Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / pyopenssl / e84d1468e6f4b57637adaa96256edae492a09af9 / . / src / crypto / pkcs12.c
blob: 70ac75111189a4bc331508d01be54e1b425dd852 [file] [log] [blame]
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]1/*
2 * pkcs12.c
3 *
4 * Copyright (C) AB Strakt 2001, All rights reserved
5 *
6 * Certificate transport (PKCS12) handling code,
7 * mostly thin wrappers around OpenSSL.
8 * See the file RATIONALE for a short explanation of why
9 * this module was written.
10 *
11 * Reviewed 2001-07-23
12 */
13#include <Python.h>
14#define crypto_MODULE
15#include "crypto.h"
16
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]17/*
18 * PKCS12 is a standard exchange format for digital certificates.
19 * See e.g. the OpenSSL homepage http://www.openssl.org/ for more information
20 */
21
22static void crypto_PKCS12_dealloc(crypto_PKCS12Obj *self);
23
24static char crypto_PKCS12_get_certificate_doc[] = "\n\
25Return certificate portion of the PKCS12 structure\n\
26\n\
Jean-Paul Calderone54bcc832009-05-27 14:06:48 -0400[diff] [blame]27@return: X509 object containing the certificate\n\
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]28";
29static PyObject *
30crypto_PKCS12_get_certificate(crypto_PKCS12Obj *self, PyObject *args)
31{
32 if (!PyArg_ParseTuple(args, ":get_certificate"))
33 return NULL;
34
35 Py_INCREF(self->cert);
36 return self->cert;
37}
38
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]39static char crypto_PKCS12_set_certificate_doc[] = "\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]40Replace the certificate portion of the PKCS12 structure\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]41\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]42@param cert: The new certificate.\n\
43@type cert: L{X509}\n\
Rick Dean379917c2009-07-21 11:37:41 -0500[diff] [blame]44@return: None\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]45";
Rick Dean38a05c82009-07-18 01:41:30 -0500[diff] [blame]46static PyObject *
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]47crypto_PKCS12_set_certificate(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds)
48{
49 PyObject *cert = NULL;
50 static char *kwlist[] = {"cert", NULL};
51
52 if (!PyArg_ParseTupleAndKeywords(args, keywds, "O:set_certificate",
53 kwlist, &cert))
54 return NULL;
55
56 if (cert != Py_None && ! PyObject_IsInstance(cert, (PyObject *) &crypto_X509_Type)) {
57 PyErr_SetString(PyExc_TypeError, "cert must be type X509 or None");
58 return NULL;
59 }
60
61 Py_INCREF(cert); /* Make consistent before calling Py_DECREF() */
Rick Dean585cd9e2009-07-18 14:58:11 -0500[diff] [blame]62 Py_DECREF(self->cert);
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]63 self->cert = cert;
64
Rick Dean38a05c82009-07-18 01:41:30 -0500[diff] [blame]65 Py_INCREF(Py_None);
66 return Py_None;
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]67}
68
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]69static char crypto_PKCS12_get_privatekey_doc[] = "\n\
70Return private key portion of the PKCS12 structure\n\
71\n\
Jean-Paul Calderone54bcc832009-05-27 14:06:48 -0400[diff] [blame]72@returns: PKey object containing the private key\n\
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]73";
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]74static crypto_PKeyObj *
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]75crypto_PKCS12_get_privatekey(crypto_PKCS12Obj *self, PyObject *args)
76{
77 if (!PyArg_ParseTuple(args, ":get_privatekey"))
78 return NULL;
79
80 Py_INCREF(self->key);
Rick Dean864e15e2009-07-17 15:21:23 -0500[diff] [blame]81 return (crypto_PKeyObj *) self->key;
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]82}
83
84static char crypto_PKCS12_set_privatekey_doc[] = "\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]85Replace or set the certificate portion of the PKCS12 structure\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]86\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]87@param pkey: The new private key.\n\
88@type pkey: L{PKey}\n\
89@return: None\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]90";
Rick Dean38a05c82009-07-18 01:41:30 -0500[diff] [blame]91static PyObject *
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]92crypto_PKCS12_set_privatekey(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds)
93{
94 PyObject *pkey = NULL;
95 static char *kwlist[] = {"pkey", NULL};
96
97 if (!PyArg_ParseTupleAndKeywords(args, keywds, "O:set_privatekey",
98 kwlist, &pkey))
99 return NULL;
100
101 if (pkey != Py_None && ! PyObject_IsInstance(pkey, (PyObject *) &crypto_PKey_Type)) {
102 PyErr_SetString(PyExc_TypeError, "pkey must be type X509 or None");
103 return NULL;
104 }
105
106 Py_INCREF(pkey); /* Make consistent before calling Py_DECREF() */
Rick Dean585cd9e2009-07-18 14:58:11 -0500[diff] [blame]107 Py_DECREF(self->key);
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]108 self->key = pkey;
109
Rick Dean38a05c82009-07-18 01:41:30 -0500[diff] [blame]110 Py_INCREF(Py_None);
111 return Py_None;
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]112}
113
114static char crypto_PKCS12_get_ca_certificates_doc[] = "\n\
115Return CA certificates within of the PKCS12 object\n\
116\n\
Jean-Paul Calderone54bcc832009-05-27 14:06:48 -0400[diff] [blame]117@return: A newly created tuple containing the CA certificates in the chain,\n\
118 if any are present, or None if no CA certificates are present.\n\
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]119";
120static PyObject *
121crypto_PKCS12_get_ca_certificates(crypto_PKCS12Obj *self, PyObject *args)
122{
123 if (!PyArg_ParseTuple(args, ":get_ca_certificates"))
124 return NULL;
125
126 Py_INCREF(self->cacerts);
127 return self->cacerts;
128}
129
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]130static char crypto_PKCS12_set_ca_certificates_doc[] = "\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]131Replace or set the CA certificates withing the PKCS12 object.\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]132\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]133@param cacerts: The new CA certificates.\n\
134@type cacerts: Sequence of L{X509}\n\
135@return: None\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]136";
Rick Dean38a05c82009-07-18 01:41:30 -0500[diff] [blame]137static PyObject *
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]138crypto_PKCS12_set_ca_certificates(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds)
139{
140 PyObject *cacerts;
141 static char *kwlist[] = {"cacerts", NULL};
Rick Dean25bcc1f2009-07-20 11:53:13 -0500[diff] [blame]142 int i, len; /* Py_ssize_t for Python 2.5+ */
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]143
144 if (!PyArg_ParseTupleAndKeywords(args, keywds, "O:set_ca_certificates",
145 kwlist, &cacerts))
146 return NULL;
147 if (cacerts == Py_None) {
Rick Deane84d1462009-07-24 09:27:01 -0500[diff] [blame^]148 Py_INCREF(cacerts);
Rick Dean25bcc1f2009-07-20 11:53:13 -0500[diff] [blame]149 } else if ((len = PySequence_Length(cacerts)) >= 0) { /* is iterable */
Rick Deane84d1462009-07-24 09:27:01 -0500[diff] [blame^]150 cacerts = PySequence_Tuple(cacerts);
151 if(cacerts == NULL) {
152 PyErr_SetString(PyExc_TypeError, "untupleable" /* failed to convert cacerts to a tuple */);
153 return NULL;
154 }
Rick Dean48305252009-07-18 15:28:38 -0500[diff] [blame]155 /* Check is's a simple list filled only with X509 objects. */
Rick Dean25bcc1f2009-07-20 11:53:13 -0500[diff] [blame]156 for(i = 0;i < len;i++) { /* For each CA cert */
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]157 PyObject *obj;
158 obj = PySequence_GetItem(cacerts, i);
Rick Dean25bcc1f2009-07-20 11:53:13 -0500[diff] [blame]159 if(obj == NULL) {
160 break;
161 }
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]162 if (PyObject_Type(obj) != (PyObject *) &crypto_X509_Type) {
Rick Deane84d1462009-07-24 09:27:01 -0500[diff] [blame^]163 Py_DECREF(cacerts);
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]164 Py_DECREF(obj);
Rick Deane84d1462009-07-24 09:27:01 -0500[diff] [blame^]165 PyErr_SetString(PyExc_TypeError, "iterable must only contain X509Type");
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]166 return NULL;
167 }
168 Py_DECREF(obj);
169 }
170 } else {
Rick Deane84d1462009-07-24 09:27:01 -0500[diff] [blame^]171 PyErr_SetString(PyExc_TypeError, "must be iterable or None");
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]172 return NULL;
173 }
174
Rick Dean585cd9e2009-07-18 14:58:11 -0500[diff] [blame]175 Py_DECREF(self->cacerts);
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]176 self->cacerts = cacerts;
177
Rick Dean38a05c82009-07-18 01:41:30 -0500[diff] [blame]178 Py_INCREF(Py_None);
179 return Py_None;
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]180}
181
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame]182static char crypto_PKCS12_get_friendlyname_doc[] = "\n\
183Return friendly name portion of the PKCS12 structure\n\
184\n\
185@returns: String containing the friendlyname\n\
186";
187static crypto_PKeyObj *
188crypto_PKCS12_get_friendlyname(crypto_PKCS12Obj *self, PyObject *args)
189{
190 if (!PyArg_ParseTuple(args, ":get_friendlyname"))
191 return NULL;
192
193 Py_INCREF(self->friendlyname);
194 return (crypto_PKeyObj *) self->friendlyname;
195}
196
197static char crypto_PKCS12_set_friendlyname_doc[] = "\n\
198Replace or set the certificate portion of the PKCS12 structure\n\
199\n\
200@param name: The new friendly name.\n\
201@type name: L{str}\n\
202@return: None\n\
203";
204static PyObject *
205crypto_PKCS12_set_friendlyname(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds)
206{
207 PyObject *name = NULL;
208 static char *kwlist[] = {"name", NULL};
209
210 if (!PyArg_ParseTupleAndKeywords(args, keywds, "O:set_friendlyname",
211 kwlist, &name))
212 return NULL;
213
214 if (name != Py_None && ! PyString_Check(name)) {
215 PyErr_SetString(PyExc_TypeError, "name must be a string or None");
216 return NULL;
217 }
218
219 Py_INCREF(name); /* Make consistent before calling Py_DECREF() */
220 Py_DECREF(self->friendlyname);
221 self->friendlyname = name;
222
223 Py_INCREF(Py_None);
224 return Py_None;
225}
226
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]227static char crypto_PKCS12_export_doc[] = "\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]228export([passphrase=None][, friendly_name=None][, iter=2048][, maciter=1]\n\
229Dump a PKCS12 object as a string. See also \"man PKCS12_create\".\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]230\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]231@param passphrase: used to encrypt the PKCS12\n\
232@type passphrase: L{str}\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]233@param iter: How many times to repeat the encryption\n\
234@type iter: L{int}\n\
235@param maciter: How many times to repeat the MAC\n\
236@type maciter: L{int}\n\
237@return: The string containing the PKCS12\n\
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]238";
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]239static PyObject *
240crypto_PKCS12_export(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds)
241{
242 int buf_len;
243 PyObject *buffer;
244 char *temp, *passphrase = NULL, *friendly_name = NULL;
245 BIO *bio;
246 PKCS12 *p12;
247 EVP_PKEY *pkey = NULL;
248 STACK_OF(X509) *cacerts = NULL;
249 X509 *x509 = NULL;
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]250 int iter = 0; /* defaults to PKCS12_DEFAULT_ITER */
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]251 int maciter = 0;
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame]252 static char *kwlist[] = {"passphrase", "iter", "maciter", NULL};
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]253
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame]254 if (!PyArg_ParseTupleAndKeywords(args, keywds, "|zii:export",
255 kwlist, &passphrase, &iter, &maciter))
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]256 return NULL;
257
Rick Dean585cd9e2009-07-18 14:58:11 -0500[diff] [blame]258 if (self->key != Py_None) {
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]259 pkey = ((crypto_PKeyObj*) self->key)->pkey;
260 }
Rick Dean585cd9e2009-07-18 14:58:11 -0500[diff] [blame]261 if (self->cert != Py_None) {
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]262 x509 = ((crypto_X509Obj*) self->cert)->x509;
263 }
264 cacerts = sk_X509_new_null();
Rick Dean585cd9e2009-07-18 14:58:11 -0500[diff] [blame]265 if (self->cacerts != Py_None) {
Rick Dean864e15e2009-07-17 15:21:23 -0500[diff] [blame]266 int i; /* Py_ssize_t for Python 2.5+ */
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]267 PyObject *obj;
268 for(i = 0;i < PySequence_Length(self->cacerts);i++) { /* For each CA cert */
269 obj = PySequence_GetItem(self->cacerts, i);
270 /* assert(PyObject_IsInstance(obj, (PyObject *) &crypto_X509_Type )); */
271 sk_X509_push(cacerts, (( crypto_X509Obj* ) obj)->x509);
272 Py_DECREF(obj);
273 }
274 }
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame]275 if (self->friendlyname != Py_None) {
276 friendly_name = PyString_AsString(self->friendlyname);
277 }
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]278
279 p12 = PKCS12_create(passphrase, friendly_name, pkey, x509, cacerts,
280 NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
281 NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
282 iter, maciter, 0);
283 if( p12 == NULL ) {
284 exception_from_error_queue(crypto_Error);
285 return NULL;
286 }
287 bio = BIO_new(BIO_s_mem());
288 i2d_PKCS12_bio(bio, p12);
289 buf_len = BIO_get_mem_data(bio, &temp);
290 buffer = PyString_FromStringAndSize(temp, buf_len);
291 BIO_free(bio);
292 return buffer;
293}
294
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]295/*
296 * ADD_METHOD(name) expands to a correct PyMethodDef declaration
297 * { 'name', (PyCFunction)crypto_PKCS12_name, METH_VARARGS, crypto_PKCS12_name_doc }
298 * for convenience
299 */
300#define ADD_METHOD(name) \
301 { #name, (PyCFunction)crypto_PKCS12_##name, METH_VARARGS, crypto_PKCS12_##name##_doc }
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]302#define ADD_KW_METHOD(name) \
303 { #name, (PyCFunction)crypto_PKCS12_##name, METH_VARARGS | METH_KEYWORDS, crypto_PKCS12_##name##_doc }
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]304static PyMethodDef crypto_PKCS12_methods[] =
305{
306 ADD_METHOD(get_certificate),
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]307 ADD_KW_METHOD(set_certificate),
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]308 ADD_METHOD(get_privatekey),
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]309 ADD_KW_METHOD(set_privatekey),
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]310 ADD_METHOD(get_ca_certificates),
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]311 ADD_KW_METHOD(set_ca_certificates),
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame]312 ADD_METHOD(get_friendlyname),
313 ADD_KW_METHOD(set_friendlyname),
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]314 ADD_KW_METHOD(export),
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]315 { NULL, NULL }
316};
317#undef ADD_METHOD
318
319/*
320 * Constructor for PKCS12 objects, never called by Python code directly.
321 * The strategy for this object is to create all the Python objects
322 * corresponding to the cert/key/CA certs right away
323 *
324 * Arguments: p12 - A "real" PKCS12 object
325 * passphrase - Passphrase to use when decrypting the PKCS12 object
326 * Returns: The newly created PKCS12 object
327 */
328crypto_PKCS12Obj *
329crypto_PKCS12_New(PKCS12 *p12, char *passphrase)
330{
331 crypto_PKCS12Obj *self;
332 PyObject *cacertobj = NULL;
333
334 X509 *cert = NULL;
335 EVP_PKEY *pkey = NULL;
336 STACK_OF(X509) *cacerts = NULL;
337
338 int i, cacert_count = 0;
339
340 /* allocate space for the CA cert stack */
341 cacerts = sk_X509_new_null();
342
343 /* parse the PKCS12 lump */
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]344 if (p12 && !(cacerts && PKCS12_parse(p12, passphrase, &pkey, &cert, &cacerts)))
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]345 {
Rick Deand369c932009-07-08 11:48:33 -0500[diff] [blame]346 exception_from_error_queue(crypto_Error);
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]347 return NULL;
348 }
349
350 if (!(self = PyObject_GC_New(crypto_PKCS12Obj, &crypto_PKCS12_Type)))
351 return NULL;
352
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]353 Py_INCREF(Py_None);
354 self->cacerts = Py_None;
355
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]356 if (cert == NULL) {
357 Py_INCREF(Py_None);
358 self->cert = Py_None;
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame]359 Py_INCREF(Py_None);
360 self->friendlyname = Py_None;
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]361 } else {
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame]362 unsigned char *alstr;
363 int allen;
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]364 if ((self->cert = (PyObject *)crypto_X509_New(cert, 1)) == NULL)
365 goto error;
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame]366
367 /* Now we need to extract the friendlyName of the PKCS12
368 * that was stored by PKCS_pasrse() in the alias of the
369 * certificate. */
370 alstr = X509_alias_get0(cert, &allen);
371 if (alstr && (self->friendlyname = Py_BuildValue("s#", alstr, allen))){
372 /* success */
373 } else {
374 Py_INCREF(Py_None);
375 self->friendlyname = Py_None;
376 }
Rick Dean623ee362009-07-17 12:22:16 -0500[diff] [blame]377 }
378 if (pkey == NULL) {
379 Py_INCREF(Py_None);
380 self->key = Py_None;
381 } else {
382 if ((self->key = (PyObject *)crypto_PKey_New(pkey, 1)) == NULL)
383 goto error;
384 }
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]385
386 /* Make a tuple for the CA certs */
387 cacert_count = sk_X509_num(cacerts);
388 if (cacert_count > 0)
389 {
390 Py_DECREF(self->cacerts);
391 if ((self->cacerts = PyTuple_New(cacert_count)) == NULL)
392 goto error;
393
394 for (i = 0; i < cacert_count; i++)
395 {
396 cert = sk_X509_value(cacerts, i);
397 if ((cacertobj = (PyObject *)crypto_X509_New(cert, 1)) == NULL)
398 goto error;
399 PyTuple_SET_ITEM(self->cacerts, i, cacertobj);
400 }
401 }
402
403 sk_X509_free(cacerts); /* don't free the certs, just the stack */
404 PyObject_GC_Track(self);
405
406 return self;
407error:
408 crypto_PKCS12_dealloc(self);
409 return NULL;
410}
411
Rick Deancbeaca02009-07-17 12:50:12 -0500[diff] [blame]412static char crypto_PKCS12_doc[] = "\n\
413PKCS12() -> PKCS12 instance\n\
414\n\
Rick Deane182f482009-07-17 14:49:48 -0500[diff] [blame]415Create a new empty PKCS12 object.\n\
Rick Deancbeaca02009-07-17 12:50:12 -0500[diff] [blame]416\n\
417@returns: The PKCS12 object\n\
418";
419static PyObject *
420crypto_PKCS12_new(PyTypeObject *subtype, PyObject *args, PyObject *kwargs)
421{
422 if (!PyArg_ParseTuple(args, ":PKCS12")) {
423 return NULL;
424 }
425
426 return (PyObject *)crypto_PKCS12_New(NULL, NULL);
427}
428
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]429/*
430 * Find attribute
431 *
432 * Arguments: self - The PKCS12 object
433 * name - The attribute name
434 * Returns: A Python object for the attribute, or NULL if something went
435 * wrong
436 */
437static PyObject *
438crypto_PKCS12_getattr(crypto_PKCS12Obj *self, char *name)
439{
440 return Py_FindMethod(crypto_PKCS12_methods, (PyObject *)self, name);
441}
442
443/*
444 * Call the visitproc on all contained objects.
445 *
446 * Arguments: self - The PKCS12 object
447 * visit - Function to call
448 * arg - Extra argument to visit
449 * Returns: 0 if all goes well, otherwise the return code from the first
450 * call that gave non-zero result.
451 */
452static int
453crypto_PKCS12_traverse(crypto_PKCS12Obj *self, visitproc visit, void *arg)
454{
455 int ret = 0;
456
457 if (ret == 0 && self->cert != NULL)
458 ret = visit(self->cert, arg);
459 if (ret == 0 && self->key != NULL)
460 ret = visit(self->key, arg);
461 if (ret == 0 && self->cacerts != NULL)
462 ret = visit(self->cacerts, arg);
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame]463 if (ret == 0 && self->friendlyname != NULL)
464 ret = visit(self->friendlyname, arg);
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]465 return ret;
466}
467
468/*
469 * Decref all contained objects and zero the pointers.
470 *
471 * Arguments: self - The PKCS12 object
472 * Returns: Always 0.
473 */
474static int
475crypto_PKCS12_clear(crypto_PKCS12Obj *self)
476{
477 Py_XDECREF(self->cert);
478 self->cert = NULL;
479 Py_XDECREF(self->key);
480 self->key = NULL;
481 Py_XDECREF(self->cacerts);
482 self->cacerts = NULL;
Rick Dean42d69e12009-07-20 11:36:08 -0500[diff] [blame]483 Py_XDECREF(self->friendlyname);
484 self->friendlyname = NULL;
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]485 return 0;
486}
487
488/*
489 * Deallocate the memory used by the PKCS12 object
490 *
491 * Arguments: self - The PKCS12 object
492 * Returns: None
493 */
494static void
495crypto_PKCS12_dealloc(crypto_PKCS12Obj *self)
496{
497 PyObject_GC_UnTrack(self);
498 crypto_PKCS12_clear(self);
499 PyObject_GC_Del(self);
500}
501
502PyTypeObject crypto_PKCS12_Type = {
503 PyObject_HEAD_INIT(NULL)
504 0,
505 "PKCS12",
506 sizeof(crypto_PKCS12Obj),
507 0,
508 (destructor)crypto_PKCS12_dealloc,
509 NULL, /* print */
510 (getattrfunc)crypto_PKCS12_getattr,
511 NULL, /* setattr */
512 NULL, /* compare */
513 NULL, /* repr */
514 NULL, /* as_number */
515 NULL, /* as_sequence */
516 NULL, /* as_mapping */
517 NULL, /* hash */
518 NULL, /* call */
519 NULL, /* str */
520 NULL, /* getattro */
521 NULL, /* setattro */
522 NULL, /* as_buffer */
523 Py_TPFLAGS_DEFAULT | Py_TPFLAGS_HAVE_GC,
Rick Deancbeaca02009-07-17 12:50:12 -0500[diff] [blame]524 crypto_PKCS12_doc,
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]525 (traverseproc)crypto_PKCS12_traverse,
526 (inquiry)crypto_PKCS12_clear,
Rick Deancbeaca02009-07-17 12:50:12 -0500[diff] [blame]527 NULL, /* tp_richcompare */
528 0, /* tp_weaklistoffset */
529 NULL, /* tp_iter */
530 NULL, /* tp_iternext */
531 crypto_PKCS12_methods, /* tp_methods */
532 NULL, /* tp_members */
533 NULL, /* tp_getset */
534 NULL, /* tp_base */
535 NULL, /* tp_dict */
536 NULL, /* tp_descr_get */
537 NULL, /* tp_descr_set */
538 0, /* tp_dictoffset */
539 NULL, /* tp_init */
540 NULL, /* tp_alloc */
541 crypto_PKCS12_new, /* tp_new */
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]542};
543
544/*
545 * Initialize the PKCS12 part of the crypto sub module
546 *
Jean-Paul Calderonedc138fa2009-06-27 14:32:07 -0400[diff] [blame]547 * Arguments: module - The crypto module
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]548 * Returns: None
549 */
550int
Jean-Paul Calderonedc138fa2009-06-27 14:32:07 -0400[diff] [blame]551init_crypto_pkcs12(PyObject *module) {
552 if (PyType_Ready(&crypto_PKCS12_Type) < 0) {
553 return 0;
554 }
555
Rick Deancbeaca02009-07-17 12:50:12 -0500[diff] [blame]556 if (PyModule_AddObject(module, "PKCS12", (PyObject *)&crypto_PKCS12_Type) != 0) {
557 return 0;
558 }
559
Jean-Paul Calderonedc138fa2009-06-27 14:32:07 -0400[diff] [blame]560 if (PyModule_AddObject(module, "PKCS12Type", (PyObject *)&crypto_PKCS12_Type) != 0) {
561 return 0;
562 }
563
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]564 return 1;
565}
566