From f5cc63d653b27210d9c3d7646c01c3a9d540d9c7 Mon Sep 17 00:00:00 2001
From: Aldo Cortesi <aldo@nullcube.com>
Date: Mon, 10 Mar 2014 17:29:27 +1300
Subject: Certificate flags

---
 netlib/certffi.py | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 netlib/certffi.py

(limited to 'netlib/certffi.py')

diff --git a/netlib/certffi.py b/netlib/certffi.py
new file mode 100644
index 00000000..c5d7c95e
--- /dev/null
+++ b/netlib/certffi.py
@@ -0,0 +1,36 @@
+import cffi
+import OpenSSL
+xffi = cffi.FFI()
+xffi.cdef ("""
+    struct rsa_meth_st {
+            int flags;
+            ...;
+    };
+    struct rsa_st {
+            int pad;
+            long version;
+            struct rsa_meth_st *meth;
+            ...;
+    };
+""")
+xffi.verify(
+    """#include <openssl/rsa.h>""",
+    extra_compile_args=['-w']
+)
+
+def handle(privkey):
+    new = xffi.new("struct rsa_st*")
+    newbuf = xffi.buffer(new)
+    rsa = OpenSSL.SSL._lib.EVP_PKEY_get1_RSA(privkey._pkey)
+    oldbuf = OpenSSL.SSL._ffi.buffer(rsa)
+    newbuf[:] = oldbuf[:]
+    return new
+
+def set_flags(privkey, val):
+    hdl = handle(privkey)
+    hdl.meth.flags = val 
+    return privkey
+
+def get_flags(privkey):
+    hdl = handle(privkey)
+    return hdl.meth.flags
-- 
cgit v1.2.3