diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-10-02 07:54:31 +0800 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-10-01 19:54:31 -0400 |
commit | a07de31096767abd3b4529ae29c0487c8f21310b (patch) | |
tree | 28eb5577ebb97209332c50b17c92e29e981ac644 /src/cryptography/hazmat/backends/openssl/backend.py | |
parent | 1717f8c998b22fbbebec4b5514aee42fb3a2f68d (diff) | |
download | cryptography-a07de31096767abd3b4529ae29c0487c8f21310b.tar.gz cryptography-a07de31096767abd3b4529ae29c0487c8f21310b.tar.bz2 cryptography-a07de31096767abd3b4529ae29c0487c8f21310b.zip |
support OCSP response parsing (#4452)
* support OCSP response parsing
* move the decorator to make pep8 happy
* add some missing docs
* review feedback
* more review feedback
Diffstat (limited to 'src/cryptography/hazmat/backends/openssl/backend.py')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 8b4792b4..f374a8e3 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -42,7 +42,9 @@ from cryptography.hazmat.backends.openssl.encode_asn1 import ( ) from cryptography.hazmat.backends.openssl.hashes import _HashContext from cryptography.hazmat.backends.openssl.hmac import _HMACContext -from cryptography.hazmat.backends.openssl.ocsp import _OCSPRequest +from cryptography.hazmat.backends.openssl.ocsp import ( + _OCSPRequest, _OCSPResponse +) from cryptography.hazmat.backends.openssl.rsa import ( _RSAPrivateKey, _RSAPublicKey ) @@ -1441,6 +1443,16 @@ class Backend(object): request = self._ffi.gc(request, self._lib.OCSP_REQUEST_free) return _OCSPRequest(self, request) + def load_der_ocsp_response(self, data): + mem_bio = self._bytes_to_bio(data) + response = self._lib.d2i_OCSP_RESPONSE_bio(mem_bio.bio, self._ffi.NULL) + if response == self._ffi.NULL: + self._consume_errors() + raise ValueError("Unable to load OCSP response") + + response = self._ffi.gc(response, self._lib.OCSP_RESPONSE_free) + return _OCSPResponse(self, response) + def create_ocsp_request(self, builder): ocsp_req = self._lib.OCSP_REQUEST_new() self.openssl_assert(ocsp_req != self._ffi.NULL) |