Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / pyopenssl / 42d69e170a988897f51432b7c5b4c2a2676f2cdf / . / src / crypto / pkcs12.c
blob: 7a6a95c9205035911ba23e114f18598541b20044 [file] [log] [blame]
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]1/*
2 * pkcs12.c
3 *
4 * Copyright (C) AB Strakt 2001, All rights reserved
5 *
6 * Certificate transport (PKCS12) handling code,
7 * mostly thin wrappers around OpenSSL.
8 * See the file RATIONALE for a short explanation of why
9 * this module was written.
10 *
11 * Reviewed 2001-07-23
12 */
13#include <Python.h>
14#define crypto_MODULE
15#include "crypto.h"
16
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]17/*
18 * PKCS12 is a standard exchange format for digital certificates.
19 * See e.g. the OpenSSL homepage http://www.openssl.org/ for more information
20 */
21
22static void crypto_PKCS12_dealloc(crypto_PKCS12Obj *self);
23
24static char crypto_PKCS12_get_certificate_doc[] = "\n\
25Return certificate portion of the PKCS12 structure\n\
26\n\
Jean-Paul Calderone54bcc832009-05-27 14:06:48 -0400[diff] [blame]27@return: X509 object containing the certificate\n\
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]28";
29static PyObject *
30crypto_PKCS12_get_certificate(crypto_PKCS12Obj *self, PyObject *args)
31{
32 if (!PyArg_ParseTuple(args, ":get_certificate"))
33 return NULL;
34
35 Py_INCREF(self->cert);
36 return self->cert;
37}
38
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]39static char crypto_PKCS12_set_certificate_doc[] = "\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]40Replace the certificate portion of the PKCS12 structure\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]41\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]42@param cert: The new certificate.\n\
43@type cert: L{X509}\n\
44@return: X509 object containing the certificate\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]45";
Rick Dean38a05c82009-07-18 01:41:30 -0500[diff] [blame]46static PyObject *
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]47crypto_PKCS12_set_certificate(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds)
48{
49 PyObject *cert = NULL;
50 static char *kwlist[] = {"cert", NULL};
51
52 if (!PyArg_ParseTupleAndKeywords(args, keywds, "O:set_certificate",
53 kwlist, &cert))
54 return NULL;
55
56 if (cert != Py_None && ! PyObject_IsInstance(cert, (PyObject *) &crypto_X509_Type)) {
57 PyErr_SetString(PyExc_TypeError, "cert must be type X509 or None");
58 return NULL;
59 }
60
61 Py_INCREF(cert); /* Make consistent before calling Py_DECREF() */
Rick Dean585cd9e2009-07-18 14:58:11 -0500[diff] [blame]62 Py_DECREF(self->cert);
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]63 self->cert = cert;
64
Rick Dean38a05c82009-07-18 01:41:30 -0500[diff] [blame]65 Py_INCREF(Py_None);
66 return Py_None;
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]67}
68
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]69static char crypto_PKCS12_get_privatekey_doc[] = "\n\
70Return private key portion of the PKCS12 structure\n\
71\n\
Jean-Paul Calderone54bcc832009-05-27 14:06:48 -0400[diff] [blame]72@returns: PKey object containing the private key\n\
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]73";
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]74static crypto_PKeyObj *
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]75crypto_PKCS12_get_privatekey(crypto_PKCS12Obj *self, PyObject *args)
76{
77 if (!PyArg_ParseTuple(args, ":get_privatekey"))
78 return NULL;
79
80 Py_INCREF(self->key);
Rick Dean864e15e2009-07-17 15:21:23 -0500[diff] [blame]81 return (crypto_PKeyObj *) self->key;
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]82}
83
84static char crypto_PKCS12_set_privatekey_doc[] = "\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]85Replace or set the certificate portion of the PKCS12 structure\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]86\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]87@param pkey: The new private key.\n\
88@type pkey: L{PKey}\n\
89@return: None\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]90";
Rick Dean38a05c82009-07-18 01:41:30 -0500[diff] [blame]91static PyObject *
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]92crypto_PKCS12_set_privatekey(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds)
93{
94 PyObject *pkey = NULL;
95 static char *kwlist[] = {"pkey", NULL};
96
97 if (!PyArg_ParseTupleAndKeywords(args, keywds, "O:set_privatekey",
98 kwlist, &pkey))
99 return NULL;
100
101 if (pkey != Py_None && ! PyObject_IsInstance(pkey, (PyObject *) &crypto_PKey_Type)) {
102 PyErr_SetString(PyExc_TypeError, "pkey must be type X509 or None");
103 return NULL;
104 }
105
106 Py_INCREF(pkey); /* Make consistent before calling Py_DECREF() */
Rick Dean585cd9e2009-07-18 14:58:11 -0500[diff] [blame]107 Py_DECREF(self->key);
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]108 self->key = pkey;
109
Rick Dean38a05c82009-07-18 01:41:30 -0500[diff] [blame]110 Py_INCREF(Py_None);
111 return Py_None;
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]112}
113
114static char crypto_PKCS12_get_ca_certificates_doc[] = "\n\
115Return CA certificates within of the PKCS12 object\n\
116\n\
Jean-Paul Calderone54bcc832009-05-27 14:06:48 -0400[diff] [blame]117@return: A newly created tuple containing the CA certificates in the chain,\n\
118 if any are present, or None if no CA certificates are present.\n\
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]119";
120static PyObject *
121crypto_PKCS12_get_ca_certificates(crypto_PKCS12Obj *self, PyObject *args)
122{
123 if (!PyArg_ParseTuple(args, ":get_ca_certificates"))
124 return NULL;
125
126 Py_INCREF(self->cacerts);
127 return self->cacerts;
128}
129
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]130static char crypto_PKCS12_set_ca_certificates_doc[] = "\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]131Replace or set the CA certificates withing the PKCS12 object.\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]132\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]133@param cacerts: The new CA certificates.\n\
134@type cacerts: Sequence of L{X509}\n\
135@return: None\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]136";
Rick Dean38a05c82009-07-18 01:41:30 -0500[diff] [blame]137static PyObject *
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]138crypto_PKCS12_set_ca_certificates(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds)
139{
140 PyObject *cacerts;
141 static char *kwlist[] = {"cacerts", NULL};
Rick Dean864e15e2009-07-17 15:21:23 -0500[diff] [blame]142 int i; /* Py_ssize_t for Python 2.5+ */
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]143
144 if (!PyArg_ParseTupleAndKeywords(args, keywds, "O:set_ca_certificates",
145 kwlist, &cacerts))
146 return NULL;
147 if (cacerts == Py_None) {
148 /* We are good. */
149 } else if (PySequence_Check(cacerts)) { /* is iterable */
Rick Dean48305252009-07-18 15:28:38 -0500[diff] [blame]150 /* Check is's a simple list filled only with X509 objects. */
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]151 for(i = 0;i < PySequence_Length(cacerts);i++) { /* For each CA cert */
152 PyObject *obj;
153 obj = PySequence_GetItem(cacerts, i);
154 if (PyObject_Type(obj) != (PyObject *) &crypto_X509_Type) {
155 Py_DECREF(obj);
156 PyErr_SetString(PyExc_TypeError, "cacerts iterable must only contain X509Type");
157 return NULL;
158 }
159 Py_DECREF(obj);
160 }
Rick Dean48305252009-07-18 15:28:38 -0500[diff] [blame]161 cacerts = PySequence_Tuple(cacerts);
162 if(cacerts == NULL) {
163 PyErr_SetString(PyExc_TypeError, "" /* "failed to convert cacerts to a tuple" */);
164 return NULL;
165 }
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]166 } else {
167 PyErr_SetString(PyExc_TypeError, "cacerts must be an iterable or None");
168 return NULL;
169 }
170
171 Py_INCREF(cacerts); /* Make consistent before calling Py_DECREF() */
Rick Dean585cd9e2009-07-18 14:58:11 -0500[diff] [blame]172 Py_DECREF(self->cacerts);
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]173 self->cacerts = cacerts;
174
Rick Dean38a05c82009-07-18 01:41:30 -0500[diff] [blame]175 Py_INCREF(Py_None);
176 return Py_None;
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]177}
178
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame^]179static char crypto_PKCS12_get_friendlyname_doc[] = "\n\
180Return friendly name portion of the PKCS12 structure\n\
181\n\
182@returns: String containing the friendlyname\n\
183";
184static crypto_PKeyObj *
185crypto_PKCS12_get_friendlyname(crypto_PKCS12Obj *self, PyObject *args)
186{
187 if (!PyArg_ParseTuple(args, ":get_friendlyname"))
188 return NULL;
189
190 Py_INCREF(self->friendlyname);
191 return (crypto_PKeyObj *) self->friendlyname;
192}
193
194static char crypto_PKCS12_set_friendlyname_doc[] = "\n\
195Replace or set the certificate portion of the PKCS12 structure\n\
196\n\
197@param name: The new friendly name.\n\
198@type name: L{str}\n\
199@return: None\n\
200";
201static PyObject *
202crypto_PKCS12_set_friendlyname(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds)
203{
204 PyObject *name = NULL;
205 static char *kwlist[] = {"name", NULL};
206
207 if (!PyArg_ParseTupleAndKeywords(args, keywds, "O:set_friendlyname",
208 kwlist, &name))
209 return NULL;
210
211 if (name != Py_None && ! PyString_Check(name)) {
212 PyErr_SetString(PyExc_TypeError, "name must be a string or None");
213 return NULL;
214 }
215
216 Py_INCREF(name); /* Make consistent before calling Py_DECREF() */
217 Py_DECREF(self->friendlyname);
218 self->friendlyname = name;
219
220 Py_INCREF(Py_None);
221 return Py_None;
222}
223
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]224static char crypto_PKCS12_export_doc[] = "\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]225export([passphrase=None][, friendly_name=None][, iter=2048][, maciter=1]\n\
226Dump a PKCS12 object as a string. See also \"man PKCS12_create\".\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]227\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]228@param passphrase: used to encrypt the PKCS12\n\
229@type passphrase: L{str}\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]230@param iter: How many times to repeat the encryption\n\
231@type iter: L{int}\n\
232@param maciter: How many times to repeat the MAC\n\
233@type maciter: L{int}\n\
234@return: The string containing the PKCS12\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]235";
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]236static PyObject *
237crypto_PKCS12_export(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds)
238{
239 int buf_len;
240 PyObject *buffer;
241 char *temp, *passphrase = NULL, *friendly_name = NULL;
242 BIO *bio;
243 PKCS12 *p12;
244 EVP_PKEY *pkey = NULL;
245 STACK_OF(X509) *cacerts = NULL;
246 X509 *x509 = NULL;
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]247 int iter = 0; /* defaults to PKCS12_DEFAULT_ITER */
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]248 int maciter = 0;
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame^]249 static char *kwlist[] = {"passphrase", "iter", "maciter", NULL};
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]250
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame^]251 if (!PyArg_ParseTupleAndKeywords(args, keywds, "|zii:export",
252 kwlist, &passphrase, &iter, &maciter))
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]253 return NULL;
254
Rick Dean585cd9e2009-07-18 14:58:11 -0500[diff] [blame]255 if (self->key != Py_None) {
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]256 pkey = ((crypto_PKeyObj*) self->key)->pkey;
257 }
Rick Dean585cd9e2009-07-18 14:58:11 -0500[diff] [blame]258 if (self->cert != Py_None) {
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]259 x509 = ((crypto_X509Obj*) self->cert)->x509;
260 }
261 cacerts = sk_X509_new_null();
Rick Dean585cd9e2009-07-18 14:58:11 -0500[diff] [blame]262 if (self->cacerts != Py_None) {
Rick Dean864e15e2009-07-17 15:21:23 -0500[diff] [blame]263 int i; /* Py_ssize_t for Python 2.5+ */
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]264 PyObject *obj;
265 for(i = 0;i < PySequence_Length(self->cacerts);i++) { /* For each CA cert */
266 obj = PySequence_GetItem(self->cacerts, i);
267 /* assert(PyObject_IsInstance(obj, (PyObject *) &crypto_X509_Type )); */
268 sk_X509_push(cacerts, (( crypto_X509Obj* ) obj)->x509);
269 Py_DECREF(obj);
270 }
271 }
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame^]272 if (self->friendlyname != Py_None) {
273 friendly_name = PyString_AsString(self->friendlyname);
274 }
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]275
276 p12 = PKCS12_create(passphrase, friendly_name, pkey, x509, cacerts,
277 NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
278 NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
279 iter, maciter, 0);
280 if( p12 == NULL ) {
281 exception_from_error_queue(crypto_Error);
282 return NULL;
283 }
284 bio = BIO_new(BIO_s_mem());
285 i2d_PKCS12_bio(bio, p12);
286 buf_len = BIO_get_mem_data(bio, &temp);
287 buffer = PyString_FromStringAndSize(temp, buf_len);
288 BIO_free(bio);
289 return buffer;
290}
291
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]292/*
293 * ADD_METHOD(name) expands to a correct PyMethodDef declaration
294 * { 'name', (PyCFunction)crypto_PKCS12_name, METH_VARARGS, crypto_PKCS12_name_doc }
295 * for convenience
296 */
297#define ADD_METHOD(name) \
298 { #name, (PyCFunction)crypto_PKCS12_##name, METH_VARARGS, crypto_PKCS12_##name##_doc }
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]299#define ADD_KW_METHOD(name) \
300 { #name, (PyCFunction)crypto_PKCS12_##name, METH_VARARGS | METH_KEYWORDS, crypto_PKCS12_##name##_doc }
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]301static PyMethodDef crypto_PKCS12_methods[] =
302{
303 ADD_METHOD(get_certificate),
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]304 ADD_KW_METHOD(set_certificate),
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]305 ADD_METHOD(get_privatekey),
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]306 ADD_KW_METHOD(set_privatekey),
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]307 ADD_METHOD(get_ca_certificates),
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]308 ADD_KW_METHOD(set_ca_certificates),
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame^]309 ADD_METHOD(get_friendlyname),
310 ADD_KW_METHOD(set_friendlyname),
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]311 ADD_KW_METHOD(export),
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]312 { NULL, NULL }
313};
314#undef ADD_METHOD
315
316/*
317 * Constructor for PKCS12 objects, never called by Python code directly.
318 * The strategy for this object is to create all the Python objects
319 * corresponding to the cert/key/CA certs right away
320 *
321 * Arguments: p12 - A "real" PKCS12 object
322 * passphrase - Passphrase to use when decrypting the PKCS12 object
323 * Returns: The newly created PKCS12 object
324 */
325crypto_PKCS12Obj *
326crypto_PKCS12_New(PKCS12 *p12, char *passphrase)
327{
328 crypto_PKCS12Obj *self;
329 PyObject *cacertobj = NULL;
330
331 X509 *cert = NULL;
332 EVP_PKEY *pkey = NULL;
333 STACK_OF(X509) *cacerts = NULL;
334
335 int i, cacert_count = 0;
336
337 /* allocate space for the CA cert stack */
338 cacerts = sk_X509_new_null();
339
340 /* parse the PKCS12 lump */
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]341 if (p12 && !(cacerts && PKCS12_parse(p12, passphrase, &pkey, &cert, &cacerts)))
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]342 {
Rick Deand369c932009-07-08 11:48:33 -0500[diff] [blame]343 exception_from_error_queue(crypto_Error);
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]344 return NULL;
345 }
346
347 if (!(self = PyObject_GC_New(crypto_PKCS12Obj, &crypto_PKCS12_Type)))
348 return NULL;
349
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]350 Py_INCREF(Py_None);
351 self->cacerts = Py_None;
352
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]353 if (cert == NULL) {
354 Py_INCREF(Py_None);
355 self->cert = Py_None;
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame^]356 Py_INCREF(Py_None);
357 self->friendlyname = Py_None;
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]358 } else {
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame^]359 unsigned char *alstr;
360 int allen;
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]361 if ((self->cert = (PyObject *)crypto_X509_New(cert, 1)) == NULL)
362 goto error;
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame^]363
364 /* Now we need to extract the friendlyName of the PKCS12
365 * that was stored by PKCS_pasrse() in the alias of the
366 * certificate. */
367 alstr = X509_alias_get0(cert, &allen);
368 if (alstr && (self->friendlyname = Py_BuildValue("s#", alstr, allen))){
369 /* success */
370 } else {
371 Py_INCREF(Py_None);
372 self->friendlyname = Py_None;
373 }
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]374 }
375 if (pkey == NULL) {
376 Py_INCREF(Py_None);
377 self->key = Py_None;
378 } else {
379 if ((self->key = (PyObject *)crypto_PKey_New(pkey, 1)) == NULL)
380 goto error;
381 }
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]382
383 /* Make a tuple for the CA certs */
384 cacert_count = sk_X509_num(cacerts);
385 if (cacert_count > 0)
386 {
387 Py_DECREF(self->cacerts);
388 if ((self->cacerts = PyTuple_New(cacert_count)) == NULL)
389 goto error;
390
391 for (i = 0; i < cacert_count; i++)
392 {
393 cert = sk_X509_value(cacerts, i);
394 if ((cacertobj = (PyObject *)crypto_X509_New(cert, 1)) == NULL)
395 goto error;
396 PyTuple_SET_ITEM(self->cacerts, i, cacertobj);
397 }
398 }
399
400 sk_X509_free(cacerts); /* don't free the certs, just the stack */
401 PyObject_GC_Track(self);
402
403 return self;
404error:
405 crypto_PKCS12_dealloc(self);
406 return NULL;
407}
408
Rick Deancbeaca02009-07-17 12:50:12 -0500[diff] [blame]409static char crypto_PKCS12_doc[] = "\n\
410PKCS12() -> PKCS12 instance\n\
411\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]412Create a new empty PKCS12 object.\n\
Rick Deancbeaca02009-07-17 12:50:12 -0500[diff] [blame]413\n\
414@returns: The PKCS12 object\n\
415";
416static PyObject *
417crypto_PKCS12_new(PyTypeObject *subtype, PyObject *args, PyObject *kwargs)
418{
419 if (!PyArg_ParseTuple(args, ":PKCS12")) {
420 return NULL;
421 }
422
423 return (PyObject *)crypto_PKCS12_New(NULL, NULL);
424}
425
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]426/*
427 * Find attribute
428 *
429 * Arguments: self - The PKCS12 object
430 * name - The attribute name
431 * Returns: A Python object for the attribute, or NULL if something went
432 * wrong
433 */
434static PyObject *
435crypto_PKCS12_getattr(crypto_PKCS12Obj *self, char *name)
436{
437 return Py_FindMethod(crypto_PKCS12_methods, (PyObject *)self, name);
438}
439
440/*
441 * Call the visitproc on all contained objects.
442 *
443 * Arguments: self - The PKCS12 object
444 * visit - Function to call
445 * arg - Extra argument to visit
446 * Returns: 0 if all goes well, otherwise the return code from the first
447 * call that gave non-zero result.
448 */
449static int
450crypto_PKCS12_traverse(crypto_PKCS12Obj *self, visitproc visit, void *arg)
451{
452 int ret = 0;
453
454 if (ret == 0 && self->cert != NULL)
455 ret = visit(self->cert, arg);
456 if (ret == 0 && self->key != NULL)
457 ret = visit(self->key, arg);
458 if (ret == 0 && self->cacerts != NULL)
459 ret = visit(self->cacerts, arg);
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame^]460 if (ret == 0 && self->friendlyname != NULL)
461 ret = visit(self->friendlyname, arg);
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]462 return ret;
463}
464
465/*
466 * Decref all contained objects and zero the pointers.
467 *
468 * Arguments: self - The PKCS12 object
469 * Returns: Always 0.
470 */
471static int
472crypto_PKCS12_clear(crypto_PKCS12Obj *self)
473{
474 Py_XDECREF(self->cert);
475 self->cert = NULL;
476 Py_XDECREF(self->key);
477 self->key = NULL;
478 Py_XDECREF(self->cacerts);
479 self->cacerts = NULL;
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame^]480 Py_XDECREF(self->friendlyname);
481 self->friendlyname = NULL;
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]482 return 0;
483}
484
485/*
486 * Deallocate the memory used by the PKCS12 object
487 *
488 * Arguments: self - The PKCS12 object
489 * Returns: None
490 */
491static void
492crypto_PKCS12_dealloc(crypto_PKCS12Obj *self)
493{
494 PyObject_GC_UnTrack(self);
495 crypto_PKCS12_clear(self);
496 PyObject_GC_Del(self);
497}
498
499PyTypeObject crypto_PKCS12_Type = {
500 PyObject_HEAD_INIT(NULL)
501 0,
502 "PKCS12",
503 sizeof(crypto_PKCS12Obj),
504 0,
505 (destructor)crypto_PKCS12_dealloc,
506 NULL, /* print */
507 (getattrfunc)crypto_PKCS12_getattr,
508 NULL, /* setattr */
509 NULL, /* compare */
510 NULL, /* repr */
511 NULL, /* as_number */
512 NULL, /* as_sequence */
513 NULL, /* as_mapping */
514 NULL, /* hash */
515 NULL, /* call */
516 NULL, /* str */
517 NULL, /* getattro */
518 NULL, /* setattro */
519 NULL, /* as_buffer */
520 Py_TPFLAGS_DEFAULT | Py_TPFLAGS_HAVE_GC,
Rick Deancbeaca02009-07-17 12:50:12 -0500[diff] [blame]521 crypto_PKCS12_doc,
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]522 (traverseproc)crypto_PKCS12_traverse,
523 (inquiry)crypto_PKCS12_clear,
Rick Deancbeaca02009-07-17 12:50:12 -0500[diff] [blame]524 NULL, /* tp_richcompare */
525 0, /* tp_weaklistoffset */
526 NULL, /* tp_iter */
527 NULL, /* tp_iternext */
528 crypto_PKCS12_methods, /* tp_methods */
529 NULL, /* tp_members */
530 NULL, /* tp_getset */
531 NULL, /* tp_base */
532 NULL, /* tp_dict */
533 NULL, /* tp_descr_get */
534 NULL, /* tp_descr_set */
535 0, /* tp_dictoffset */
536 NULL, /* tp_init */
537 NULL, /* tp_alloc */
538 crypto_PKCS12_new, /* tp_new */
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]539};
540
541/*
542 * Initialize the PKCS12 part of the crypto sub module
543 *
Jean-Paul Calderonedc138fa2009-06-27 14:32:07 -0400[diff] [blame]544 * Arguments: module - The crypto module
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]545 * Returns: None
546 */
547int
Jean-Paul Calderonedc138fa2009-06-27 14:32:07 -0400[diff] [blame]548init_crypto_pkcs12(PyObject *module) {
549 if (PyType_Ready(&crypto_PKCS12_Type) < 0) {
550 return 0;
551 }
552
Rick Deancbeaca02009-07-17 12:50:12 -0500[diff] [blame]553 if (PyModule_AddObject(module, "PKCS12", (PyObject *)&crypto_PKCS12_Type) != 0) {
554 return 0;
555 }
556
Jean-Paul Calderonedc138fa2009-06-27 14:32:07 -0400[diff] [blame]557 if (PyModule_AddObject(module, "PKCS12Type", (PyObject *)&crypto_PKCS12_Type) != 0) {
558 return 0;
559 }
560
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]561 return 1;
562}
563