mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-17 15:25:52 +00:00
Bug 1205962 - Address some pylint complaints about pycert.py and pykey.py, r=keeler
Also adds more uses of enumerate() to simplify code. --HG-- extra : amend_source : 758eee481fa2d93f984f090aaa443b3b5756fb1f
This commit is contained in:
parent
996f1627b4
commit
2be3b53afa
@ -111,6 +111,7 @@ class NameConstraints(univ.Sequence):
|
|||||||
class UnknownBaseError(Exception):
|
class UnknownBaseError(Exception):
|
||||||
"""Base class for handling unexpected input in this module."""
|
"""Base class for handling unexpected input in this module."""
|
||||||
def __init__(self, value):
|
def __init__(self, value):
|
||||||
|
super(UnknownBaseError, self).__init__()
|
||||||
self.value = value
|
self.value = value
|
||||||
self.category = 'input'
|
self.category = 'input'
|
||||||
|
|
||||||
@ -217,7 +218,6 @@ def stringToDN(string, tag=None):
|
|||||||
if '/' not in string:
|
if '/' not in string:
|
||||||
string = '/CN=%s' % string
|
string = '/CN=%s' % string
|
||||||
rdns = rfc2459.RDNSequence()
|
rdns = rfc2459.RDNSequence()
|
||||||
pos = 0
|
|
||||||
pattern = '/(C|ST|L|O|OU|CN|emailAddress)='
|
pattern = '/(C|ST|L|O|OU|CN|emailAddress)='
|
||||||
split = re.split(pattern, string)
|
split = re.split(pattern, string)
|
||||||
# split should now be [[encoding], <type>, <value>, <type>, <value>, ...]
|
# split should now be [[encoding], <type>, <value>, <type>, <value>, ...]
|
||||||
@ -225,7 +225,7 @@ def stringToDN(string, tag=None):
|
|||||||
encoding = split[0]
|
encoding = split[0]
|
||||||
else:
|
else:
|
||||||
encoding = 'utf8String'
|
encoding = 'utf8String'
|
||||||
for (nameType, value) in zip(split[1::2], split[2::2]):
|
for pos, (nameType, value) in enumerate(zip(split[1::2], split[2::2])):
|
||||||
ava = rfc2459.AttributeTypeAndValue()
|
ava = rfc2459.AttributeTypeAndValue()
|
||||||
if nameType == 'C':
|
if nameType == 'C':
|
||||||
ava.setComponentByName('type', rfc2459.id_at_countryName)
|
ava.setComponentByName('type', rfc2459.id_at_countryName)
|
||||||
@ -259,7 +259,6 @@ def stringToDN(string, tag=None):
|
|||||||
rdn = rfc2459.RelativeDistinguishedName()
|
rdn = rfc2459.RelativeDistinguishedName()
|
||||||
rdn.setComponentByPosition(0, ava)
|
rdn.setComponentByPosition(0, ava)
|
||||||
rdns.setComponentByPosition(pos, rdn)
|
rdns.setComponentByPosition(pos, rdn)
|
||||||
pos = pos + 1
|
|
||||||
if tag:
|
if tag:
|
||||||
name = rfc2459.Name().subtype(implicitTag=tag)
|
name = rfc2459.Name().subtype(implicitTag=tag)
|
||||||
else:
|
else:
|
||||||
@ -298,7 +297,7 @@ def datetimeToTime(dt):
|
|||||||
time.setComponentByName('generalTime', useful.GeneralizedTime(dt.strftime('%Y%m%d%H%M%SZ')))
|
time.setComponentByName('generalTime', useful.GeneralizedTime(dt.strftime('%Y%m%d%H%M%SZ')))
|
||||||
return time
|
return time
|
||||||
|
|
||||||
class Certificate:
|
class Certificate(object):
|
||||||
"""Utility class for reading a certificate specification and
|
"""Utility class for reading a certificate specification and
|
||||||
generating a signed x509 certificate"""
|
generating a signed x509 certificate"""
|
||||||
|
|
||||||
@ -395,7 +394,7 @@ class Certificate:
|
|||||||
self.notAfter = self.now + delta
|
self.notAfter = self.now + delta
|
||||||
|
|
||||||
def decodeExtension(self, extension):
|
def decodeExtension(self, extension):
|
||||||
match = re.search('([a-zA-Z]+)(\[critical\])?:(.*)', extension)
|
match = re.search(r'([a-zA-Z]+)(\[critical\])?:(.*)', extension)
|
||||||
if not match:
|
if not match:
|
||||||
raise UnknownExtensionTypeError(extension)
|
raise UnknownExtensionTypeError(extension)
|
||||||
extensionType = match.group(1)
|
extensionType = match.group(1)
|
||||||
@ -479,23 +478,19 @@ class Certificate:
|
|||||||
|
|
||||||
def addExtKeyUsage(self, extKeyUsage, critical):
|
def addExtKeyUsage(self, extKeyUsage, critical):
|
||||||
extKeyUsageExtension = rfc2459.ExtKeyUsageSyntax()
|
extKeyUsageExtension = rfc2459.ExtKeyUsageSyntax()
|
||||||
count = 0
|
for count, keyPurpose in enumerate(extKeyUsage.split(',')):
|
||||||
for keyPurpose in extKeyUsage.split(','):
|
|
||||||
extKeyUsageExtension.setComponentByPosition(count, self.keyPurposeToOID(keyPurpose))
|
extKeyUsageExtension.setComponentByPosition(count, self.keyPurposeToOID(keyPurpose))
|
||||||
count += 1
|
|
||||||
self.addExtension(rfc2459.id_ce_extKeyUsage, extKeyUsageExtension, critical)
|
self.addExtension(rfc2459.id_ce_extKeyUsage, extKeyUsageExtension, critical)
|
||||||
|
|
||||||
def addSubjectAlternativeName(self, dNSNames, critical):
|
def addSubjectAlternativeName(self, dNSNames, critical):
|
||||||
subjectAlternativeName = rfc2459.SubjectAltName()
|
subjectAlternativeName = rfc2459.SubjectAltName()
|
||||||
count = 0
|
for count, dNSName in enumerate(dNSNames.split(',')):
|
||||||
for dNSName in dNSNames.split(','):
|
|
||||||
generalName = rfc2459.GeneralName()
|
generalName = rfc2459.GeneralName()
|
||||||
# The string may have things like '\0' (i.e. a slash
|
# The string may have things like '\0' (i.e. a slash
|
||||||
# followed by the number zero) that have to be decoded into
|
# followed by the number zero) that have to be decoded into
|
||||||
# the resulting '\x00' (i.e. a byte with value zero).
|
# the resulting '\x00' (i.e. a byte with value zero).
|
||||||
generalName.setComponentByName('dNSName', dNSName.decode(encoding='string_escape'))
|
generalName.setComponentByName('dNSName', dNSName.decode(encoding='string_escape'))
|
||||||
subjectAlternativeName.setComponentByPosition(count, generalName)
|
subjectAlternativeName.setComponentByPosition(count, generalName)
|
||||||
count += 1
|
|
||||||
self.addExtension(rfc2459.id_ce_subjectAltName, subjectAlternativeName, critical)
|
self.addExtension(rfc2459.id_ce_subjectAltName, subjectAlternativeName, critical)
|
||||||
|
|
||||||
def addAuthorityInformationAccess(self, ocspURI, critical):
|
def addAuthorityInformationAccess(self, ocspURI, critical):
|
||||||
@ -525,19 +520,17 @@ class Certificate:
|
|||||||
generalSubtrees = rfc2459.GeneralSubtrees().subtype(
|
generalSubtrees = rfc2459.GeneralSubtrees().subtype(
|
||||||
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, subtreesTag))
|
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, subtreesTag))
|
||||||
subtrees = constraints[(constraints.find(':') + 1):]
|
subtrees = constraints[(constraints.find(':') + 1):]
|
||||||
pos = 0
|
for pos, name in enumerate(subtrees.split(',')):
|
||||||
for name in subtrees.split(','):
|
|
||||||
generalName = rfc2459.GeneralName()
|
generalName = rfc2459.GeneralName()
|
||||||
if '/' in name:
|
if '/' in name:
|
||||||
directoryName = stringToDN(name,
|
directoryName = stringToDN(name,
|
||||||
tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))
|
tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))
|
||||||
generalName.setComponentByName('directoryName', directoryName)
|
generalName.setComponentByName('directoryName', directoryName)
|
||||||
else:
|
else:
|
||||||
generalName.setComponentByName('dNSName', name)
|
generalName.setComponentByName('dNSName', name)
|
||||||
generalSubtree = GeneralSubtree()
|
generalSubtree = GeneralSubtree()
|
||||||
generalSubtree.setComponentByName('base', generalName)
|
generalSubtree.setComponentByName('base', generalName)
|
||||||
generalSubtrees.setComponentByPosition(pos, generalSubtree)
|
generalSubtrees.setComponentByPosition(pos, generalSubtree)
|
||||||
pos = pos + 1
|
|
||||||
nameConstraints.setComponentByName(subtreesType, generalSubtrees)
|
nameConstraints.setComponentByName(subtreesType, generalSubtrees)
|
||||||
self.addExtension(rfc2459.id_ce_nameConstraints, nameConstraints, critical)
|
self.addExtension(rfc2459.id_ce_nameConstraints, nameConstraints, critical)
|
||||||
|
|
||||||
@ -545,7 +538,7 @@ class Certificate:
|
|||||||
if certType != 'sslServer':
|
if certType != 'sslServer':
|
||||||
raise UnknownNSCertTypeError(certType)
|
raise UnknownNSCertTypeError(certType)
|
||||||
self.addExtension(univ.ObjectIdentifier('2.16.840.1.113730.1.1'), univ.BitString("'01'B"),
|
self.addExtension(univ.ObjectIdentifier('2.16.840.1.113730.1.1'), univ.BitString("'01'B"),
|
||||||
critical)
|
critical)
|
||||||
|
|
||||||
def getVersion(self):
|
def getVersion(self):
|
||||||
return rfc2459.Version(self.versionValue).subtype(
|
return rfc2459.Version(self.versionValue).subtype(
|
||||||
@ -586,10 +579,8 @@ class Certificate:
|
|||||||
if self.extensions:
|
if self.extensions:
|
||||||
extensions = rfc2459.Extensions().subtype(
|
extensions = rfc2459.Extensions().subtype(
|
||||||
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))
|
explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))
|
||||||
count = 0
|
for count, extension in enumerate(self.extensions):
|
||||||
for extension in self.extensions:
|
|
||||||
extensions.setComponentByPosition(count, extension)
|
extensions.setComponentByPosition(count, extension)
|
||||||
count += 1
|
|
||||||
tbsCertificate.setComponentByName('extensions', extensions)
|
tbsCertificate.setComponentByName('extensions', extensions)
|
||||||
certificate = rfc2459.Certificate()
|
certificate = rfc2459.Certificate()
|
||||||
certificate.setComponentByName('tbsCertificate', tbsCertificate)
|
certificate.setComponentByName('tbsCertificate', tbsCertificate)
|
||||||
|
@ -35,7 +35,6 @@ from pyasn1.type import univ, namedtype
|
|||||||
from pyasn1_modules import rfc2459
|
from pyasn1_modules import rfc2459
|
||||||
from ecc import encoding
|
from ecc import encoding
|
||||||
from ecc import Key
|
from ecc import Key
|
||||||
from ecc.ecdsa import randkey
|
|
||||||
import base64
|
import base64
|
||||||
import binascii
|
import binascii
|
||||||
import mock
|
import mock
|
||||||
@ -52,6 +51,7 @@ def byteStringToHexifiedBitString(string):
|
|||||||
class UnknownBaseError(Exception):
|
class UnknownBaseError(Exception):
|
||||||
"""Base class for handling unexpected input in this module."""
|
"""Base class for handling unexpected input in this module."""
|
||||||
def __init__(self, value):
|
def __init__(self, value):
|
||||||
|
super(UnknownBaseError, self).__init__()
|
||||||
self.value = value
|
self.value = value
|
||||||
self.category = 'input'
|
self.category = 'input'
|
||||||
|
|
||||||
@ -105,7 +105,7 @@ class PrivateKeyInfo(univ.Sequence):
|
|||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
class RSAKey:
|
class RSAKey(object):
|
||||||
# For reference, when encoded as a subject public key info, the
|
# For reference, when encoded as a subject public key info, the
|
||||||
# base64-encoded sha-256 hash of this key is
|
# base64-encoded sha-256 hash of this key is
|
||||||
# VCIlmPM9NkgFQtrs4Oa5TeFcDu6MWRTKSNdePEhOgD8=
|
# VCIlmPM9NkgFQtrs4Oa5TeFcDu6MWRTKSNdePEhOgD8=
|
||||||
@ -290,7 +290,7 @@ class RSAKey:
|
|||||||
'f24aef4ed6f149f94d96c9f7d78e647fc778a9017ff208d3b4a1768b1821'
|
'f24aef4ed6f149f94d96c9f7d78e647fc778a9017ff208d3b4a1768b1821'
|
||||||
'62102cdab032fabbab38d5200a324649', 16)
|
'62102cdab032fabbab38d5200a324649', 16)
|
||||||
evRSA2040_P = long(
|
evRSA2040_P = long(
|
||||||
'0f3844d0d4d4d6a21acd76a6fc370b8550e1d7ec5a6234172e790f0029ae'
|
'0f3844d0d4d4d6a21acd76a6fc370b8550e1d7ec5a6234172e790f0029ae'
|
||||||
'651f6d5c59330ab19802b9d7a207de7a1fb778e3774fdbdc411750633d8d'
|
'651f6d5c59330ab19802b9d7a207de7a1fb778e3774fdbdc411750633d8d'
|
||||||
'1b3fe075006ffcfd1d10e763c7a9227d2d5f0c2dade1c9e659c350a159d3'
|
'1b3fe075006ffcfd1d10e763c7a9227d2d5f0c2dade1c9e659c350a159d3'
|
||||||
'6bb986f12636d4f9942b288bc0fe21da8799477173144249ca2e389e6c5c'
|
'6bb986f12636d4f9942b288bc0fe21da8799477173144249ca2e389e6c5c'
|
||||||
@ -590,7 +590,7 @@ def longToEvenLengthHexString(val):
|
|||||||
def notRandom(n):
|
def notRandom(n):
|
||||||
return n * '\x04'
|
return n * '\x04'
|
||||||
|
|
||||||
class ECCKey:
|
class ECCKey(object):
|
||||||
secp256k1Encoded = str('08fd87b04fba98090100004035ee7c7289d8fef7a8'
|
secp256k1Encoded = str('08fd87b04fba98090100004035ee7c7289d8fef7a8'
|
||||||
'6afe5da66d8bc2ebb6a8543fd2fead089f45ce7acd0fa64382a9500c41dad'
|
'6afe5da66d8bc2ebb6a8543fd2fead089f45ce7acd0fa64382a9500c41dad'
|
||||||
'770ffd4b511bf4b492eb1238800c32c4f76c73a3f3294e7c5002067cebc20'
|
'770ffd4b511bf4b492eb1238800c32c4f76c73a3f3294e7c5002067cebc20'
|
||||||
@ -622,7 +622,7 @@ class ECCKey:
|
|||||||
'e9471c940b858c69d2d05e8c01788a7d0b6e235aa5e783fc1bee807dcc386'
|
'e9471c940b858c69d2d05e8c01788a7d0b6e235aa5e783fc1bee807dcc386'
|
||||||
'5f920e12cf8f2d29')
|
'5f920e12cf8f2d29')
|
||||||
|
|
||||||
def __init__(self, specification = None):
|
def __init__(self, specification=None):
|
||||||
if specification == 'secp256k1':
|
if specification == 'secp256k1':
|
||||||
self.key = Key.Key.decode(binascii.unhexlify(self.secp256k1Encoded))
|
self.key = Key.Key.decode(binascii.unhexlify(self.secp256k1Encoded))
|
||||||
self.keyOID = secp256k1
|
self.keyOID = secp256k1
|
||||||
|
Loading…
Reference in New Issue
Block a user