Issue 19448: SSL: add OID / NID lookup (original) (raw)
Created on 2013-10-30 09:55 by christian.heimes, last changed 2022-04-11 14:57 by admin. This issue is now closed.
Messages (9)
Author: Christian Heimes (christian.heimes) * 
Date: 2013-10-30 09:55
For #17134 I need a decent way to map OIDs to human readable strings and vice versa. OpenSSL has a couple of method for the task, e.g. http://www.openssl.org/docs/crypto/OBJ_nid2obj.html
The patch implements three ways to lookup NID, SN, LN and OID: by OpenSSL's internal numeric id (NID), by OID or by name:
ssl.txt2obj("MD5", name=True) ASN1Object(nid=4, shortname='MD5', longname='md5', oid='1.2.840.113549.2.5') ssl.txt2obj("clientAuth", name=True) ASN1Object(nid=130, shortname='clientAuth', longname='TLS Web Client Authentication', oid='1.3.6.1.5.5.7.3.2') ssl.txt2obj("1.3.6.1.5.5.7.3.1") ASN1Object(nid=129, shortname='serverAuth', longname='TLS Web Server Authentication', oid='1.3.6.1.5.5.7.3.1')
Author: Christian Heimes (christian.heimes) *
Date: 2013-11-01 17:04
Thanks for the feed back! The new patch implements a class with two additional class methods. The low level functions are no longer part of the public API.
Author: Christian Heimes (christian.heimes) *
Date: 2013-11-17 13:49
Does anybody want to do a review of the patch?
Author: Antoine Pitrou (pitrou) *
Date: 2013-11-17 13:59
If it's for #17134, couldn't it remain a private API?
I'm rather uncomfortable about exposing such things unless we make the ssl module a full-fledged toolbox to handle X509 certificates (and perhaps think a bit more about the APIs). Are there any common use cases?
Author: Christian Heimes (christian.heimes) *
Date: 2013-11-17 16:47
OK, let's keep it as private API for now and maybe make it public in 3.5. I'm going to rename ASN1Object to _ASN1Object, remove the docs and adjust the tests. Agreed?
Author: Antoine Pitrou (pitrou) *
Date: 2013-11-17 16:51
OK, let's keep it as private API for now and maybe make it public in 3.5. I'm going to rename ASN1Object to _ASN1Object, remove the docs and adjust the tests. Agreed?
Yup.
Author: Roundup Robot (python-dev) 
Date: 2013-11-17 19:04
New changeset f43f65038e2a by Christian Heimes in branch 'default': Issue #19448: Add private API to SSL module to lookup ASN.1 objects by OID, NID, short name and long name. http://hg.python.org/cpython/rev/f43f65038e2a
Author: Christian Heimes (christian.heimes) *
Date: 2013-11-17 19:10
Thanks!
Author: Roundup Robot (python-dev)
Date: 2013-11-22 15:21
New changeset 7d914d4b05fe by Christian Heimes in branch 'default': Issue #19448: report name / NID in exception message of ASN1Object http://hg.python.org/cpython/rev/7d914d4b05fe
History
Date
User
Action
Args
2022-04-11 14:57:52
admin
set
github: 63647
2013-11-22 15:21:03
python-dev
set
messages: +
2013-11-17 19:10:22
christian.heimes
set
status: open -> closed
resolution: fixed
messages: +
stage: patch review -> resolved
2013-11-17 19:04:54
python-dev
set
nosy: + python-dev
messages: +
2013-11-17 16:55:53
christian.heimes
set
assignee: christian.heimes
2013-11-17 16:51:42
pitrou
set
messages: +
2013-11-17 16:47:54
christian.heimes
set
messages: +
2013-11-17 13:59:28
pitrou
set
nosy: + dstufft
messages: +
2013-11-17 13:49:54
christian.heimes
set
messages: +
2013-11-01 17:04:16
christian.heimes
set
files: + ssl_asn1obj2.patch
messages: +
2013-10-30 09:55:08
christian.heimes
create