diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-12-06 14:46:55 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-12-06 14:46:55 -0600 |
| commit | fb613d10fbe0e9672b5d7b7e5ddb3f97f65f4715 (patch) | |
| tree | 950f05fe133a63b99e5cff461b68031b0a2d4a61 | |
| parent | 7215fcc1bcf9010e719ff167475808decaba46a0 (diff) | |
| parent | 13a880eccc537da927ccace87bd6748a5af1af3c (diff) | |
| download | cryptography-fb613d10fbe0e9672b5d7b7e5ddb3f97f65f4715.tar.gz cryptography-fb613d10fbe0e9672b5d7b7e5ddb3f97f65f4715.tar.bz2 cryptography-fb613d10fbe0e9672b5d7b7e5ddb3f97f65f4715.zip | |
Merge pull request #1510 from public/more-x509
Add various bits useful when generating X509 certs
4 files changed, 60 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/bindings/openssl/asn1.py b/src/cryptography/hazmat/bindings/openssl/asn1.py index 2681dd9f..a73dc325 100644 --- a/src/cryptography/hazmat/bindings/openssl/asn1.py +++ b/src/cryptography/hazmat/bindings/openssl/asn1.py @@ -57,7 +57,11 @@ typedef ... ASN1_UTCTIME; static const int V_ASN1_GENERALIZEDTIME; +static const int MBSTRING_FLAG; +static const int MBSTRING_ASC; +static const int MBSTRING_BMP; static const int MBSTRING_UTF8; +static const int MBSTRING_UNIV; """ FUNCTIONS = """ diff --git a/src/cryptography/hazmat/bindings/openssl/x509.py b/src/cryptography/hazmat/bindings/openssl/x509.py index 2fdba0f8..c2b84071 100644 --- a/src/cryptography/hazmat/bindings/openssl/x509.py +++ b/src/cryptography/hazmat/bindings/openssl/x509.py @@ -70,6 +70,39 @@ typedef struct { } X509; typedef ... NETSCAPE_SPKI; + +static const int X509_FLAG_COMPAT; +static const int X509_FLAG_NO_HEADER; +static const int X509_FLAG_NO_VERSION; +static const int X509_FLAG_NO_SERIAL; +static const int X509_FLAG_NO_SIGNAME; +static const int X509_FLAG_NO_ISSUER; +static const int X509_FLAG_NO_VALIDITY; +static const int X509_FLAG_NO_SUBJECT; +static const int X509_FLAG_NO_PUBKEY; +static const int X509_FLAG_NO_EXTENSIONS; +static const int X509_FLAG_NO_SIGDUMP; +static const int X509_FLAG_NO_AUX; +static const int X509_FLAG_NO_ATTRIBUTES; + +static const int XN_FLAG_SEP_MASK; +static const int XN_FLAG_COMPAT; +static const int XN_FLAG_SEP_COMMA_PLUS; +static const int XN_FLAG_SEP_CPLUS_SPC; +static const int XN_FLAG_SEP_SPLUS_SPC; +static const int XN_FLAG_SEP_MULTILINE; +static const int XN_FLAG_DN_REV; +static const int XN_FLAG_FN_MASK; +static const int XN_FLAG_FN_SN; +static const int XN_FLAG_FN_LN; +static const int XN_FLAG_FN_OID; +static const int XN_FLAG_FN_NONE; +static const int XN_FLAG_SPC_EQ; +static const int XN_FLAG_DUMP_UNKNOWN_FIELDS; +static const int XN_FLAG_FN_ALIGN; +static const int XN_FLAG_RFC2253; +static const int XN_FLAG_ONELINE; +static const int XN_FLAG_MULTILINE; """ FUNCTIONS = """ diff --git a/src/cryptography/hazmat/bindings/openssl/x509name.py b/src/cryptography/hazmat/bindings/openssl/x509name.py index 59ce7576..9863c195 100644 --- a/src/cryptography/hazmat/bindings/openssl/x509name.py +++ b/src/cryptography/hazmat/bindings/openssl/x509name.py @@ -27,6 +27,8 @@ ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *); unsigned long X509_NAME_hash(X509_NAME *); int i2d_X509_NAME(X509_NAME *, unsigned char **); +int X509_NAME_add_entry_by_txt(X509_NAME *, const char *, int, + const unsigned char *, int, int, int); int X509_NAME_add_entry_by_NID(X509_NAME *, int, int, unsigned char *, int, int, int); X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *, int); diff --git a/src/cryptography/hazmat/bindings/openssl/x509v3.py b/src/cryptography/hazmat/bindings/openssl/x509v3.py index 364f3fa2..3b007249 100644 --- a/src/cryptography/hazmat/bindings/openssl/x509v3.py +++ b/src/cryptography/hazmat/bindings/openssl/x509v3.py @@ -6,6 +6,19 @@ from __future__ import absolute_import, division, print_function INCLUDES = """ #include <openssl/x509v3.h> + +/* + * This is part of a work-around for the difficulty cffi has in dealing with + * `LHASH_OF(foo)` as the name of a type. We invent a new, simpler name that + * will be an alias for this type and use the alias throughout. This works + * together with another opaque typedef for the same name in the TYPES section. + * Note that the result is an opaque type. + */ +#if OPENSSL_VERSION_NUMBER >= 0x10000000 +typedef LHASH_OF(CONF_VALUE) Cryptography_LHASH_OF_CONF_VALUE; +#else +typedef LHASH Cryptography_LHASH_OF_CONF_VALUE; +#endif """ TYPES = """ @@ -67,9 +80,13 @@ typedef struct { } GENERAL_NAME; typedef struct stack_st_GENERAL_NAME GENERAL_NAMES; + +typedef ... Cryptography_LHASH_OF_CONF_VALUE; """ + FUNCTIONS = """ +int X509V3_EXT_add_alias(int, int); void X509V3_set_ctx(X509V3_CTX *, X509 *, X509 *, X509_REQ *, X509_CRL *, int); X509_EXTENSION *X509V3_EXT_nconf(CONF *, X509V3_CTX *, char *, char *); int GENERAL_NAME_print(BIO *, GENERAL_NAME *); @@ -83,9 +100,13 @@ int sk_GENERAL_NAME_num(struct stack_st_GENERAL_NAME *); int sk_GENERAL_NAME_push(struct stack_st_GENERAL_NAME *, GENERAL_NAME *); GENERAL_NAME *sk_GENERAL_NAME_value(struct stack_st_GENERAL_NAME *, int); +X509_EXTENSION *X509V3_EXT_conf_nid(Cryptography_LHASH_OF_CONF_VALUE *, + X509V3_CTX *, int, char *); + /* These aren't macros these functions are all const X on openssl > 1.0.x */ const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *); const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int); + """ CUSTOMIZATIONS = """ |