Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / pyopenssl / aed23585b2cf8577c52566069591c63f359a8e43 / . / OpenSSL / crypto / netscape_spki.c
blob: a16ec1ab726627329dec31f74f2de89165d5c48c [file] [log] [blame]
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]1/*
2 * netscape_spki.c
3 *
4 * Copyright (C) Tollef Fog Heen 2003
5 *
6 * Netscape SPKI handling, thin wrapper
7 */
8#include <Python.h>
9#define crypto_MODULE
10#include "crypto.h"
11
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]12/*
13 * Constructor for Nestcape_SPKI, never called by Python code directly
14 *
15 * Arguments: name - A "real" NetscapeSPKI object
16 * dealloc - Boolean value to specify whether the destructor should
17 * free the "real" NetscapeSPKI object
18 * Returns: The newly created NetscapeSPKI object
19 */
20crypto_NetscapeSPKIObj *
21crypto_NetscapeSPKI_New(NETSCAPE_SPKI *name, int dealloc)
22{
23 crypto_NetscapeSPKIObj *self;
24
25 self = PyObject_New(crypto_NetscapeSPKIObj, &crypto_NetscapeSPKI_Type);
26
27 if (self == NULL)
28 return NULL;
29
30 self->netscape_spki = name;
31 self->dealloc = dealloc;
32
33 return self;
34}
35
Jean-Paul Calderonedc138fa2009-06-27 14:32:07 -0400[diff] [blame]36
37static char crypto_NetscapeSPKI_doc[] = "\n\
38NetscapeSPKI([enc]) -> NetscapeSPKI instance\n\
39\n\
40@param enc: Base64 encoded NetscapeSPKI object.\n\
41@type enc: C{str}\n\
42@return: The NetscapeSPKI object\n\
43";
44
45static PyObject *
46crypto_NetscapeSPKI_new(PyTypeObject *subtype, PyObject *args, PyObject *kwargs) {
47 char *enc = NULL;
48 int enc_len = -1;
49 NETSCAPE_SPKI *spki;
50
51 if (!PyArg_ParseTuple(args, "|s#:NetscapeSPKI", &enc, &enc_len))
52 return NULL;
53
54 if (enc_len >= 0)
55 spki = NETSCAPE_SPKI_b64_decode(enc, enc_len);
56 else
57 spki = NETSCAPE_SPKI_new();
58 if (spki == NULL)
59 {
Rick Deand369c932009-07-08 11:48:33 -0500[diff] [blame]60 exception_from_error_queue(crypto_Error);
Jean-Paul Calderonedc138fa2009-06-27 14:32:07 -0400[diff] [blame]61 return NULL;
62 }
63 return (PyObject *)crypto_NetscapeSPKI_New(spki, 1);
64}
65
66
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]67/*
68 * Deallocate the memory used by the NetscapeSPKI object
69 *
70 * Arguments: self - The NetscapeSPKI object
71 * Returns: None
72 */
73static void
74crypto_NetscapeSPKI_dealloc(crypto_NetscapeSPKIObj *self)
75{
76 /* Sometimes we don't have to dealloc this */
77 if (self->dealloc)
78 NETSCAPE_SPKI_free(self->netscape_spki);
79
80 PyObject_Del(self);
81}
82
83static char crypto_NetscapeSPKI_sign_doc[] = "\n\
84Sign the certificate request using the supplied key and digest\n\
85\n\
Jean-Paul Calderone54bcc832009-05-27 14:06:48 -0400[diff] [blame]86@param pkey: The key to sign with\n\
87@param digest: The message digest to use\n\
88@return: None\n\
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]89";
90
91static PyObject *
92crypto_NetscapeSPKI_sign(crypto_NetscapeSPKIObj *self, PyObject *args)
93{
94 crypto_PKeyObj *pkey;
95 char *digest_name;
96 const EVP_MD *digest;
97
98 if (!PyArg_ParseTuple(args, "O!s:sign", &crypto_PKey_Type, &pkey,
99 &digest_name))
100 return NULL;
101
Jean-Paul Calderoneb9725592010-08-03 18:17:22 -0400[diff] [blame]102 if (pkey->only_public) {
103 PyErr_SetString(PyExc_ValueError, "Key has only public part");
104 return NULL;
105 }
106
107 if (!pkey->initialized) {
108 PyErr_SetString(PyExc_ValueError, "Key is uninitialized");
109 return NULL;
110 }
111
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]112 if ((digest = EVP_get_digestbyname(digest_name)) == NULL)
113 {
114 PyErr_SetString(PyExc_ValueError, "No such digest method");
115 return NULL;
116 }
117
118 if (!NETSCAPE_SPKI_sign(self->netscape_spki, pkey->pkey, digest))
119 {
Rick Deand369c932009-07-08 11:48:33 -0500[diff] [blame]120 exception_from_error_queue(crypto_Error);
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]121 return NULL;
122 }
123
124 Py_INCREF(Py_None);
125 return Py_None;
126}
127
128static char crypto_NetscapeSPKI_verify_doc[] = "\n\
129Verifies a certificate request using the supplied public key\n\
Jean-Paul Calderone54bcc832009-05-27 14:06:48 -0400[diff] [blame]130\n\
131@param key: a public key\n\
Jean-Paul Calderoneb9725592010-08-03 18:17:22 -0400[diff] [blame]132@return: True if the signature is correct.\n\
133@raise OpenSSL.crypto.Error: If the signature is invalid or there is a\n\
134 problem verifying the signature.\n\
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]135";
136
137PyObject *
138crypto_NetscapeSPKI_verify(crypto_NetscapeSPKIObj *self, PyObject *args)
139{
140 crypto_PKeyObj *pkey;
141 int answer;
142
Jean-Paul Calderoneb9725592010-08-03 18:17:22 -0400[diff] [blame]143 if (!PyArg_ParseTuple(args, "O!:verify", &crypto_PKey_Type, &pkey)) {
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]144 return NULL;
Jean-Paul Calderoneb9725592010-08-03 18:17:22 -0400[diff] [blame]145 }
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]146
Jean-Paul Calderoneb9725592010-08-03 18:17:22 -0400[diff] [blame]147 if ((answer = NETSCAPE_SPKI_verify(self->netscape_spki, pkey->pkey)) <= 0) {
Rick Deand369c932009-07-08 11:48:33 -0500[diff] [blame]148 exception_from_error_queue(crypto_Error);
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]149 return NULL;
150 }
151
Jean-Paul Calderone2f6c66f2010-08-11 19:53:43 -0400[diff] [blame]152 return PyLong_FromLong((long)answer);
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]153}
154
155static char crypto_NetscapeSPKI_b64_encode_doc[] = "\n\
156Generate a base64 encoded string from an SPKI\n\
Jean-Paul Calderone54bcc832009-05-27 14:06:48 -0400[diff] [blame]157\n\
158@return: The base64 encoded string\n\
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]159";
160
161PyObject *
162crypto_NetscapeSPKI_b64_encode(crypto_NetscapeSPKIObj *self, PyObject *args)
163{
164 char *str;
165
166 if (!PyArg_ParseTuple(args, ":b64_encode"))
167 return NULL;
168
169 str = NETSCAPE_SPKI_b64_encode(self->netscape_spki);
Jean-Paul Calderone2f6c66f2010-08-11 19:53:43 -0400[diff] [blame]170 return PyBytes_FromString(str);
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]171}
172
173
174static char crypto_NetscapeSPKI_get_pubkey_doc[] = "\n\
175Get the public key of the certificate\n\
176\n\
Jean-Paul Calderone54bcc832009-05-27 14:06:48 -0400[diff] [blame]177@return: The public key\n\
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]178";
179
180static PyObject *
181crypto_NetscapeSPKI_get_pubkey(crypto_NetscapeSPKIObj *self, PyObject *args)
182{
183 crypto_PKeyObj *crypto_PKey_New(EVP_PKEY *, int);
184 EVP_PKEY *pkey;
Jean-Paul Calderoneb9725592010-08-03 18:17:22 -0400[diff] [blame]185 crypto_PKeyObj *py_pkey;
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]186
187 if (!PyArg_ParseTuple(args, ":get_pubkey"))
188 return NULL;
189
190 if ((pkey = NETSCAPE_SPKI_get_pubkey(self->netscape_spki)) == NULL)
191 {
Rick Deand369c932009-07-08 11:48:33 -0500[diff] [blame]192 exception_from_error_queue(crypto_Error);
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]193 return NULL;
194 }
195
Jean-Paul Calderoneb9725592010-08-03 18:17:22 -0400[diff] [blame]196 py_pkey = crypto_PKey_New(pkey, 1);
197 if (py_pkey != NULL) {
198 py_pkey->only_public = 1;
199 }
200 return (PyObject *)py_pkey;
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]201}
202
203static char crypto_NetscapeSPKI_set_pubkey_doc[] = "\n\
204Set the public key of the certificate\n\
205\n\
Jean-Paul Calderone54bcc832009-05-27 14:06:48 -0400[diff] [blame]206@param pkey: The public key\n\
207@return: None\n\
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]208";
209
210static PyObject *
211crypto_NetscapeSPKI_set_pubkey(crypto_NetscapeSPKIObj *self, PyObject *args)
212{
213 crypto_PKeyObj *pkey;
214
215 if (!PyArg_ParseTuple(args, "O!:set_pubkey", &crypto_PKey_Type, &pkey))
216 return NULL;
217
218 if (!NETSCAPE_SPKI_set_pubkey(self->netscape_spki, pkey->pkey))
219 {
Rick Deand369c932009-07-08 11:48:33 -0500[diff] [blame]220 exception_from_error_queue(crypto_Error);
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]221 return NULL;
222 }
223
224 Py_INCREF(Py_None);
225 return Py_None;
226}
227
228/*
229 * ADD_METHOD(name) expands to a correct PyMethodDef declaration
230 * { 'name', (PyCFunction)crypto_NetscapeSPKI_name, METH_VARARGS }
231 * for convenience
232 */
233#define ADD_METHOD(name) \
234 { #name, (PyCFunction)crypto_NetscapeSPKI_##name, METH_VARARGS, crypto_NetscapeSPKI_##name##_doc }
235static PyMethodDef crypto_NetscapeSPKI_methods[] =
236{
237 ADD_METHOD(get_pubkey),
238 ADD_METHOD(set_pubkey),
239 ADD_METHOD(b64_encode),
240 ADD_METHOD(sign),
241 ADD_METHOD(verify),
242 { NULL, NULL }
243};
244#undef ADD_METHOD
245
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]246PyTypeObject crypto_NetscapeSPKI_Type = {
Jean-Paul Calderone3fe7f672010-08-11 23:55:10 -0400[diff] [blame]247 PyOpenSSL_HEAD_INIT(&PyType_Type, 0)
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]248 "NetscapeSPKI",
249 sizeof(crypto_NetscapeSPKIObj),
250 0,
251 (destructor)crypto_NetscapeSPKI_dealloc,
252 NULL, /* print */
Jean-Paul Calderone2f6c66f2010-08-11 19:53:43 -0400[diff] [blame]253 NULL, /* getattr */
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]254 NULL, /* setattr */
255 NULL, /* compare */
256 NULL, /* repr */
257 NULL, /* as_number */
258 NULL, /* as_sequence */
259 NULL, /* as_mapping */
Jean-Paul Calderonedc138fa2009-06-27 14:32:07 -0400[diff] [blame]260 NULL, /* hash */
261 NULL, /* call */
262 NULL, /* str */
263 NULL, /* getattro */
264 NULL, /* setattro */
265 NULL, /* as_buffer */
266 Py_TPFLAGS_DEFAULT,
267 crypto_NetscapeSPKI_doc, /* doc */
268 NULL, /* traverse */
269 NULL, /* clear */
270 NULL, /* tp_richcompare */
271 0, /* tp_weaklistoffset */
272 NULL, /* tp_iter */
273 NULL, /* tp_iternext */
274 crypto_NetscapeSPKI_methods, /* tp_methods */
275 NULL, /* tp_members */
276 NULL, /* tp_getset */
277 NULL, /* tp_base */
278 NULL, /* tp_dict */
279 NULL, /* tp_descr_get */
280 NULL, /* tp_descr_set */
281 0, /* tp_dictoffset */
282 NULL, /* tp_init */
283 NULL, /* tp_alloc */
284 crypto_NetscapeSPKI_new, /* tp_new */
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]285};
286
287
288/*
289 * Initialize the X509Name part of the crypto module
290 *
Jean-Paul Calderonedc138fa2009-06-27 14:32:07 -0400[diff] [blame]291 * Arguments: module - The crypto module
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]292 * Returns: None
293 */
294int
Jean-Paul Calderonedc138fa2009-06-27 14:32:07 -0400[diff] [blame]295init_crypto_netscape_spki(PyObject *module) {
296 if (PyType_Ready(&crypto_NetscapeSPKI_Type) < 0) {
297 return 0;
298 }
299
Jean-Paul Calderone86ad7112010-05-11 16:08:45 -0400[diff] [blame]300 /* PyModule_AddObject steals a reference
301 */
302 Py_INCREF((PyObject *)&crypto_NetscapeSPKI_Type);
Jean-Paul Calderonedc138fa2009-06-27 14:32:07 -0400[diff] [blame]303 if (PyModule_AddObject(module, "NetscapeSPKI", (PyObject *)&crypto_NetscapeSPKI_Type) != 0) {
304 return 0;
305 }
306
Jean-Paul Calderoneaed23582011-03-12 22:45:02 -0500[diff] [blame^]307 /* PyModule_AddObject steals a reference
308 */
309 Py_INCREF((PyObject *)&crypto_NetscapeSPKI_Type);
Jean-Paul Calderonedc138fa2009-06-27 14:32:07 -0400[diff] [blame]310 if (PyModule_AddObject(module, "NetscapeSPKIType", (PyObject *)&crypto_NetscapeSPKI_Type) != 0) {
311 return 0;
312 }
313
Jean-Paul Calderone897bc252008-02-18 20:50:23 -0500[diff] [blame]314 return 1;
315}