mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-17 15:25:52 +00:00
Bug 1205962 - Address some pylint complaints about pycert.py and pykey.py, r=keeler
Also adds more uses of enumerate() to simplify code. --HG-- extra : amend_source : 758eee481fa2d93f984f090aaa443b3b5756fb1f
This commit is contained in:
Cykesiopka
parent
996f1627b4
commit
2be3b53afa
@ -111,6 +111,7 @@ class NameConstraints(univ.Sequence):
|
||||
class UnknownBaseError(Exception):
|
||||
"""Base class for handling unexpected input in this module."""
|
||||
def __init__(self, value):
|
||||
super(UnknownBaseError, self).__init__()
|
||||
self.value = value
|
||||
self.category = 'input'
|
||||
|
||||
@ -217,7 +218,6 @@ def stringToDN(string, tag=None):
|
||||
if '/' not in string:
|
||||
string = '/CN=%s' % string
|
||||
rdns = rfc2459.RDNSequence()
|
||||
pos = 0
|
||||
pattern = '/(C|ST|L|O|OU|CN|emailAddress)='
|
||||
split = re.split(pattern, string)
|
||||
# split should now be [[encoding], <type>, <value>, <type>, <value>, ...]
|
||||
@ -225,7 +225,7 @@ def stringToDN(string, tag=None):
|
||||
encoding = split[0]
|
||||
else:
|
||||
encoding = 'utf8String'
|
||||
for (nameType, value) in zip(split[1::2], split[2::2]):
|
||||
for pos, (nameType, value) in enumerate(zip(split[1::2], split[2::2])):
|
||||
ava = rfc2459.AttributeTypeAndValue()
|
||||
if nameType == 'C':
|
||||
ava.setComponentByName('type', rfc2459.id_at_countryName)
|
||||
@ -259,7 +259,6 @@ def stringToDN(string, tag=None):
|
||||
rdn = rfc2459.RelativeDistinguishedName()
|
||||
rdn.setComponentByPosition(0, ava)
|
||||
rdns.setComponentByPosition(pos, rdn)
|
||||
pos = pos + 1
|
||||
if tag:
|
||||
name = rfc2459.Name().subtype(implicitTag=tag)
|
||||
else:
|
||||
@ -298,7 +297,7 @@ def datetimeToTime(dt):
|
||||
time.setComponentByName('generalTime', useful.GeneralizedTime(dt.strftime('%Y%m%d%H%M%SZ')))
|
||||
return time
|
||||
|
||||
class Certificate:
|
||||
class Certificate(object):
|
||||
"""Utility class for reading a certificate specification and
|
||||
generating a signed x509 certificate"""
|
||||
|
||||
@ -395,7 +394,7 @@ class Certificate:
|
||||
self.notAfter = self.now + delta
|
||||
|
||||
def decodeExtension(self, extension):
|
||||
match = re.search('([a-zA-Z]+)(\[critical\])?:(.*)', extension)
|
||||
match = re.search(r'([a-zA-Z]+)(\[critical\])?:(.*)', extension)
|
||||
if not match:
|
||||
raise UnknownExtensionTypeError(extension)
|
||||
extensionType = match.group(1)
|
||||
@ -479,23 +478,19 @@ class Certificate:
|
||||
|
||||
def addExtKeyUsage(self, extKeyUsage, critical):
|
||||
extKeyUsageExtension = rfc2459.ExtKeyUsageSyntax()
|
||||
count = 0
|
||||
for keyPurpose in extKeyUsage.split(','):
|
||||
for count, keyPurpose in enumerate(extKeyUsage.split(',')):
|
||||
extKeyUsageExtension.setComponentByPosition(count, self.keyPurposeToOID(keyPurpose))
|
||||
count += 1
|
||||
self.addExtension(rfc2459.id_ce_extKeyUsage, extKeyUsageExtension, critical)
|
||||
|
||||
def addSubjectAlternativeName(self, dNSNames, critical):
|
||||
subjectAlternativeName = rfc2459.SubjectAltName()
|
||||
count = 0
|
||||
for dNSName in dNSNames.split(','):
|
||||
for count, dNSName in enumerate(dNSNames.split(',')):
|
||||
generalName = rfc2459.GeneralName()
|
||||
# The string may have things like '\0' (i.e. a slash
|
||||
# followed by the number zero) that have to be decoded into
|
||||
# the resulting '\x00' (i.e. a byte with value zero).
|
||||
generalName.setComponentByName('dNSName', dNSName.decode(encoding='string_escape'))
|
||||
subjectAlternativeName.setComponentByPosition(count, generalName)
|
||||
count += 1
|
||||
self.addExtension(rfc2459.id_ce_subjectAltName, subjectAlternativeName, critical)
|
||||
|
||||
def addAuthorityInformationAccess(self, ocspURI, critical):
|
||||
@ -525,19 +520,17 @@ class Certificate:
|
||||
generalSubtrees = rfc2459.GeneralSubtrees().subtype(
|
||||
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, subtreesTag))
|
||||
subtrees = constraints[(constraints.find(':') + 1):]
|
||||
pos = 0
|
||||
for name in subtrees.split(','):
|
||||
for pos, name in enumerate(subtrees.split(',')):
|
||||
generalName = rfc2459.GeneralName()
|
||||
if '/' in name:
|
||||
directoryName = stringToDN(name,
|
||||
tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))
|
||||
tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))
|
||||
generalName.setComponentByName('directoryName', directoryName)
|
||||
else:
|
||||
generalName.setComponentByName('dNSName', name)
|
||||
generalSubtree = GeneralSubtree()
|
||||
generalSubtree.setComponentByName('base', generalName)
|
||||
generalSubtrees.setComponentByPosition(pos, generalSubtree)
|
||||
pos = pos + 1
|
||||
nameConstraints.setComponentByName(subtreesType, generalSubtrees)
|
||||
self.addExtension(rfc2459.id_ce_nameConstraints, nameConstraints, critical)
|
||||
|
||||
@ -545,7 +538,7 @@ class Certificate:
|
||||
if certType != 'sslServer':
|
||||
raise UnknownNSCertTypeError(certType)
|
||||
self.addExtension(univ.ObjectIdentifier('2.16.840.1.113730.1.1'), univ.BitString("'01'B"),
|
||||
critical)
|
||||
critical)
|
||||
|
||||
def getVersion(self):
|
||||
return rfc2459.Version(self.versionValue).subtype(
|
||||
@ -586,10 +579,8 @@ class Certificate:
|
||||
if self.extensions:
|
||||
extensions = rfc2459.Extensions().subtype(
|
||||
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))
|
||||
count = 0
|
||||
for extension in self.extensions:
|
||||
for count, extension in enumerate(self.extensions):
|
||||
extensions.setComponentByPosition(count, extension)
|
||||
count += 1
|
||||
tbsCertificate.setComponentByName('extensions', extensions)
|
||||
certificate = rfc2459.Certificate()
|
||||
certificate.setComponentByName('tbsCertificate', tbsCertificate)
|
||||
|
||||
@ -35,7 +35,6 @@ from pyasn1.type import univ, namedtype
|
||||
from pyasn1_modules import rfc2459
|
||||
from ecc import encoding
|
||||
from ecc import Key
|
||||
from ecc.ecdsa import randkey
|
||||
import base64
|
||||
import binascii
|
||||
import mock
|
||||
@ -52,6 +51,7 @@ def byteStringToHexifiedBitString(string):
|
||||
class UnknownBaseError(Exception):
|
||||
"""Base class for handling unexpected input in this module."""
|
||||
def __init__(self, value):
|
||||
super(UnknownBaseError, self).__init__()
|
||||
self.value = value
|
||||
self.category = 'input'
|
||||
|
||||
@ -105,7 +105,7 @@ class PrivateKeyInfo(univ.Sequence):
|
||||
)
|
||||
|
||||
|
||||
class RSAKey:
|
||||
class RSAKey(object):
|
||||
# For reference, when encoded as a subject public key info, the
|
||||
# base64-encoded sha-256 hash of this key is
|
||||
# VCIlmPM9NkgFQtrs4Oa5TeFcDu6MWRTKSNdePEhOgD8=
|
||||
@ -290,7 +290,7 @@ class RSAKey:
|
||||
'f24aef4ed6f149f94d96c9f7d78e647fc778a9017ff208d3b4a1768b1821'
|
||||
'62102cdab032fabbab38d5200a324649', 16)
|
||||
evRSA2040_P = long(
|
||||
'0f3844d0d4d4d6a21acd76a6fc370b8550e1d7ec5a6234172e790f0029ae'
|
||||
'0f3844d0d4d4d6a21acd76a6fc370b8550e1d7ec5a6234172e790f0029ae'
|
||||
'651f6d5c59330ab19802b9d7a207de7a1fb778e3774fdbdc411750633d8d'
|
||||
'1b3fe075006ffcfd1d10e763c7a9227d2d5f0c2dade1c9e659c350a159d3'
|
||||
'6bb986f12636d4f9942b288bc0fe21da8799477173144249ca2e389e6c5c'
|
||||
@ -590,7 +590,7 @@ def longToEvenLengthHexString(val):
|
||||
def notRandom(n):
|
||||
return n * '\x04'
|
||||
|
||||
class ECCKey:
|
||||
class ECCKey(object):
|
||||
secp256k1Encoded = str('08fd87b04fba98090100004035ee7c7289d8fef7a8'
|
||||
'6afe5da66d8bc2ebb6a8543fd2fead089f45ce7acd0fa64382a9500c41dad'
|
||||
'770ffd4b511bf4b492eb1238800c32c4f76c73a3f3294e7c5002067cebc20'
|
||||
@ -622,7 +622,7 @@ class ECCKey:
|
||||
'e9471c940b858c69d2d05e8c01788a7d0b6e235aa5e783fc1bee807dcc386'
|
||||
'5f920e12cf8f2d29')
|
||||
|
||||
def __init__(self, specification = None):
|
||||
def __init__(self, specification=None):
|
||||
if specification == 'secp256k1':
|
||||
self.key = Key.Key.decode(binascii.unhexlify(self.secp256k1Encoded))
|
||||
self.keyOID = secp256k1
|
||||
|
||||
Loading…
Reference in New Issue
Block a user