commit c488deaa02eed0df890204721018e4e5b2493ac0
author Hynek Schlawack <hs@ox.cx> Fri Mar 11 09:20:44 2016 +0100
committer Hynek Schlawack <hs@ox.cx> Fri Mar 11 09:20:44 2016 +0100
tree db0cdd2b0516ba5be4459dc241b72b3471064c10
parent 5566e51d5742680348f829b965784d92390ccd5b
parent b11bffcc86a60e894761d5186760c1bae1530987

Merge pull request #435 from reaperhulk/m-asn1-time-dup

X509_REVOKED_dup is a thing cryptography can do for you

setup.py

diff --git a/setup.py b/setup.py
index c7c59ee..2edb712 100755
--- a/setup.py
+++ b/setup.py
@@ -82,7 +82,7 @@
         packages=find_packages(where="src"),
         package_dir={"": "src"},
         install_requires=[
-            "cryptography>=0.7",
+            "cryptography>=1.2",
             "six>=1.5.2"
         ],
     )

src/OpenSSL/crypto.py

diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py
index 86752d3..b2b858e 100644
--- a/src/OpenSSL/crypto.py
+++ b/src/OpenSSL/crypto.py
@@ -1714,32 +1714,6 @@
     return _bio_to_string(bio)
 
 
-def _X509_REVOKED_dup(original):
-    copy = _lib.X509_REVOKED_new()
-    if copy == _ffi.NULL:
-        # TODO: This is untested.
-        _raise_current_error()
-
-    if original.serialNumber != _ffi.NULL:
-        _lib.ASN1_INTEGER_free(copy.serialNumber)
-        copy.serialNumber = _lib.ASN1_INTEGER_dup(original.serialNumber)
-
-    if original.revocationDate != _ffi.NULL:
-        _lib.ASN1_TIME_free(copy.revocationDate)
-        copy.revocationDate = _lib.M_ASN1_TIME_dup(original.revocationDate)
-
-    if original.extensions != _ffi.NULL:
-        extension_stack = _lib.sk_X509_EXTENSION_new_null()
-        for i in range(_lib.sk_X509_EXTENSION_num(original.extensions)):
-            original_ext = _lib.sk_X509_EXTENSION_value(original.extensions, i)
-            copy_ext = _lib.X509_EXTENSION_dup(original_ext)
-            _lib.sk_X509_EXTENSION_push(extension_stack, copy_ext)
-        copy.extensions = extension_stack
-
-    copy.sequence = original.sequence
-    return copy
-
-
 class Revoked(object):
     """
     A certificate revocation.
@@ -1945,7 +1919,7 @@
         revoked_stack = self._crl.crl.revoked
         for i in range(_lib.sk_X509_REVOKED_num(revoked_stack)):
             revoked = _lib.sk_X509_REVOKED_value(revoked_stack, i)
-            revoked_copy = _X509_REVOKED_dup(revoked)
+            revoked_copy = _lib.Cryptography_X509_REVOKED_dup(revoked)
             pyrev = Revoked.__new__(Revoked)
             pyrev._revoked = _ffi.gc(revoked_copy, _lib.X509_REVOKED_free)
             results.append(pyrev)
@@ -1965,7 +1939,7 @@
 
         :return: :py:const:`None`
         """
-        copy = _X509_REVOKED_dup(revoked._revoked)
+        copy = _lib.Cryptography_X509_REVOKED_dup(revoked._revoked)
         if copy == _ffi.NULL:
             # TODO: This is untested.
             _raise_current_error()

tests/test_crypto.py

diff --git a/tests/test_crypto.py b/tests/test_crypto.py
index 03b94b9..a344f1c 100644
--- a/tests/test_crypto.py
+++ b/tests/test_crypto.py
@@ -3186,6 +3186,8 @@
         """
         crl = CRL()
         revoked = Revoked()
+        revoked.set_serial(b"01")
+        revoked.set_rev_date(b"20160310020145Z")
         crl.add_revoked(revoked=revoked)
         self.assertTrue(isinstance(crl.get_revoked()[0], Revoked))