Merge pull request #435 from reaperhulk/m-asn1-time-dup X509_REVOKED_dup is a thing cryptography can do for you

commit: c488deaa02eed0df890204721018e4e5b2493ac0 [log] [tgz]
author: Hynek Schlawack <hs@ox.cx> Fri Mar 11 09:20:44 2016 +0100
committer: Hynek Schlawack <hs@ox.cx> Fri Mar 11 09:20:44 2016 +0100
tree: db0cdd2b0516ba5be4459dc241b72b3471064c10
parent: 5566e51d5742680348f829b965784d92390ccd5b [diff]
parent: b11bffcc86a60e894761d5186760c1bae1530987 [diff]
diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py
index acc9c5c..b2b858e 100644
--- a/src/OpenSSL/crypto.py
+++ b/src/OpenSSL/crypto.py

@@ -217,15 +217,22 @@
                 _raise_current_error()
 
         elif type == TYPE_DSA:
-            dsa = _lib.DSA_generate_parameters(
-                bits, _ffi.NULL, 0, _ffi.NULL, _ffi.NULL, _ffi.NULL, _ffi.NULL)
+            dsa = _lib.DSA_new()
             if dsa == _ffi.NULL:
                 # TODO: This is untested.
                 _raise_current_error()
+
+            dsa = _ffi.gc(dsa, _lib.DSA_free)
+            res = _lib.DSA_generate_parameters_ex(
+                dsa, bits, _ffi.NULL, 0, _ffi.NULL, _ffi.NULL, _ffi.NULL
+            )
+            if not res == 1:
+                # TODO: This is untested.
+                _raise_current_error()
             if not _lib.DSA_generate_key(dsa):
                 # TODO: This is untested.
                 _raise_current_error()
-            if not _lib.EVP_PKEY_assign_DSA(self._pkey, dsa):
+            if not _lib.EVP_PKEY_set1_DSA(self._pkey, dsa):
                 # TODO: This is untested.
                 _raise_current_error()
         else:
commit	c488deaa02eed0df890204721018e4e5b2493ac0	[log] [tgz]
author	Hynek Schlawack <hs@ox.cx>	Fri Mar 11 09:20:44 2016 +0100
committer	Hynek Schlawack <hs@ox.cx>	Fri Mar 11 09:20:44 2016 +0100
tree	db0cdd2b0516ba5be4459dc241b72b3471064c10
parent	5566e51d5742680348f829b965784d92390ccd5b [diff]
parent	b11bffcc86a60e894761d5186760c1bae1530987 [diff]