pki.py 文件源码

python
阅读 21 收藏 0 点赞 0 评论 0

项目:seedbox 作者: nailgun 项目源码 文件源码
def _match_subject_name(cert, subject_name, compare_func=operator.eq, alt_names=True):
    names = []

    if alt_names:
        try:
            alt_names = cert.extensions.get_extension_for_oid(ExtensionOID.SUBJECT_ALTERNATIVE_NAME)
            names = alt_names.value.get_values_for_type(x509.DNSName)
        except x509.extensions.ExtensionNotFound:
            pass

    if not names:
        common_names = cert.subject.get_attributes_for_oid(NameOID.COMMON_NAME)
        if common_names:
            common_name = common_names[0]
            names = [common_name.value]

    if not any(compare_func(name, subject_name) for name in names):
        if len(names) > 1:
            raise InvalidCertificate("Subject name %r doesn't match either of %s" % (subject_name, ', '.join(map(repr, names))))
        elif len(names) == 1:
            raise InvalidCertificate("Subject name %r doesn't match %r" % (subject_name, names[0]))
        else:
            raise InvalidCertificate("No appropriate commonName or subjectAltName DNSName fields were found")
评论列表
文章目录


问题


面经


文章

微信
公众号

扫码关注公众号