Python cryptography.x509 模块，OID_CERTIFICATE_ISSUER 实例源码

def _create_x509_extension(self, handlers, extension):
        if isinstance(extension.value, x509.UnrecognizedExtension):
            obj = _txt2obj_gc(self, extension.oid.dotted_string)
            value = _encode_asn1_str_gc(
                self, extension.value.value, len(extension.value.value)
            )
            return self._lib.X509_EXTENSION_create_by_OBJ(
                self._ffi.NULL,
                obj,
                1 if extension.critical else 0,
                value
            )
        else:
            try:
                encode = handlers[extension.oid]
            except KeyError:
                raise NotImplementedError(
                    'Extension not supported: {0}'.format(extension.oid)
                )

            ext_struct = encode(self, extension.value)
            nid = self._lib.OBJ_txt2nid(
                extension.oid.dotted_string.encode("ascii")
            )
            backend.openssl_assert(nid != self._lib.NID_undef)
            x509_extension = self._lib.X509V3_EXT_i2d(
                nid, 1 if extension.critical else 0, ext_struct
            )
            if (
                x509_extension == self._ffi.NULL and
                extension.oid == x509.OID_CERTIFICATE_ISSUER
            ):
                # This path exists to support OpenSSL 0.9.8, which does not
                # know how to encode a CERTIFICATE_ISSUER for CRLs. Once we
                # drop 0.9.8 support we can remove this.
                self._consume_errors()
                pp = backend._ffi.new("unsigned char **")
                r = self._lib.i2d_GENERAL_NAMES(ext_struct, pp)
                backend.openssl_assert(r > 0)
                pp = backend._ffi.gc(
                    pp,
                    lambda pointer: backend._lib.OPENSSL_free(pointer[0])
                )
                obj = _txt2obj_gc(self, extension.oid.dotted_string)
                return self._lib.X509_EXTENSION_create_by_OBJ(
                    self._ffi.NULL,
                    obj,
                    1 if extension.critical else 0,
                    _encode_asn1_str_gc(self, pp[0], r)
                )
            return x509_extension

def _create_x509_extension(self, handlers, extension):
        if isinstance(extension.value, x509.UnrecognizedExtension):
            obj = _txt2obj_gc(self, extension.oid.dotted_string)
            value = _encode_asn1_str_gc(
                self, extension.value.value, len(extension.value.value)
            )
            return self._lib.X509_EXTENSION_create_by_OBJ(
                self._ffi.NULL,
                obj,
                1 if extension.critical else 0,
                value
            )
        else:
            try:
                encode = handlers[extension.oid]
            except KeyError:
                raise NotImplementedError(
                    'Extension not supported: {0}'.format(extension.oid)
                )

            ext_struct = encode(self, extension.value)
            nid = self._lib.OBJ_txt2nid(
                extension.oid.dotted_string.encode("ascii")
            )
            backend.openssl_assert(nid != self._lib.NID_undef)
            x509_extension = self._lib.X509V3_EXT_i2d(
                nid, 1 if extension.critical else 0, ext_struct
            )
            if (
                x509_extension == self._ffi.NULL and
                extension.oid == x509.OID_CERTIFICATE_ISSUER
            ):
                # This path exists to support OpenSSL 0.9.8, which does not
                # know how to encode a CERTIFICATE_ISSUER for CRLs. Once we
                # drop 0.9.8 support we can remove this.
                self._consume_errors()
                pp = backend._ffi.new("unsigned char **")
                r = self._lib.i2d_GENERAL_NAMES(ext_struct, pp)
                backend.openssl_assert(r > 0)
                pp = backend._ffi.gc(
                    pp,
                    lambda pointer: backend._lib.OPENSSL_free(pointer[0])
                )
                obj = _txt2obj_gc(self, extension.oid.dotted_string)
                return self._lib.X509_EXTENSION_create_by_OBJ(
                    self._ffi.NULL,
                    obj,
                    1 if extension.critical else 0,
                    _encode_asn1_str_gc(self, pp[0], r)
                )
            return x509_extension

def _create_x509_extension(self, handlers, extension):
        if isinstance(extension.value, x509.UnrecognizedExtension):
            obj = _txt2obj_gc(self, extension.oid.dotted_string)
            value = _encode_asn1_str_gc(
                self, extension.value.value, len(extension.value.value)
            )
            return self._lib.X509_EXTENSION_create_by_OBJ(
                self._ffi.NULL,
                obj,
                1 if extension.critical else 0,
                value
            )
        else:
            try:
                encode = handlers[extension.oid]
            except KeyError:
                raise NotImplementedError(
                    'Extension not supported: {0}'.format(extension.oid)
                )

            ext_struct = encode(self, extension.value)
            nid = self._lib.OBJ_txt2nid(
                extension.oid.dotted_string.encode("ascii")
            )
            backend.openssl_assert(nid != self._lib.NID_undef)
            x509_extension = self._lib.X509V3_EXT_i2d(
                nid, 1 if extension.critical else 0, ext_struct
            )
            if (
                x509_extension == self._ffi.NULL and
                extension.oid == x509.OID_CERTIFICATE_ISSUER
            ):
                # This path exists to support OpenSSL 0.9.8, which does not
                # know how to encode a CERTIFICATE_ISSUER for CRLs. Once we
                # drop 0.9.8 support we can remove this.
                self._consume_errors()
                pp = backend._ffi.new("unsigned char **")
                r = self._lib.i2d_GENERAL_NAMES(ext_struct, pp)
                backend.openssl_assert(r > 0)
                pp = backend._ffi.gc(
                    pp,
                    lambda pointer: backend._lib.OPENSSL_free(pointer[0])
                )
                obj = _txt2obj_gc(self, extension.oid.dotted_string)
                return self._lib.X509_EXTENSION_create_by_OBJ(
                    self._ffi.NULL,
                    obj,
                    1 if extension.critical else 0,
                    _encode_asn1_str_gc(self, pp[0], r)
                )
            return x509_extension

def _create_x509_extension(self, handlers, extension):
        if isinstance(extension.value, x509.UnrecognizedExtension):
            obj = _txt2obj_gc(self, extension.oid.dotted_string)
            value = _encode_asn1_str_gc(
                self, extension.value.value, len(extension.value.value)
            )
            return self._lib.X509_EXTENSION_create_by_OBJ(
                self._ffi.NULL,
                obj,
                1 if extension.critical else 0,
                value
            )
        else:
            try:
                encode = handlers[extension.oid]
            except KeyError:
                raise NotImplementedError(
                    'Extension not supported: {0}'.format(extension.oid)
                )

            ext_struct = encode(self, extension.value)
            nid = self._lib.OBJ_txt2nid(
                extension.oid.dotted_string.encode("ascii")
            )
            backend.openssl_assert(nid != self._lib.NID_undef)
            x509_extension = self._lib.X509V3_EXT_i2d(
                nid, 1 if extension.critical else 0, ext_struct
            )
            if (
                x509_extension == self._ffi.NULL and
                extension.oid == x509.OID_CERTIFICATE_ISSUER
            ):
                # This path exists to support OpenSSL 0.9.8, which does not
                # know how to encode a CERTIFICATE_ISSUER for CRLs. Once we
                # drop 0.9.8 support we can remove this.
                self._consume_errors()
                pp = backend._ffi.new("unsigned char **")
                r = self._lib.i2d_GENERAL_NAMES(ext_struct, pp)
                backend.openssl_assert(r > 0)
                pp = backend._ffi.gc(
                    pp,
                    lambda pointer: backend._lib.OPENSSL_free(pointer[0])
                )
                obj = _txt2obj_gc(self, extension.oid.dotted_string)
                return self._lib.X509_EXTENSION_create_by_OBJ(
                    self._ffi.NULL,
                    obj,
                    1 if extension.critical else 0,
                    _encode_asn1_str_gc(self, pp[0], r)
                )
            return x509_extension

def _create_x509_extension(self, handlers, extension):
        if isinstance(extension.value, x509.UnrecognizedExtension):
            obj = _txt2obj_gc(self, extension.oid.dotted_string)
            value = _encode_asn1_str_gc(
                self, extension.value.value, len(extension.value.value)
            )
            return self._lib.X509_EXTENSION_create_by_OBJ(
                self._ffi.NULL,
                obj,
                1 if extension.critical else 0,
                value
            )
        else:
            try:
                encode = handlers[extension.oid]
            except KeyError:
                raise NotImplementedError(
                    'Extension not supported: {0}'.format(extension.oid)
                )

            ext_struct = encode(self, extension.value)
            nid = self._lib.OBJ_txt2nid(
                extension.oid.dotted_string.encode("ascii")
            )
            backend.openssl_assert(nid != self._lib.NID_undef)
            x509_extension = self._lib.X509V3_EXT_i2d(
                nid, 1 if extension.critical else 0, ext_struct
            )
            if (
                x509_extension == self._ffi.NULL and
                extension.oid == x509.OID_CERTIFICATE_ISSUER
            ):
                # This path exists to support OpenSSL 0.9.8, which does not
                # know how to encode a CERTIFICATE_ISSUER for CRLs. Once we
                # drop 0.9.8 support we can remove this.
                self._consume_errors()
                pp = backend._ffi.new("unsigned char **")
                r = self._lib.i2d_GENERAL_NAMES(ext_struct, pp)
                backend.openssl_assert(r > 0)
                pp = backend._ffi.gc(
                    pp,
                    lambda pointer: backend._lib.OPENSSL_free(pointer[0])
                )
                obj = _txt2obj_gc(self, extension.oid.dotted_string)
                return self._lib.X509_EXTENSION_create_by_OBJ(
                    self._ffi.NULL,
                    obj,
                    1 if extension.critical else 0,
                    _encode_asn1_str_gc(self, pp[0], r)
                )
            return x509_extension

def _create_x509_extension(self, handlers, extension):
        if isinstance(extension.value, x509.UnrecognizedExtension):
            obj = _txt2obj_gc(self, extension.oid.dotted_string)
            value = _encode_asn1_str_gc(
                self, extension.value.value, len(extension.value.value)
            )
            return self._lib.X509_EXTENSION_create_by_OBJ(
                self._ffi.NULL,
                obj,
                1 if extension.critical else 0,
                value
            )
        else:
            try:
                encode = handlers[extension.oid]
            except KeyError:
                raise NotImplementedError(
                    'Extension not supported: {0}'.format(extension.oid)
                )

            ext_struct = encode(self, extension.value)
            nid = self._lib.OBJ_txt2nid(
                extension.oid.dotted_string.encode("ascii")
            )
            backend.openssl_assert(nid != self._lib.NID_undef)
            x509_extension = self._lib.X509V3_EXT_i2d(
                nid, 1 if extension.critical else 0, ext_struct
            )
            if (
                x509_extension == self._ffi.NULL and
                extension.oid == x509.OID_CERTIFICATE_ISSUER
            ):
                # This path exists to support OpenSSL 0.9.8, which does not
                # know how to encode a CERTIFICATE_ISSUER for CRLs. Once we
                # drop 0.9.8 support we can remove this.
                self._consume_errors()
                pp = backend._ffi.new("unsigned char **")
                r = self._lib.i2d_GENERAL_NAMES(ext_struct, pp)
                backend.openssl_assert(r > 0)
                pp = backend._ffi.gc(
                    pp,
                    lambda pointer: backend._lib.OPENSSL_free(pointer[0])
                )
                obj = _txt2obj_gc(self, extension.oid.dotted_string)
                return self._lib.X509_EXTENSION_create_by_OBJ(
                    self._ffi.NULL,
                    obj,
                    1 if extension.critical else 0,
                    _encode_asn1_str_gc(self, pp[0], r)
                )
            return x509_extension

def _create_x509_extension(self, handlers, extension):
        if isinstance(extension.value, x509.UnrecognizedExtension):
            obj = _txt2obj_gc(self, extension.oid.dotted_string)
            value = _encode_asn1_str_gc(
                self, extension.value.value, len(extension.value.value)
            )
            return self._lib.X509_EXTENSION_create_by_OBJ(
                self._ffi.NULL,
                obj,
                1 if extension.critical else 0,
                value
            )
        else:
            try:
                encode = handlers[extension.oid]
            except KeyError:
                raise NotImplementedError(
                    'Extension not supported: {0}'.format(extension.oid)
                )

            ext_struct = encode(self, extension.value)
            nid = self._lib.OBJ_txt2nid(
                extension.oid.dotted_string.encode("ascii")
            )
            backend.openssl_assert(nid != self._lib.NID_undef)
            x509_extension = self._lib.X509V3_EXT_i2d(
                nid, 1 if extension.critical else 0, ext_struct
            )
            if (
                x509_extension == self._ffi.NULL and
                extension.oid == x509.OID_CERTIFICATE_ISSUER
            ):
                # This path exists to support OpenSSL 0.9.8, which does not
                # know how to encode a CERTIFICATE_ISSUER for CRLs. Once we
                # drop 0.9.8 support we can remove this.
                self._consume_errors()
                pp = backend._ffi.new("unsigned char **")
                r = self._lib.i2d_GENERAL_NAMES(ext_struct, pp)
                backend.openssl_assert(r > 0)
                pp = backend._ffi.gc(
                    pp,
                    lambda pointer: backend._lib.OPENSSL_free(pointer[0])
                )
                obj = _txt2obj_gc(self, extension.oid.dotted_string)
                return self._lib.X509_EXTENSION_create_by_OBJ(
                    self._ffi.NULL,
                    obj,
                    1 if extension.critical else 0,
                    _encode_asn1_str_gc(self, pp[0], r)
                )
            return x509_extension

def _create_x509_extension(self, handlers, extension):
        if isinstance(extension.value, x509.UnrecognizedExtension):
            obj = _txt2obj_gc(self, extension.oid.dotted_string)
            value = _encode_asn1_str_gc(
                self, extension.value.value, len(extension.value.value)
            )
            return self._lib.X509_EXTENSION_create_by_OBJ(
                self._ffi.NULL,
                obj,
                1 if extension.critical else 0,
                value
            )
        else:
            try:
                encode = handlers[extension.oid]
            except KeyError:
                raise NotImplementedError(
                    'Extension not supported: {0}'.format(extension.oid)
                )

            ext_struct = encode(self, extension.value)
            nid = self._lib.OBJ_txt2nid(
                extension.oid.dotted_string.encode("ascii")
            )
            backend.openssl_assert(nid != self._lib.NID_undef)
            x509_extension = self._lib.X509V3_EXT_i2d(
                nid, 1 if extension.critical else 0, ext_struct
            )
            if (
                x509_extension == self._ffi.NULL and
                extension.oid == x509.OID_CERTIFICATE_ISSUER
            ):
                # This path exists to support OpenSSL 0.9.8, which does not
                # know how to encode a CERTIFICATE_ISSUER for CRLs. Once we
                # drop 0.9.8 support we can remove this.
                self._consume_errors()
                pp = backend._ffi.new("unsigned char **")
                r = self._lib.i2d_GENERAL_NAMES(ext_struct, pp)
                backend.openssl_assert(r > 0)
                pp = backend._ffi.gc(
                    pp,
                    lambda pointer: backend._lib.OPENSSL_free(pointer[0])
                )
                obj = _txt2obj_gc(self, extension.oid.dotted_string)
                return self._lib.X509_EXTENSION_create_by_OBJ(
                    self._ffi.NULL,
                    obj,
                    1 if extension.critical else 0,
                    _encode_asn1_str_gc(self, pp[0], r)
                )
            return x509_extension

def _create_x509_extension(self, handlers, extension):
        if isinstance(extension.value, x509.UnrecognizedExtension):
            obj = _txt2obj_gc(self, extension.oid.dotted_string)
            value = _encode_asn1_str_gc(
                self, extension.value.value, len(extension.value.value)
            )
            return self._lib.X509_EXTENSION_create_by_OBJ(
                self._ffi.NULL,
                obj,
                1 if extension.critical else 0,
                value
            )
        else:
            try:
                encode = handlers[extension.oid]
            except KeyError:
                raise NotImplementedError(
                    'Extension not supported: {0}'.format(extension.oid)
                )

            ext_struct = encode(self, extension.value)
            nid = self._lib.OBJ_txt2nid(
                extension.oid.dotted_string.encode("ascii")
            )
            backend.openssl_assert(nid != self._lib.NID_undef)
            x509_extension = self._lib.X509V3_EXT_i2d(
                nid, 1 if extension.critical else 0, ext_struct
            )
            if (
                x509_extension == self._ffi.NULL and
                extension.oid == x509.OID_CERTIFICATE_ISSUER
            ):
                # This path exists to support OpenSSL 0.9.8, which does not
                # know how to encode a CERTIFICATE_ISSUER for CRLs. Once we
                # drop 0.9.8 support we can remove this.
                self._consume_errors()
                pp = backend._ffi.new("unsigned char **")
                r = self._lib.i2d_GENERAL_NAMES(ext_struct, pp)
                backend.openssl_assert(r > 0)
                pp = backend._ffi.gc(
                    pp,
                    lambda pointer: backend._lib.OPENSSL_free(pointer[0])
                )
                obj = _txt2obj_gc(self, extension.oid.dotted_string)
                return self._lib.X509_EXTENSION_create_by_OBJ(
                    self._ffi.NULL,
                    obj,
                    1 if extension.critical else 0,
                    _encode_asn1_str_gc(self, pp[0], r)
                )
            return x509_extension

def _create_x509_extension(self, handlers, extension):
        if isinstance(extension.value, x509.UnrecognizedExtension):
            obj = _txt2obj_gc(self, extension.oid.dotted_string)
            value = _encode_asn1_str_gc(
                self, extension.value.value, len(extension.value.value)
            )
            return self._lib.X509_EXTENSION_create_by_OBJ(
                self._ffi.NULL,
                obj,
                1 if extension.critical else 0,
                value
            )
        else:
            try:
                encode = handlers[extension.oid]
            except KeyError:
                raise NotImplementedError(
                    'Extension not supported: {0}'.format(extension.oid)
                )

            ext_struct = encode(self, extension.value)
            nid = self._lib.OBJ_txt2nid(
                extension.oid.dotted_string.encode("ascii")
            )
            backend.openssl_assert(nid != self._lib.NID_undef)
            x509_extension = self._lib.X509V3_EXT_i2d(
                nid, 1 if extension.critical else 0, ext_struct
            )
            if (
                x509_extension == self._ffi.NULL and
                extension.oid == x509.OID_CERTIFICATE_ISSUER
            ):
                # This path exists to support OpenSSL 0.9.8, which does not
                # know how to encode a CERTIFICATE_ISSUER for CRLs. Once we
                # drop 0.9.8 support we can remove this.
                self._consume_errors()
                pp = backend._ffi.new("unsigned char **")
                r = self._lib.i2d_GENERAL_NAMES(ext_struct, pp)
                backend.openssl_assert(r > 0)
                pp = backend._ffi.gc(
                    pp,
                    lambda pointer: backend._lib.OPENSSL_free(pointer[0])
                )
                obj = _txt2obj_gc(self, extension.oid.dotted_string)
                return self._lib.X509_EXTENSION_create_by_OBJ(
                    self._ffi.NULL,
                    obj,
                    1 if extension.critical else 0,
                    _encode_asn1_str_gc(self, pp[0], r)
                )
            return x509_extension

def _create_x509_extension(self, handlers, extension):
        if isinstance(extension.value, x509.UnrecognizedExtension):
            obj = _txt2obj_gc(self, extension.oid.dotted_string)
            value = _encode_asn1_str_gc(
                self, extension.value.value, len(extension.value.value)
            )
            return self._lib.X509_EXTENSION_create_by_OBJ(
                self._ffi.NULL,
                obj,
                1 if extension.critical else 0,
                value
            )
        else:
            try:
                encode = handlers[extension.oid]
            except KeyError:
                raise NotImplementedError(
                    'Extension not supported: {0}'.format(extension.oid)
                )

            ext_struct = encode(self, extension.value)
            nid = self._lib.OBJ_txt2nid(
                extension.oid.dotted_string.encode("ascii")
            )
            backend.openssl_assert(nid != self._lib.NID_undef)
            x509_extension = self._lib.X509V3_EXT_i2d(
                nid, 1 if extension.critical else 0, ext_struct
            )
            if (
                x509_extension == self._ffi.NULL and
                extension.oid == x509.OID_CERTIFICATE_ISSUER
            ):
                # This path exists to support OpenSSL 0.9.8, which does not
                # know how to encode a CERTIFICATE_ISSUER for CRLs. Once we
                # drop 0.9.8 support we can remove this.
                self._consume_errors()
                pp = backend._ffi.new("unsigned char **")
                r = self._lib.i2d_GENERAL_NAMES(ext_struct, pp)
                backend.openssl_assert(r > 0)
                pp = backend._ffi.gc(
                    pp,
                    lambda pointer: backend._lib.OPENSSL_free(pointer[0])
                )
                obj = _txt2obj_gc(self, extension.oid.dotted_string)
                return self._lib.X509_EXTENSION_create_by_OBJ(
                    self._ffi.NULL,
                    obj,
                    1 if extension.critical else 0,
                    _encode_asn1_str_gc(self, pp[0], r)
                )
            return x509_extension