diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2016-06-02 10:37:13 -0700 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2016-06-02 10:37:13 -0700 |
commit | 67903a6122b06d676dd15c7f0ad1aed884a1ebfa (patch) | |
tree | ee4c49fa986e5f7478e54ccc7c57b864b09a9564 | |
parent | 39ea5314e738ffb6455afe1df2e99f69a2aeb465 (diff) | |
download | pyopenssl-67903a6122b06d676dd15c7f0ad1aed884a1ebfa.tar.gz |
stuff passes!
-rw-r--r-- | src/OpenSSL/crypto.py | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py index d6ebb22..84cce76 100644 --- a/src/OpenSSL/crypto.py +++ b/src/OpenSSL/crypto.py @@ -18,6 +18,7 @@ from OpenSSL._util import ( native as _native, UNSPECIFIED as _UNSPECIFIED, text_to_bytes_and_warn as _text_to_bytes_and_warn, + make_assert as _make_assert, ) FILETYPE_PEM = _lib.SSL_FILETYPE_PEM @@ -37,6 +38,7 @@ class Error(Exception): _raise_current_error = partial(_exception_from_error_queue, Error) +_openssl_assert = _make_assert(Error) def _untested_error(where): @@ -114,7 +116,6 @@ def _set_asn1_time(boundary, when): else: _untested_error() - def _get_asn1_time(timestamp): """ Retrieve the time value of an ASN1 time object. @@ -1773,21 +1774,19 @@ class Revoked(object): """ bio = _new_mem_buf() - result = _lib.i2a_ASN1_INTEGER(bio, self._revoked.serialNumber) - if result < 0: - # TODO: This is untested. - _raise_current_error() - + asn1_int = _lib.X509_REVOKED_get0_serialNumber(self._revoked) + _openssl_assert(asn1_int != _ffi.NULL) + result = _lib.i2a_ASN1_INTEGER(bio, asn1_int) + _openssl_assert(result >= 0) return _bio_to_string(bio) def _delete_reason(self): - stack = self._revoked.extensions - for i in range(_lib.sk_X509_EXTENSION_num(stack)): - ext = _lib.sk_X509_EXTENSION_value(stack, i) + for i in range(_lib.X509_REVOKED_get_ext_count(self._revoked)): + ext = _lib.X509_REVOKED_get_ext(self._revoked, i) obj = _lib.X509_EXTENSION_get_object(ext) if _lib.OBJ_obj2nid(obj) == _lib.NID_crl_reason: _lib.X509_EXTENSION_free(ext) - _lib.sk_X509_EXTENSION_delete(stack, i) + _lib.X509_REVOKED_delete_ext(self._revoked, i) break def set_reason(self, reason): @@ -1845,9 +1844,8 @@ class Revoked(object): :py:meth:`all_reasons`, which gives you a list of all supported reasons this method might return. """ - extensions = self._revoked.extensions - for i in range(_lib.sk_X509_EXTENSION_num(extensions)): - ext = _lib.sk_X509_EXTENSION_value(extensions, i) + for i in range(_lib.X509_REVOKED_get_ext_count(self._revoked)): + ext = _lib.X509_REVOKED_get_ext(self._revoked, i) obj = _lib.X509_EXTENSION_get_object(ext) if _lib.OBJ_obj2nid(obj) == _lib.NID_crl_reason: bio = _new_mem_buf() @@ -1883,7 +1881,8 @@ class Revoked(object): :type when: :py:class:`bytes` :return: :py:const:`None` """ - return _set_asn1_time(self._revoked.revocationDate, when) + dt = _lib.X509_REVOKED_get0_revocationDate(self._revoked) + return _set_asn1_time(dt, when) def get_rev_date(self): """ @@ -1892,7 +1891,8 @@ class Revoked(object): :return: The timestamp of the revocation, as ASN.1 GENERALIZEDTIME. :rtype: :py:class:`bytes` """ - return _get_asn1_time(self._revoked.revocationDate) + dt = _lib.X509_REVOKED_get0_revocationDate(self._revoked) + return _get_asn1_time(dt) class CRL(object): @@ -1918,7 +1918,7 @@ class CRL(object): :rtype: :py:class:`tuple` of :py:class:`Revocation` """ results = [] - revoked_stack = self._crl.crl.revoked + revoked_stack = _lib.X509_CRL_get_REVOKED(self._crl) for i in range(_lib.sk_X509_REVOKED_num(revoked_stack)): revoked = _lib.sk_X509_REVOKED_value(revoked_stack, i) revoked_copy = _lib.Cryptography_X509_REVOKED_dup(revoked) @@ -2560,7 +2560,7 @@ def sign(pkey, data, digest): if digest_obj == _ffi.NULL: raise ValueError("No such digest method") - md_ctx = _ffi.new("EVP_MD_CTX*") + md_ctx = _lib.Cryptography_EVP_MD_CTX_new() md_ctx = _ffi.gc(md_ctx, _lib.EVP_MD_CTX_cleanup) _lib.EVP_SignInit(md_ctx, digest_obj) @@ -2602,7 +2602,7 @@ def verify(cert, signature, data, digest): _raise_current_error() pkey = _ffi.gc(pkey, _lib.EVP_PKEY_free) - md_ctx = _ffi.new("EVP_MD_CTX*") + md_ctx = _lib.Cryptography_EVP_MD_CTX_new() md_ctx = _ffi.gc(md_ctx, _lib.EVP_MD_CTX_cleanup) _lib.EVP_VerifyInit(md_ctx, digest_obj) |