diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-07-25 20:44:51 +0100 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-08-03 18:56:18 +0100 |
| commit | 8a49f9217d2148c4c60d0c0c92e736bbb202c169 (patch) | |
| tree | ca25f4cbd8306c45063083af1c5f1b80c20b5737 /src | |
| parent | b45c79b69d75c0e1dc69e941f67c3eaa4326a443 (diff) | |
| download | cryptography-8a49f9217d2148c4c60d0c0c92e736bbb202c169.tar.gz cryptography-8a49f9217d2148c4c60d0c0c92e736bbb202c169.tar.bz2 cryptography-8a49f9217d2148c4c60d0c0c92e736bbb202c169.zip | |
encode authority information access
Diffstat (limited to 'src')
| -rw-r--r-- | src/_cffi_src/openssl/x509v3.py | 6 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 24 |
2 files changed, 30 insertions, 0 deletions
diff --git a/src/_cffi_src/openssl/x509v3.py b/src/_cffi_src/openssl/x509v3.py index a61ad321..fc3c6d46 100644 --- a/src/_cffi_src/openssl/x509v3.py +++ b/src/_cffi_src/openssl/x509v3.py @@ -203,6 +203,9 @@ int i2d_GENERAL_NAMES(GENERAL_NAMES *, unsigned char **); int i2d_EXTENDED_KEY_USAGE(EXTENDED_KEY_USAGE *, unsigned char **); +int i2d_AUTHORITY_INFO_ACCESS(Cryptography_STACK_OF_ACCESS_DESCRIPTION *, + unsigned char **); + int sk_GENERAL_NAME_num(struct stack_st_GENERAL_NAME *); int sk_GENERAL_NAME_push(struct stack_st_GENERAL_NAME *, GENERAL_NAME *); GENERAL_NAME *sk_GENERAL_NAME_value(struct stack_st_GENERAL_NAME *, int); @@ -216,6 +219,9 @@ void sk_ACCESS_DESCRIPTION_free(Cryptography_STACK_OF_ACCESS_DESCRIPTION *); int sk_ACCESS_DESCRIPTION_push(Cryptography_STACK_OF_ACCESS_DESCRIPTION *, ACCESS_DESCRIPTION *); +ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void); +void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *); + X509_EXTENSION *X509V3_EXT_conf_nid(Cryptography_LHASH_OF_CONF_VALUE *, X509V3_CTX *, int, char *); diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 0176de21..7917402f 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -202,6 +202,30 @@ def _encode_basic_constraints(backend, basic_constraints): return pp, r +def _encode_authority_information_access(backend, authority_info_access): + aia = backend._lib.sk_ACCESS_DESCRIPTION_new_null() + assert aia != backend._ffi.NULL + aia = backend._ffi.gc( + aia, backend._lib.sk_ACCESS_DESCRIPTION_free + ) + for access_description in authority_info_access: + ad = backend._lib.ACCESS_DESCRIPTION_new() + method = _txt2obj(backend, access_description.access_method) + gn = _encode_general_name(backend, access_description.access_location) + ad.method = method + ad.location = gn + res = backend._lib.sk_ACCESS_DESCRIPTION_push(aia, ad) + assert res >= 1 + + pp = backend._ffi.new('unsigned char **') + r = backend._lib.i2d_AUTHORITY_INFO_ACCESS(aia, pp) + assert r > 0 + pp = backend._ffi.gc( + pp, lambda pointer: backend._lib.OPENSSL_free(pointer[0]) + ) + return pp, r + + def _encode_subject_alt_name(backend, san): general_names = backend._lib.GENERAL_NAMES_new() assert general_names != backend._ffi.NULL |