAccessADMethod_0", "1.3.6.1.5.5.7.48.1"), ("authInfoAccessADLocationType_0", "URIName"), ("authInfoAccessADLocation_0", ""), ("authInfoAccessADEnable_0", "true"), ] common.policy_parameters(Policy_definition, AIA_Extension_Default_params) # Constraint constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def Extended_Key_Usage_Extension_Default(root, PolicySet): javaclass = "extendedKeyUsageExtDefaultImpl" result = common.check_policy(PolicySet, javaclass) if result is False: # Get Policy ID pvalue = get_policyId(PolicySet) # Description s1 = "This default populates an Extended Key Usage Extension () to the request." s2 = "The default values are Criticality=false, OIDs=1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4" Extended_Key_Usage_Extension_Default_Description = s1 + s2 # policy Value Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue) # Policy Definition Policy_definition = etree.SubElement( Policy_Value, "def", id="Extended Key Usage Extension Default", classId="extendedKeyUsageExtDefaultImpl" ) Policy_description = etree.SubElement( Policy_definition, "description" ).text = Extended_Key_Usage_Extension_Default_Description # Policy Attributes Extended_Key_Usage_Extension_Default_attributes = [ ("exKeyUsageCritical", "boolean", "NULL", "Criticality", "false"), ("exKeyUsageOIDs", "string_list", "NULL", "Comma-Separated list of Object Identifiers", "false"), ] common.policy_attributes(Policy_definition, Extended_Key_Usage_Extension_Default_attributes) # Policy Parameters Extended_Key_Usage_Extension_Default_params = [ ("exKeyUsageCritical", "false"), ("exKeyUsageOIDs", "1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4"), ] common.policy_parameters(Policy_definition, Extended_Key_Usage_Extension_Default_params) # Constraint constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def Generic_Extension(root, PolicySet): javaclass = 'genericExtDefaultImpl' result = common.check_policy(PolicySet, javaclass) if result is False: #Get Policy ID pvalue = get_policyId(PolicySet) #Description s1 = 'This default populates a Generic Extension to the request. The default values are Criticality=, OID=1.2.840.113549.1.9.15,' s2 = ' OID=1.2.840.113549.1.9.15, Value=' s3 = '3067300B06092A864886F70D010105300B06092A864886F70D01010B300B06092A864886F70D01010C300B06092A864886F70D01010D300A06082A864886F70D0307300B0609608648016503040102300B060960864801650304012A300B06092A864886F70D010101' Generic_Extension_description = s1 + s2 + s3 # Policy Value Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue) # Policy Definition Policy_definition = etree.SubElement(Policy_Value, 'def', id='Generic Extension', classId='genericExtDefaultImpl') Policy_description = etree.SubElement( Policy_definition, 'description').text = Generic_Extension_description # Policy Attributes Generic_Extension_attributes = [('genericExtCritical', 'boolean', 'NULL', 'Criticality', 'false'), ('genericExtData', 'string_list', 'NULL', 'Extension Value', 'NULL')] # Policy Parameters Generic_Extension_params = [('genericExtCritical', ''), ('genericExtOID', '1.2.840.113549.1.9.15'), ('genericExtData', s3)] common.policy_parameters(Policy_definition, Generic_Extension_params) # Constraints constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def Subject_Key_Identifier_Extension_Default(root, PolicySet): """ This function defines Subject Key Identifier Extension Default Policy """ javaclass = "subjectKeyIdentifierExtDefaultImpl" result = common.check_policy(PolicySet, javaclass) if result is False: # Get Policy ID pvalue = get_policyId(PolicySet) # Description Subject_Key_Identifier_Extension_Default_description = ( "This default populates a Subject Key Identifier Extension (2.5.29.14) to the request." ) # Policy Value Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue) # Policy Definition Policy_definition = etree.SubElement( Policy_Value, "def", id="Subject Key Identifier Extension Default", classId="subjectKeyIdentifierExtDefaultImpl", ) Policy_description = etree.SubElement( Policy_definition, "description" ).text = Subject_Key_Identifier_Extension_Default_description # Policy Attributes Subject_Key_Identifier_Extension_Default_attributes = [ ("critical", "string", "readonly", "Criticality", "NULL"), ("keyid", "string", "readonly", "Key ID", "NULL"), ] common.policy_attributes(Policy_definition, Subject_Key_Identifier_Extension_Default_attributes) # Policy Parameters # None # Constraint Definition constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def Subject_Key_Identifier_Extension_Default(root, PolicySet): ''' This function defines Subject Key Identifier Extension Default Policy ''' javaclass = 'subjectKeyIdentifierExtDefaultImpl' result = common.check_policy(PolicySet, javaclass) if result is False: # Get Policy ID pvalue = get_policyId(PolicySet) # Description Subject_Key_Identifier_Extension_Default_description = 'This default populates a Subject Key Identifier Extension (2.5.29.14) to the request.' # Policy Value Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue) # Policy Definition Policy_definition = etree.SubElement( Policy_Value, 'def', id='Subject Key Identifier Extension Default', classId='subjectKeyIdentifierExtDefaultImpl') Policy_description = etree.SubElement( Policy_definition, 'description' ).text = Subject_Key_Identifier_Extension_Default_description # Policy Attributes Subject_Key_Identifier_Extension_Default_attributes = [ ('critical', 'string', 'readonly', 'Criticality', 'NULL'), ('keyid', 'string', 'readonly', 'Key ID', 'NULL') ] common.policy_attributes( Policy_definition, Subject_Key_Identifier_Extension_Default_attributes) # Policy Parameters # None # Constraint Definition constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def User_Supplied_Extension_Default(root, PolicySet, ExtOID): javaclass = 'userExtensionDefaultImpl' result = common.check_policy(PolicySet, javaclass) if result is False: # Get Policy ID pvalue = get_policyId(PolicySet) # Description s1 = 'This default populates a User-Supplied Extension (%s) to the request.', ExtOID # Policy Value Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue) # Policy Definition Policy_definition = etree.SubElement( Policy_Value, 'def', id='User Supplied Extension Default', classid='userExtensionDefaultImpl') Policy_description = etree.SubElement(Policy_definition, 'description').text = s1 # Policy Attributes User_Supplied_Extension_Default_attributes = [ ('userExtOID', 'string', 'readonly', 'Object Identifier', 'NULL') ] # Policy Params User_Supplied_Extension_Default_params = [('userExtOID', ExtOID)] common.policy_parameters(Policy_definition, User_Supplied_Extension_Default_params) # No Constraint constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass) userExtOID_param = Policy_Value.find( './def/params[@name="userExtOID"]/value') userExtOID_param.text = ExtOID
def Generic_Extension(root, PolicySet): javaclass = "genericExtDefaultImpl" result = common.check_policy(PolicySet, javaclass) if result is False: # Get Policy ID pvalue = get_policyId(PolicySet) # Description s1 = "This default populates a Generic Extension to the request. The default values are Criticality=, OID=1.2.840.113549.1.9.15," s2 = " OID=1.2.840.113549.1.9.15, Value=" s3 = "3067300B06092A864886F70D010105300B06092A864886F70D01010B300B06092A864886F70D01010C300B06092A864886F70D01010D300A06082A864886F70D0307300B0609608648016503040102300B060960864801650304012A300B06092A864886F70D010101" Generic_Extension_description = s1 + s2 + s3 # Policy Value Policy_Value = etree.SubElement(PolicySet, "value", id=pvalue) # Policy Definition Policy_definition = etree.SubElement( Policy_Value, "def", id="Generic Extension", classId="genericExtDefaultImpl" ) Policy_description = etree.SubElement(Policy_definition, "description").text = Generic_Extension_description # Policy Attributes Generic_Extension_attributes = [ ("genericExtCritical", "boolean", "NULL", "Criticality", "false"), ("genericExtData", "string_list", "NULL", "Extension Value", "NULL"), ] # Policy Parameters Generic_Extension_params = [ ("genericExtCritical", ""), ("genericExtOID", "1.2.840.113549.1.9.15"), ("genericExtData", s3), ] common.policy_parameters(Policy_definition, Generic_Extension_params) # Constraints constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass)
def Netscape_Certificate_Type_Extension_Default(root, PolicySet, extlist): javaclass = 'nsCertTypeExtDefaultImpl' result = common.check_policy(PolicySet, javaclass) if result is False: #Get Policy ID pvalue = get_policyId(PolicySet) # Description Netscape_Certificate_Type_Extension_Default_description = 'This default populates a Netscape Certificate Type Extension' # Policy Value Policy_Value = etree.SubElement(PolicySet, 'value', id=pvalue) # Policy Definition Policy_definition = etree.SubElement( Policy_Value, 'def', id='Netscape Certificate Type Extension Default', classId='nsCertTypeExtDefaultImpl') Policy_description = etree.SubElement( Policy_definition, 'description' ).text = Netscape_Certificate_Type_Extension_Default_description # Policy Attributes Netscape_Certificate_Type_Extension_Default_attributes = [ ('nsCertCritical', 'boolean', 'NULL', 'Criticality', 'false'), ('nsCertSSLClient', 'boolean', 'NULL', 'SSL Client', 'false'), ('nsCertSSLServer', 'boolean', 'NULL', 'SSL Server', 'false'), ('nsCertEmail', 'boolean', 'NULL', 'Email', 'false'), ('nsCertObjectSigning', 'boolean', 'NULL', 'Object Signing', 'false'), ('nsCertSSLCA', 'boolean', 'NULL', 'SSL CA', 'false'), ('nsCertEmailCA', 'boolean', 'NULL', 'Email CA', 'false'), ('nsCertObjectSigningCA', 'boolean', 'NULL', 'Object Signing CA', 'false') ] # Policy Parameters Netscape_Certificate_Type_Extension_Default_params = [ ('nsCertCritical', common.check_ext_key_usage(extlist, 'nsCertCritical')), ('nsCertSSLClient', common.check_ext_key_usage(extlist, 'nsCertSSLClient')), ('nsCertSSLServer', common.check_ext_key_usage(extlist, 'nsCertSSLServer')), ('nsCertEmail', common.check_ext_key_usage(extlist, 'nsCertEmail')), ('nsCertObjectSigning', common.check_ext_key_usage(extlist, 'nsCertObjectSigning')), ('nsCertSSLCA', common.check_ext_key_usage(extlist, 'nsCertSSLCA')), ('nsCertEmailCA', common.check_ext_key_usage(extlist, 'nsCertEmailCA')), ('nsCertObjectSigningCA', common.check_ext_key_usage(extlist, 'nsCertObjectSigningCA')) ] common.policy_parameters( Policy_definition, Netscape_Certificate_Type_Extension_Default_params) # Constraints constraints.noConstraintImpl(Policy_Value) else: Policy_Value = common.get_Element_PolicyValue(PolicySet, javaclass) for v in extlist: result = Policy_Value.find("./def/params[@name=\"%s\"]" % v) result[0].text = 'true'