in lemur/common/fields.py [0:0]
def _deserialize(self, value, attr, data):
keyusages = {
"digital_signature": False,
"content_commitment": False,
"key_encipherment": False,
"data_encipherment": False,
"key_agreement": False,
"key_cert_sign": False,
"crl_sign": False,
"encipher_only": False,
"decipher_only": False,
}
for k, v in value.items():
if k == "useDigitalSignature":
keyusages["digital_signature"] = v
elif k == "useNonRepudiation":
keyusages["content_commitment"] = v
elif k == "useKeyEncipherment":
keyusages["key_encipherment"] = v
elif k == "useDataEncipherment":
keyusages["data_encipherment"] = v
elif k == "useKeyCertSign":
keyusages["key_cert_sign"] = v
elif k == "useCRLSign":
keyusages["crl_sign"] = v
elif k == "useKeyAgreement":
keyusages["key_agreement"] = v
elif k == "useEncipherOnly" and v:
keyusages["encipher_only"] = True
keyusages["key_agreement"] = True
elif k == "useDecipherOnly" and v:
keyusages["decipher_only"] = True
keyusages["key_agreement"] = True
if keyusages["encipher_only"] and keyusages["decipher_only"]:
raise ValidationError(
"A certificate cannot have both Encipher Only and Decipher Only Extended Key Usages."
)
return x509.KeyUsage(
digital_signature=keyusages["digital_signature"],
content_commitment=keyusages["content_commitment"],
key_encipherment=keyusages["key_encipherment"],
data_encipherment=keyusages["data_encipherment"],
key_agreement=keyusages["key_agreement"],
key_cert_sign=keyusages["key_cert_sign"],
crl_sign=keyusages["crl_sign"],
encipher_only=keyusages["encipher_only"],
decipher_only=keyusages["decipher_only"],
)