diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2016-01-22 17:04:09 -0500 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2016-01-22 17:04:09 -0500 |
| commit | 1af5dd9dcb1dd56fe3a0cedaf78427cda9c7b644 (patch) | |
| tree | d186c3c2b847aab5aa1d2cc6a57ae03d5c1d9aa1 | |
| parent | 44ae6cd19b952e927ec636d70e2c84d5b60b590b (diff) | |
| parent | ef273ebbc19aa49acb1506a8dffdcc5d72d60c6f (diff) | |
| download | cryptography-1af5dd9dcb1dd56fe3a0cedaf78427cda9c7b644.tar.gz cryptography-1af5dd9dcb1dd56fe3a0cedaf78427cda9c7b644.tar.bz2 cryptography-1af5dd9dcb1dd56fe3a0cedaf78427cda9c7b644.zip | |
Merge pull request #2683 from Lukasa/more-common-crypto
Bindings for validating TLS cert chains using Security.framework
| -rw-r--r-- | src/_cffi_src/build_commoncrypto.py | 2 | ||||
| -rw-r--r-- | src/_cffi_src/commoncrypto/cf.py | 10 | ||||
| -rw-r--r-- | src/_cffi_src/commoncrypto/seccertificate.py | 23 | ||||
| -rw-r--r-- | src/_cffi_src/commoncrypto/secpolicy.py | 23 | ||||
| -rw-r--r-- | src/_cffi_src/commoncrypto/sectrust.py | 18 |
5 files changed, 76 insertions, 0 deletions
diff --git a/src/_cffi_src/build_commoncrypto.py b/src/_cffi_src/build_commoncrypto.py index 4e69b6d1..09e020a2 100644 --- a/src/_cffi_src/build_commoncrypto.py +++ b/src/_cffi_src/build_commoncrypto.py @@ -17,10 +17,12 @@ ffi = build_ffi_for_binding( "common_key_derivation", "common_cryptor", "common_symmetric_key_wrap", + "seccertificate", "secimport", "secitem", "seckey", "seckeychain", + "secpolicy", "sectransform", "sectrust", ], diff --git a/src/_cffi_src/commoncrypto/cf.py b/src/_cffi_src/commoncrypto/cf.py index 9d4387e6..02e58d90 100644 --- a/src/_cffi_src/commoncrypto/cf.py +++ b/src/_cffi_src/commoncrypto/cf.py @@ -20,6 +20,7 @@ typedef ... *CFDataRef; typedef signed long long CFIndex; typedef ... *CFStringRef; typedef ... *CFArrayRef; +typedef ... *CFMutableArrayRef; typedef ... *CFBooleanRef; typedef ... *CFErrorRef; typedef ... *CFNumberRef; @@ -35,6 +36,9 @@ typedef struct { typedef struct { ...; } CFRange; +typedef struct { + ...; +} CFArrayCallBacks; typedef UInt32 CFStringEncoding; enum { @@ -65,6 +69,8 @@ typedef int CFNumberType; const CFDictionaryKeyCallBacks kCFTypeDictionaryKeyCallBacks; const CFDictionaryValueCallBacks kCFTypeDictionaryValueCallBacks; +const CFArrayCallBacks kCFTypeArrayCallBacks; + const CFBooleanRef kCFBooleanTrue; const CFBooleanRef kCFBooleanFalse; """ @@ -94,6 +100,10 @@ Boolean CFBooleanGetValue(CFBooleanRef); CFNumberRef CFNumberCreate(CFAllocatorRef, CFNumberType, const void *); void CFRelease(CFTypeRef); CFTypeRef CFRetain(CFTypeRef); + +CFMutableArrayRef CFArrayCreateMutable(CFAllocatorRef, CFIndex, + const CFArrayCallBacks *); +void CFArrayAppendValue(CFMutableArrayRef, const void *); """ MACROS = """ diff --git a/src/_cffi_src/commoncrypto/seccertificate.py b/src/_cffi_src/commoncrypto/seccertificate.py new file mode 100644 index 00000000..2b54b0ee --- /dev/null +++ b/src/_cffi_src/commoncrypto/seccertificate.py @@ -0,0 +1,23 @@ +# This file is dual licensed under the terms of the Apache License, Version +# 2.0, and the BSD License. See the LICENSE file in the root of this repository +# for complete details. + +from __future__ import absolute_import, division, print_function + +INCLUDES = """ +#include <Security/SecCertificate.h> +""" + +TYPES = """ +typedef ... *SecCertificateRef; +""" + +FUNCTIONS = """ +SecCertificateRef SecCertificateCreateWithData(CFAllocatorRef, CFDataRef); +""" + +MACROS = """ +""" + +CUSTOMIZATIONS = """ +""" diff --git a/src/_cffi_src/commoncrypto/secpolicy.py b/src/_cffi_src/commoncrypto/secpolicy.py new file mode 100644 index 00000000..e132cfae --- /dev/null +++ b/src/_cffi_src/commoncrypto/secpolicy.py @@ -0,0 +1,23 @@ +# This file is dual licensed under the terms of the Apache License, Version +# 2.0, and the BSD License. See the LICENSE file in the root of this repository +# for complete details. + +from __future__ import absolute_import, division, print_function + +INCLUDES = """ +#include <Security/SecPolicy.h> +""" + +TYPES = """ +typedef ... *SecPolicyRef; +""" + +FUNCTIONS = """ +SecPolicyRef SecPolicyCreateSSL(Boolean, CFStringRef); +""" + +MACROS = """ +""" + +CUSTOMIZATIONS = """ +""" diff --git a/src/_cffi_src/commoncrypto/sectrust.py b/src/_cffi_src/commoncrypto/sectrust.py index b787afad..8962f4f2 100644 --- a/src/_cffi_src/commoncrypto/sectrust.py +++ b/src/_cffi_src/commoncrypto/sectrust.py @@ -9,13 +9,31 @@ INCLUDES = """ """ TYPES = """ +typedef ... *SecTrustRef; +typedef uint32_t SecTrustResultType; + +enum { + kSecTrustResultInvalid, + kSecTrustResultProceed, + kSecTrustResultConfirm, + kSecTrustResultDeny, + kSecTrustResultUnspecified, + kSecTrustResultRecoverableTrustFailure, + kSecTrustResultFatalTrustFailure, + kSecTrustResultOtherError +}; """ FUNCTIONS = """ +OSStatus SecTrustEvaluate(SecTrustRef, SecTrustResultType *); OSStatus SecTrustCopyAnchorCertificates(CFArrayRef *); """ MACROS = """ +/* The first argument changed from CFArrayRef to CFTypeRef in 10.8, so this + * has to go here for compatibility. + */ +OSStatus SecTrustCreateWithCertificates(CFTypeRef, CFTypeRef, SecTrustRef *); """ CUSTOMIZATIONS = """ |