Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / d44f9a6cb848c4dd6cc0724df5e5f5e4607a857a / . / src / cryptography / x509.py
blob: 7f3ace4886522ea2668a915b077e3161c9b34270 [file] [log] [blame]
Paul Kehrer016e08a2014-11-26 09:41:18 -1000[diff] [blame]1# This file is dual licensed under the terms of the Apache License, Version
2# 2.0, and the BSD License. See the LICENSE file in the root of this repository
3# for complete details.
4
5from __future__ import absolute_import, division, print_function
6
Paul Kehrerb2de9482014-12-11 14:54:48 -0600[diff] [blame]7import abc
Paul Kehrer016e08a2014-11-26 09:41:18 -1000[diff] [blame]8from enum import Enum
9
Paul Kehrerb2de9482014-12-11 14:54:48 -0600[diff] [blame]10import six
11
Paul Kehrer912d3fb2015-01-29 11:19:22 -0600[diff] [blame]12from cryptography import utils
13
Paul Kehrer016e08a2014-11-26 09:41:18 -1000[diff] [blame]14
Paul Kehrer806bfb22015-02-02 17:05:24 -0600[diff] [blame]15_OID_NAMES = {
16 "2.5.4.3": "commonName",
17 "2.5.4.6": "countryName",
18 "2.5.4.7": "localityName",
19 "2.5.4.8": "stateOrProvinceName",
20 "2.5.4.10": "organizationName",
21 "2.5.4.11": "organizationalUnitName",
22 "2.5.4.5": "serialNumber",
23 "2.5.4.4": "surname",
24 "2.5.4.42": "givenName",
25 "2.5.4.12": "title",
26 "2.5.4.44": "generationQualifier",
27 "2.5.4.46": "dnQualifier",
28 "2.5.4.65": "pseudonym",
29 "0.9.2342.19200300.100.1.25": "domainComponent",
30 "1.2.840.113549.1.9.1": "emailAddress",
31}
32
33
Paul Kehrere76cd272014-12-14 19:00:51 -0600[diff] [blame]34class Version(Enum):
Paul Kehrer016e08a2014-11-26 09:41:18 -1000[diff] [blame]35 v1 = 0
36 v3 = 2
37
38
Paul Kehrer016e08a2014-11-26 09:41:18 -1000[diff] [blame]39def load_pem_x509_certificate(data, backend):
40 return backend.load_pem_x509_certificate(data)
41
42
Paul Kehrer016e08a2014-11-26 09:41:18 -1000[diff] [blame]43def load_der_x509_certificate(data, backend):
44 return backend.load_der_x509_certificate(data)
Paul Kehrera68fd332014-11-27 07:08:40 -1000[diff] [blame]45
46
Paul Kehrere76cd272014-12-14 19:00:51 -0600[diff] [blame]47class InvalidVersion(Exception):
Paul Kehrerd5cccf72014-12-15 17:20:33 -0600[diff] [blame]48 def __init__(self, msg, parsed_version):
49 super(InvalidVersion, self).__init__(msg)
50 self.parsed_version = parsed_version
Paul Kehrerb2de9482014-12-11 14:54:48 -0600[diff] [blame]51
52
Paul Kehrer806bfb22015-02-02 17:05:24 -0600[diff] [blame]53class NameAttribute(object):
Paul Kehrer912d3fb2015-01-29 11:19:22 -0600[diff] [blame]54 def __init__(self, oid, value):
55 if not isinstance(oid, ObjectIdentifier):
56 raise TypeError("oid argument must be an ObjectIdentifier object")
57
58 self._oid = oid
59 self._value = value
60
61 oid = utils.read_only_property("_oid")
62 value = utils.read_only_property("_value")
63
64 def __eq__(self, other):
Paul Kehrer806bfb22015-02-02 17:05:24 -0600[diff] [blame]65 if not isinstance(other, NameAttribute):
Paul Kehrer912d3fb2015-01-29 11:19:22 -0600[diff] [blame]66 return NotImplemented
67
68 return (
69 self.oid == other.oid and
70 self.value == other.value
71 )
72
73 def __ne__(self, other):
74 return not self == other
75
76
77class ObjectIdentifier(object):
Paul Kehrerd44f9a62015-02-04 14:47:34 -0600[diff] [blame^]78 def __init__(self, dotted_string):
79 self._dotted_string = dotted_string
Paul Kehrer912d3fb2015-01-29 11:19:22 -0600[diff] [blame]80
81 def __eq__(self, other):
82 if not isinstance(other, ObjectIdentifier):
83 return NotImplemented
84
Paul Kehrerd44f9a62015-02-04 14:47:34 -0600[diff] [blame^]85 return self._dotted_string == other._dotted_string
Paul Kehrer912d3fb2015-01-29 11:19:22 -0600[diff] [blame]86
87 def __ne__(self, other):
88 return not self == other
89
90 def __repr__(self):
91 return "<ObjectIdentifier(oid={0}, name={1})>".format(
Paul Kehrerd44f9a62015-02-04 14:47:34 -0600[diff] [blame^]92 self._dotted_string,
93 _OID_NAMES.get(self._dotted_string, "Unknown OID")
Paul Kehrer912d3fb2015-01-29 11:19:22 -0600[diff] [blame]94 )
95
Paul Kehrerd44f9a62015-02-04 14:47:34 -0600[diff] [blame^]96 dotted_string = utils.read_only_property("_dotted_string")
Paul Kehrer912d3fb2015-01-29 11:19:22 -0600[diff] [blame]97
98
Paul Kehrer806bfb22015-02-02 17:05:24 -0600[diff] [blame]99OID_COMMON_NAME = ObjectIdentifier("2.5.4.3")
100OID_COUNTRY_NAME = ObjectIdentifier("2.5.4.6")
101OID_LOCALITY_NAME = ObjectIdentifier("2.5.4.7")
102OID_STATE_OR_PROVINCE_NAME = ObjectIdentifier("2.5.4.8")
103OID_ORGANIZATION_NAME = ObjectIdentifier("2.5.4.10")
104OID_ORGANIZATIONAL_UNIT_NAME = ObjectIdentifier("2.5.4.11")
105OID_SERIAL_NUMBER = ObjectIdentifier("2.5.4.5")
106OID_SURNAME = ObjectIdentifier("2.5.4.4")
107OID_GIVEN_NAME = ObjectIdentifier("2.5.4.42")
108OID_TITLE = ObjectIdentifier("2.5.4.12")
109OID_GENERATION_QUALIFIER = ObjectIdentifier("2.5.4.44")
110OID_DN_QUALIFIER = ObjectIdentifier("2.5.4.46")
111OID_PSEUDONYM = ObjectIdentifier("2.5.4.65")
112OID_DOMAIN_COMPONENT = ObjectIdentifier("0.9.2342.19200300.100.1.25")
113OID_EMAIL_ADDRESS = ObjectIdentifier("1.2.840.113549.1.9.1")
Paul Kehrer912d3fb2015-01-29 11:19:22 -0600[diff] [blame]114
115
Paul Kehrerb2de9482014-12-11 14:54:48 -0600[diff] [blame]116@six.add_metaclass(abc.ABCMeta)
Paul Kehrere76cd272014-12-14 19:00:51 -0600[diff] [blame]117class Certificate(object):
Paul Kehrerb2de9482014-12-11 14:54:48 -0600[diff] [blame]118 @abc.abstractmethod
119 def fingerprint(self, algorithm):
120 """
121 Returns bytes using digest passed.
122 """
123
124 @abc.abstractproperty
125 def serial(self):
126 """
127 Returns certificate serial number
128 """
129
130 @abc.abstractproperty
131 def version(self):
132 """
133 Returns the certificate version
134 """
135
136 @abc.abstractmethod
137 def public_key(self):
138 """
139 Returns the public key
140 """
141
142 @abc.abstractproperty
143 def not_valid_before(self):
144 """
145 Not before time (represented as UTC datetime)
146 """
147
148 @abc.abstractproperty
149 def not_valid_after(self):
150 """
151 Not after time (represented as UTC datetime)
152 """