def is_ev_cert(ee_cert):
'''Return True if ee_cert is an extended validation certificate, else False.
Args:
ee_cert (EndEntityCert)
'''
oids = []
oid_certificate_policies = ObjectIdentifier('2.5.29.32')
all_extensions = ee_cert.tbscert.pyasn1['extensions']
if all_extensions is not None:
policy_extensions = [ext
for ext
in all_extensions
if ext['extnID'] == oid_certificate_policies]
if len(policy_extensions) > 0:
policy_extension = policy_extensions[0]
sequence_der = policy_extension['extnValue'] # type: Sequence()
try:
sequence, _ = der_decoder(sequence_der, Sequence())
except pyasn1.error.PyAsn1Error:
sequence = [] # invalid encoded certificate policy extension
for idx in range(len(sequence)):
inner_sequence = sequence.getComponentByPosition(idx)
oid = inner_sequence.getComponentByPosition(0)
oids.append(str(oid))
intersection = list(set(oids) & set(EV_OIDs))
return intersection != []
评论列表
文章目录
