Mercurial > oi > oi-build
view components/python/m2crypto/patches/crl.patch @ 394:dffc35307ef2
7051374 3rd party libraries in IPS gate should move to userland
7008441 Problem with utility/python
7066296 Bump LDTP to v2.1.1
author | Erik Trauschke <Erik.Trauschke@oracle.com> |
---|---|
date | Wed, 13 Jul 2011 12:43:29 -0700 |
parents | |
children |
line wrap: on
line source
diff -r 886cd7fb12ed M2Crypto-0.21.1/M2Crypto/X509.py --- M2Crypto-0.21.1/M2Crypto/X509.py Thu Mar 10 14:07:58 2011 -0800 +++ M2Crypto-0.21.1/M2Crypto/X509.py Fri Mar 11 09:03:37 2011 -0800 @@ -446,9 +446,9 @@ assert m2.x509_type_check(self.x509), "'x509' type error" return ASN1.ASN1_UTCTIME(m2.x509_get_not_after(self.x509)) - def get_pubkey(self): + def get_pubkey(self, md="sha1"): assert m2.x509_type_check(self.x509), "'x509' type error" - return EVP.PKey(m2.x509_get_pubkey(self.x509), _pyfree=1) + return EVP.PKey(m2.x509_get_pubkey(self.x509), _pyfree=1, md=md) def set_pubkey(self, pkey): """ @@ -1067,7 +1067,8 @@ else: self.crl = m2.x509_crl_new() self._pyfree = 1 - + self.revocations = None + def __del__(self): if getattr(self, '_pyfree', 0): self.m2_x509_crl_free(self.crl) @@ -1084,21 +1085,67 @@ return buf.read_all() -def load_crl(file): + def get_last_update(self): + assert m2.x509_CRL_type_check(self.crl), "'x509_CRL' type error" + return ASN1.ASN1_UTCTIME(m2.x509_CRL_get_last_update(self.crl)) + + def get_next_update(self): + assert m2.x509_CRL_type_check(self.crl), "'x509_CRL' type error" + return ASN1.ASN1_UTCTIME(m2.x509_CRL_get_next_update(self.crl)) + + def verify(self, pkey): + assert m2.x509_CRL_type_check(self.crl), "'x509_CRL' type error" + return m2.x509_CRL_verify(self.crl, pkey.pkey) + + def get_issuer(self): + assert m2.x509_CRL_type_check(self.crl), "'x509_CRL' type error" + return X509_Name(m2.x509_CRL_get_issuer(self.crl)) + + def is_revoked(self, cert): + if self.revocations is None: + self.revocations = {} + revo_stk_ptr = m2.x509_CRL_get_revoked(self.crl) + for i in range(m2.sk_x509_REVOKED_num(revo_stk_ptr)): + revo_ptr = m2.sk_x509_REVOKED_get(revo_stk_ptr, i) + revo_sn = m2.asn1_integer_get( + m2.x509_REVOKED_get_serial_number(revo_ptr)) + cnt = m2.x509_REVOKED_get_ext_count(revo_ptr) + reason = None + for i in range(m2.x509_REVOKED_get_ext_count(revo_ptr)): + ext_ptr = m2.x509_REVOKED_get_ext(revo_ptr, i) + name = m2.x509_extension_get_name(ext_ptr) + if name == "CRLReason": + ext = X509_Extension(ext_ptr, _pyfree=0) + reason = ext.get_value() + self.revocations[revo_sn] = (True, reason) + return self.revocations.get(cert.get_serial_number(), None) + + +def load_crl(file, format=FORMAT_PEM): """ Load CRL from file. @type file: string @param file: Name of file containing CRL in PEM format. + @type format: int, either FORMAT_PEM or FORMAT_DER + @param format: Describes the format of the file to be loaded, either PEM or DER. + @rtype: M2Crypto.X509.CRL @return: M2Crypto.X509.CRL object. """ f=BIO.openfile(file) - cptr=m2.x509_crl_read_pem(f.bio_ptr()) - f.close() - if cptr is None: - raise X509Error(Err.get_error()) - return CRL(cptr, 1) - - + if format == FORMAT_PEM: + cptr=m2.x509_crl_read_pem(f.bio_ptr()) + f.close() + if cptr is None: + raise X509Error(Err.get_error()) + return CRL(cptr, 1) + elif format == FORMAT_DER: + cptr=m2.d2i_x509_crl(f._ptr()) + f.close() + if cptr is None: + raise X509Error(Err.get_error()) + return CRL(cptr, 1) + else: + raise ValueError("Unknown format. Must be either FORMAT_DER or FORMAT_PEM") diff -r 886cd7fb12ed M2Crypto-0.21.1/SWIG/_x509.i --- M2Crypto-0.21.1/SWIG/_x509.i Thu Mar 10 14:07:58 2011 -0800 +++ M2Crypto-0.21.1/SWIG/_x509.i Fri Mar 11 09:03:37 2011 -0800 @@ -64,6 +64,9 @@ %rename(x509_cmp_current_time) X509_cmp_current_time; extern int X509_cmp_current_time(ASN1_UTCTIME *); +%rename(x509_CRL_get_issuer) X509_CRL_get_issuer; +extern X509_NAME *X509_CRL_get_issuer(X509_CRL *); + /* From x509.h */ /* standard trust ids */ @@ -111,6 +114,9 @@ %rename(x509_get_verify_error) X509_verify_cert_error_string; extern const char *X509_verify_cert_error_string(long); +%rename(x509_CRL_verify) X509_CRL_verify; +extern int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); + %constant long X509V3_EXT_UNKNOWN_MASK = (0xfL << 16); %constant long X509V3_EXT_DEFAULT = 0; %constant long X509V3_EXT_ERROR_UNKNOWN = (1L << 16); @@ -127,6 +133,13 @@ %threadallow X509V3_EXT_print; extern int X509V3_EXT_print(BIO *, X509_EXTENSION *, unsigned long, int); +%rename(x509_REVOKED_get_ext_count) X509_REVOKED_get_ext_count; +extern int X509_REVOKED_get_ext_count(X509_REVOKED *); +%rename(x509_REVOKED_get_ext) X509_REVOKED_get_ext; +extern X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *, int); +%rename(x509_REVOKED_get_ext_by_NID) X509_REVOKED_get_ext_by_NID; +extern X509_EXTENSION *X509_REVOKED_get_ext_by_NID(X509_REVOKED *, int, int); + %rename(x509_name_new) X509_NAME_new; extern X509_NAME *X509_NAME_new( void ); %rename(x509_name_free) X509_NAME_free; @@ -335,6 +348,7 @@ } %} + %threadallow d2i_x509; %inline %{ X509 *d2i_x509(BIO *bio) { @@ -342,6 +356,13 @@ } %} +%threadallow d2i_x509_crl; +%inline %{ +X509_CRL *d2i_x509_crl(BIO *bio) { + return d2i_X509_CRL_bio(bio, NULL); +} +%} + %threadallow d2i_x509_req; %inline %{ X509_REQ *d2i_x509_req(BIO *bio) { @@ -415,6 +436,33 @@ return X509_get_notAfter(x); } +/* X509_CRL_get_lastUpdate() is a macro. */ +ASN1_UTCTIME *x509_CRL_get_last_update(X509_CRL *x) { + return X509_CRL_get_lastUpdate(x); +} + +/* X509_CRL_get_nextUpdate() is a macro. */ +ASN1_UTCTIME *x509_CRL_get_next_update(X509_CRL *x) { + return X509_CRL_get_nextUpdate(x); +} + +/* X509_CRL_get_REVOKED() is a macro. */ +STACK_OF(X509_REVOKED) *x509_CRL_get_revoked(X509_CRL *x) { + return X509_CRL_get_REVOKED(x); +} + +int sk_x509_REVOKED_num(STACK_OF(X509_REVOKED) *stack) { + return sk_X509_REVOKED_num(stack); +} + +X509_REVOKED *sk_x509_REVOKED_get(STACK_OF(X509_REVOKED) *stack, int x) { + return sk_X509_REVOKED_value(stack, x); +} + +ASN1_INTEGER *x509_REVOKED_get_serial_number(X509_REVOKED *x) { + return x->serialNumber; +} + int x509_sign(X509 *x, EVP_PKEY *pkey, EVP_MD *md) { return X509_sign(x, pkey, md); } @@ -487,6 +535,10 @@ return 1; } +int x509_CRL_type_check(X509_CRL *x509_CRL) { + return 1; +} + int x509_name_type_check(X509_NAME *name) { return 1; }