Source code for django_ca.extensions

# This file is part of django-ca (https://github.com/mathiasertl/django-ca).
#
# django-ca is free software: you can redistribute it and/or modify it under the terms of the GNU General
# Public License as published by the Free Software Foundation, either version 3 of the License, or (at your
# option) any later version.
#
# django-ca is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the
# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
# You should have received a copy of the GNU General Public License along with django-ca. If not, see
# <http://www.gnu.org/licenses/>.

"""Extension classes wrapping various X.509 extensions.

The classes in this module wrap cryptography extensions, but allow adding/removing values, creating extensions
in a more pythonic manner and provide access functions.
"""

from cryptography import x509
from cryptography.hazmat._oid import _OID_NAMES as OID_NAMES

from django_ca.constants import EXTENSION_NAMES
from django_ca.extensions.parse import parse_extension
from django_ca.extensions.serialize import serialize_extension
from django_ca.extensions.text import extension_as_text

#: Tuple of extensions that can be set when creating a new certificate
CERTIFICATE_EXTENSIONS = tuple(
    sorted(
        [
            "authority_information_access",
            "certificate_policies",
            "crl_distribution_points",
            "extended_key_usage",
            "freshest_crl",
            "issuer_alternative_name",
            "key_usage",
            "ocsp_no_check",
            "tls_feature",
        ]
    )
)


[docs]def get_extension_name(oid: x509.ObjectIdentifier) -> str: """Function to get the name of an extension from the extensions OID. >>> from cryptography.x509.oid import ExtensionOID >>> get_extension_name(ExtensionOID.BASIC_CONSTRAINTS) 'Basic Constraints' >>> get_extension_name(x509.ObjectIdentifier("1.2.3")) 'Unknown extension (1.2.3)' """ if oid in EXTENSION_NAMES: return EXTENSION_NAMES[oid] return OID_NAMES.get(oid, f"Unknown extension ({oid.dotted_string})")
__all__ = [ "extension_as_text", "get_extension_name", "parse_extension", "serialize_extension", ]