classification
Title: SSL: add OID / NID lookup
Type: enhancement Stage: resolved
Components: Versions: Python 3.4
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: christian.heimes Nosy List: christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou, python-dev
Priority: normal Keywords: patch

Created on 2013-10-30 09:55 by christian.heimes, last changed 2013-11-22 15:21 by python-dev. This issue is now closed.

Files
File name Uploaded Description Edit
ssl_asn1obj.patch christian.heimes, 2013-10-30 09:55 review
ssl_asn1obj2.patch christian.heimes, 2013-11-01 17:04 review
Messages (9)
msg201724 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2013-10-30 09:55
For #17134 I need a decent way to map OIDs to human readable strings and vice versa. OpenSSL has a couple of method for the task, e.g. http://www.openssl.org/docs/crypto/OBJ_nid2obj.html

The patch implements three ways to lookup NID, SN, LN and OID: by OpenSSL's internal numeric id (NID), by OID or by name:

>>> ssl.txt2obj("MD5", name=True)
ASN1Object(nid=4, shortname='MD5', longname='md5', oid='1.2.840.113549.2.5')
>>> ssl.txt2obj("clientAuth", name=True)
ASN1Object(nid=130, shortname='clientAuth', longname='TLS Web Client Authentication', oid='1.3.6.1.5.5.7.3.2')
>>> ssl.txt2obj("1.3.6.1.5.5.7.3.1")
ASN1Object(nid=129, shortname='serverAuth', longname='TLS Web Server Authentication', oid='1.3.6.1.5.5.7.3.1')
msg201916 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2013-11-01 17:04
Thanks for the feed back! The new patch implements a class with two additional class methods. The low level functions are no longer part of the public API.
msg203151 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2013-11-17 13:49
Does anybody want to do a review of the patch?
msg203154 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2013-11-17 13:59
If it's for #17134, couldn't it remain a private API?

I'm rather uncomfortable about exposing such things unless we make the ssl module a full-fledged toolbox to handle X509 certificates (and perhaps think a bit more about the APIs). Are there any common use cases?
msg203199 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2013-11-17 16:47
OK, let's keep it as private API for now and maybe make it public in 3.5. I'm going to rename ASN1Object to _ASN1Object, remove the docs and adjust the tests. Agreed?
msg203200 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2013-11-17 16:51
> OK, let's keep it as private API for now and maybe make it public in
> 3.5. I'm going to rename ASN1Object to _ASN1Object, remove the docs
> and adjust the tests. Agreed?

Yup.
msg203208 - (view) Author: Roundup Robot (python-dev) Date: 2013-11-17 19:04
New changeset f43f65038e2a by Christian Heimes in branch 'default':
Issue #19448: Add private API to SSL module to lookup ASN.1 objects by OID, NID, short name and long name.
http://hg.python.org/cpython/rev/f43f65038e2a
msg203209 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2013-11-17 19:10
Thanks!
msg203784 - (view) Author: Roundup Robot (python-dev) Date: 2013-11-22 15:21
New changeset 7d914d4b05fe by Christian Heimes in branch 'default':
Issue #19448: report name / NID in exception message of ASN1Object
http://hg.python.org/cpython/rev/7d914d4b05fe
History
Date User Action Args
2013-11-22 15:21:03python-devsetmessages: + msg203784
2013-11-17 19:10:22christian.heimessetstatus: open -> closed
resolution: fixed
messages: + msg203209

stage: patch review -> resolved
2013-11-17 19:04:54python-devsetnosy: + python-dev
messages: + msg203208
2013-11-17 16:55:53christian.heimessetassignee: christian.heimes
2013-11-17 16:51:42pitrousetmessages: + msg203200
2013-11-17 16:47:54christian.heimessetmessages: + msg203199
2013-11-17 13:59:28pitrousetnosy: + dstufft
messages: + msg203154
2013-11-17 13:49:54christian.heimessetmessages: + msg203151
2013-11-01 17:04:16christian.heimessetfiles: + ssl_asn1obj2.patch

messages: + msg201916
2013-10-30 09:55:08christian.heimescreate