Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.8/site-packages/cryptography/x509/verification.py: 53%

32 statements  

« prev     ^ index     » next       coverage.py v7.3.2, created at 2023-12-08 07:26 +0000

1# This file is dual licensed under the terms of the Apache License, Version 

2# 2.0, and the BSD License. See the LICENSE file in the root of this repository 

3# for complete details. 

4 

5from __future__ import annotations 

6 

7import datetime 

8import typing 

9 

10from cryptography.hazmat.bindings._rust import x509 as rust_x509 

11from cryptography.x509.general_name import DNSName, IPAddress 

12 

13__all__ = ["Store", "Subject", "ServerVerifier", "PolicyBuilder"] 

14 

15Store = rust_x509.Store 

16 

17Subject = typing.Union[DNSName, IPAddress] 

18 

19ServerVerifier = rust_x509.ServerVerifier 

20 

21 

22class VerificationError(Exception): 

23 pass 

24 

25 

26class PolicyBuilder: 

27 def __init__( 

28 self, 

29 *, 

30 time: datetime.datetime | None = None, 

31 store: Store | None = None, 

32 max_chain_depth: int | None = None, 

33 ): 

34 self._time = time 

35 self._store = store 

36 self._max_chain_depth = max_chain_depth 

37 

38 def time(self, new_time: datetime.datetime) -> PolicyBuilder: 

39 """ 

40 Sets the validation time. 

41 """ 

42 if self._time is not None: 

43 raise ValueError("The validation time may only be set once.") 

44 

45 return PolicyBuilder( 

46 time=new_time, 

47 store=self._store, 

48 max_chain_depth=self._max_chain_depth, 

49 ) 

50 

51 def store(self, new_store: Store) -> PolicyBuilder: 

52 """ 

53 Sets the trust store. 

54 """ 

55 

56 if self._store is not None: 

57 raise ValueError("The trust store may only be set once.") 

58 

59 return PolicyBuilder( 

60 time=self._time, 

61 store=new_store, 

62 max_chain_depth=self._max_chain_depth, 

63 ) 

64 

65 def max_chain_depth(self, new_max_chain_depth: int) -> PolicyBuilder: 

66 """ 

67 Sets the maximum chain depth. 

68 """ 

69 

70 if self._max_chain_depth is not None: 

71 raise ValueError("The maximum chain depth may only be set once.") 

72 

73 return PolicyBuilder( 

74 time=self._time, 

75 store=self._store, 

76 max_chain_depth=new_max_chain_depth, 

77 ) 

78 

79 def build_server_verifier(self, subject: Subject) -> ServerVerifier: 

80 """ 

81 Builds a verifier for verifying server certificates. 

82 """ 

83 

84 if self._store is None: 

85 raise ValueError("A server verifier must have a trust store") 

86 

87 return rust_x509.create_server_verifier( 

88 subject, 

89 self._store, 

90 self._time, 

91 self._max_chain_depth, 

92 )