Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 1 | /* |
| 2 | * pkcs12.c |
| 3 | * |
Jean-Paul Calderone | 8671c85 | 2011-03-02 19:26:20 -0500 | [diff] [blame] | 4 | * Copyright (C) AB Strakt |
| 5 | * See LICENSE for details. |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 6 | * |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 7 | * Certificate transport (PKCS12) handling code, |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 8 | * mostly thin wrappers around OpenSSL. |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 9 | * See the file RATIONALE for a short explanation of why |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 10 | * this module was written. |
| 11 | * |
| 12 | * Reviewed 2001-07-23 |
| 13 | */ |
| 14 | #include <Python.h> |
| 15 | #define crypto_MODULE |
| 16 | #include "crypto.h" |
| 17 | |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 18 | /* |
| 19 | * PKCS12 is a standard exchange format for digital certificates. |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 20 | * See e.g. the OpenSSL homepage http://www.openssl.org/ for more information |
| 21 | */ |
| 22 | |
| 23 | static void crypto_PKCS12_dealloc(crypto_PKCS12Obj *self); |
Jean-Paul Calderone | d0a9876 | 2009-07-25 21:23:01 -0400 | [diff] [blame] | 24 | static int crypto_PKCS12_clear(crypto_PKCS12Obj *self); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 25 | |
| 26 | static char crypto_PKCS12_get_certificate_doc[] = "\n\ |
| 27 | Return certificate portion of the PKCS12 structure\n\ |
| 28 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 29 | @return: X509 object containing the certificate\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 30 | "; |
| 31 | static PyObject * |
| 32 | crypto_PKCS12_get_certificate(crypto_PKCS12Obj *self, PyObject *args) |
| 33 | { |
| 34 | if (!PyArg_ParseTuple(args, ":get_certificate")) |
| 35 | return NULL; |
| 36 | |
| 37 | Py_INCREF(self->cert); |
| 38 | return self->cert; |
| 39 | } |
| 40 | |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 41 | static char crypto_PKCS12_set_certificate_doc[] = "\n\ |
Rick Dean | e182f48 | 2009-07-17 14:49:48 -0500 | [diff] [blame] | 42 | Replace the certificate portion of the PKCS12 structure\n\ |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 43 | \n\ |
Rick Dean | e182f48 | 2009-07-17 14:49:48 -0500 | [diff] [blame] | 44 | @param cert: The new certificate.\n\ |
Jean-Paul Calderone | bade313 | 2009-07-24 21:27:13 -0400 | [diff] [blame] | 45 | @type cert: L{X509} or L{NoneType}\n\ |
Rick Dean | 379917c | 2009-07-21 11:37:41 -0500 | [diff] [blame] | 46 | @return: None\n\ |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 47 | "; |
Rick Dean | 38a05c8 | 2009-07-18 01:41:30 -0500 | [diff] [blame] | 48 | static PyObject * |
Jean-Paul Calderone | bade313 | 2009-07-24 21:27:13 -0400 | [diff] [blame] | 49 | crypto_PKCS12_set_certificate(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds) { |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 50 | PyObject *cert = NULL; |
| 51 | static char *kwlist[] = {"cert", NULL}; |
| 52 | |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 53 | if (!PyArg_ParseTupleAndKeywords(args, keywds, "O:set_certificate", |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 54 | kwlist, &cert)) |
| 55 | return NULL; |
| 56 | |
Jean-Paul Calderone | bade313 | 2009-07-24 21:27:13 -0400 | [diff] [blame] | 57 | if (cert != Py_None && ! crypto_X509_Check(cert)) { |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 58 | PyErr_SetString(PyExc_TypeError, "cert must be type X509 or None"); |
| 59 | return NULL; |
| 60 | } |
| 61 | |
| 62 | Py_INCREF(cert); /* Make consistent before calling Py_DECREF() */ |
Rick Dean | 585cd9e | 2009-07-18 14:58:11 -0500 | [diff] [blame] | 63 | Py_DECREF(self->cert); |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 64 | self->cert = cert; |
| 65 | |
Rick Dean | 38a05c8 | 2009-07-18 01:41:30 -0500 | [diff] [blame] | 66 | Py_INCREF(Py_None); |
| 67 | return Py_None; |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 68 | } |
| 69 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 70 | static char crypto_PKCS12_get_privatekey_doc[] = "\n\ |
| 71 | Return private key portion of the PKCS12 structure\n\ |
| 72 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 73 | @returns: PKey object containing the private key\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 74 | "; |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 75 | static crypto_PKeyObj * |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 76 | crypto_PKCS12_get_privatekey(crypto_PKCS12Obj *self, PyObject *args) |
| 77 | { |
| 78 | if (!PyArg_ParseTuple(args, ":get_privatekey")) |
| 79 | return NULL; |
| 80 | |
| 81 | Py_INCREF(self->key); |
Rick Dean | 864e15e | 2009-07-17 15:21:23 -0500 | [diff] [blame] | 82 | return (crypto_PKeyObj *) self->key; |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 83 | } |
| 84 | |
| 85 | static char crypto_PKCS12_set_privatekey_doc[] = "\n\ |
Rick Dean | e182f48 | 2009-07-17 14:49:48 -0500 | [diff] [blame] | 86 | Replace or set the certificate portion of the PKCS12 structure\n\ |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 87 | \n\ |
Rick Dean | e182f48 | 2009-07-17 14:49:48 -0500 | [diff] [blame] | 88 | @param pkey: The new private key.\n\ |
| 89 | @type pkey: L{PKey}\n\ |
| 90 | @return: None\n\ |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 91 | "; |
Rick Dean | 38a05c8 | 2009-07-18 01:41:30 -0500 | [diff] [blame] | 92 | static PyObject * |
Jean-Paul Calderone | d866543 | 2009-07-24 21:28:52 -0400 | [diff] [blame] | 93 | crypto_PKCS12_set_privatekey(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds) { |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 94 | PyObject *pkey = NULL; |
| 95 | static char *kwlist[] = {"pkey", NULL}; |
| 96 | |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 97 | if (!PyArg_ParseTupleAndKeywords(args, keywds, "O:set_privatekey", |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 98 | kwlist, &pkey)) |
| 99 | return NULL; |
| 100 | |
Jean-Paul Calderone | d866543 | 2009-07-24 21:28:52 -0400 | [diff] [blame] | 101 | if (pkey != Py_None && ! crypto_PKey_Check(pkey)) { |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 102 | PyErr_SetString(PyExc_TypeError, "pkey must be type X509 or None"); |
| 103 | return NULL; |
| 104 | } |
| 105 | |
| 106 | Py_INCREF(pkey); /* Make consistent before calling Py_DECREF() */ |
Rick Dean | 585cd9e | 2009-07-18 14:58:11 -0500 | [diff] [blame] | 107 | Py_DECREF(self->key); |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 108 | self->key = pkey; |
| 109 | |
Rick Dean | 38a05c8 | 2009-07-18 01:41:30 -0500 | [diff] [blame] | 110 | Py_INCREF(Py_None); |
| 111 | return Py_None; |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 112 | } |
| 113 | |
| 114 | static char crypto_PKCS12_get_ca_certificates_doc[] = "\n\ |
| 115 | Return CA certificates within of the PKCS12 object\n\ |
| 116 | \n\ |
Jean-Paul Calderone | 54bcc83 | 2009-05-27 14:06:48 -0400 | [diff] [blame] | 117 | @return: A newly created tuple containing the CA certificates in the chain,\n\ |
| 118 | if any are present, or None if no CA certificates are present.\n\ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 119 | "; |
| 120 | static PyObject * |
| 121 | crypto_PKCS12_get_ca_certificates(crypto_PKCS12Obj *self, PyObject *args) |
| 122 | { |
| 123 | if (!PyArg_ParseTuple(args, ":get_ca_certificates")) |
| 124 | return NULL; |
| 125 | |
| 126 | Py_INCREF(self->cacerts); |
| 127 | return self->cacerts; |
| 128 | } |
| 129 | |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 130 | static char crypto_PKCS12_set_ca_certificates_doc[] = "\n\ |
Rick Dean | e182f48 | 2009-07-17 14:49:48 -0500 | [diff] [blame] | 131 | Replace or set the CA certificates withing the PKCS12 object.\n\ |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 132 | \n\ |
Rick Dean | e182f48 | 2009-07-17 14:49:48 -0500 | [diff] [blame] | 133 | @param cacerts: The new CA certificates.\n\ |
Jean-Paul Calderone | d866543 | 2009-07-24 21:28:52 -0400 | [diff] [blame] | 134 | @type cacerts: Iterable of L{X509} or L{NoneType}\n\ |
Rick Dean | e182f48 | 2009-07-17 14:49:48 -0500 | [diff] [blame] | 135 | @return: None\n\ |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 136 | "; |
Rick Dean | 38a05c8 | 2009-07-18 01:41:30 -0500 | [diff] [blame] | 137 | static PyObject * |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 138 | crypto_PKCS12_set_ca_certificates(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds) |
| 139 | { |
Jean-Paul Calderone | 499fa1d | 2009-07-24 21:15:30 -0400 | [diff] [blame] | 140 | PyObject *obj; |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 141 | PyObject *cacerts; |
| 142 | static char *kwlist[] = {"cacerts", NULL}; |
Rick Dean | 25bcc1f | 2009-07-20 11:53:13 -0500 | [diff] [blame] | 143 | int i, len; /* Py_ssize_t for Python 2.5+ */ |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 144 | |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 145 | if (!PyArg_ParseTupleAndKeywords(args, keywds, "O:set_ca_certificates", |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 146 | kwlist, &cacerts)) |
| 147 | return NULL; |
| 148 | if (cacerts == Py_None) { |
Rick Dean | e84d146 | 2009-07-24 09:27:01 -0500 | [diff] [blame] | 149 | Py_INCREF(cacerts); |
Jean-Paul Calderone | 206c227 | 2009-07-24 21:22:38 -0400 | [diff] [blame] | 150 | } else { |
| 151 | /* It's iterable */ |
Rick Dean | e84d146 | 2009-07-24 09:27:01 -0500 | [diff] [blame] | 152 | cacerts = PySequence_Tuple(cacerts); |
Jean-Paul Calderone | 206c227 | 2009-07-24 21:22:38 -0400 | [diff] [blame] | 153 | if (cacerts == NULL) { |
Rick Dean | e84d146 | 2009-07-24 09:27:01 -0500 | [diff] [blame] | 154 | return NULL; |
| 155 | } |
Jean-Paul Calderone | 206c227 | 2009-07-24 21:22:38 -0400 | [diff] [blame] | 156 | len = PyTuple_Size(cacerts); |
| 157 | |
Rick Dean | 4830525 | 2009-07-18 15:28:38 -0500 | [diff] [blame] | 158 | /* Check is's a simple list filled only with X509 objects. */ |
Jean-Paul Calderone | 206c227 | 2009-07-24 21:22:38 -0400 | [diff] [blame] | 159 | for (i = 0; i < len; i++) { |
Jean-Paul Calderone | 4c6b72e | 2009-07-24 21:18:51 -0400 | [diff] [blame] | 160 | obj = PyTuple_GetItem(cacerts, i); |
Jean-Paul Calderone | fed4d15 | 2009-07-24 21:23:57 -0400 | [diff] [blame] | 161 | if (!crypto_X509_Check(obj)) { |
Rick Dean | e84d146 | 2009-07-24 09:27:01 -0500 | [diff] [blame] | 162 | Py_DECREF(cacerts); |
Rick Dean | e84d146 | 2009-07-24 09:27:01 -0500 | [diff] [blame] | 163 | PyErr_SetString(PyExc_TypeError, "iterable must only contain X509Type"); |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 164 | return NULL; |
| 165 | } |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 166 | } |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 167 | } |
| 168 | |
Rick Dean | 585cd9e | 2009-07-18 14:58:11 -0500 | [diff] [blame] | 169 | Py_DECREF(self->cacerts); |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 170 | self->cacerts = cacerts; |
| 171 | |
Rick Dean | 38a05c8 | 2009-07-18 01:41:30 -0500 | [diff] [blame] | 172 | Py_INCREF(Py_None); |
| 173 | return Py_None; |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 174 | } |
| 175 | |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 176 | static char crypto_PKCS12_get_friendlyname_doc[] = "\n\ |
| 177 | Return friendly name portion of the PKCS12 structure\n\ |
| 178 | \n\ |
| 179 | @returns: String containing the friendlyname\n\ |
| 180 | "; |
Rick Dean | 99251c2 | 2009-07-24 09:32:46 -0500 | [diff] [blame] | 181 | static PyObject * |
Jean-Paul Calderone | 4a45cbc | 2009-07-24 21:41:12 -0400 | [diff] [blame] | 182 | crypto_PKCS12_get_friendlyname(crypto_PKCS12Obj *self, PyObject *args) { |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 183 | if (!PyArg_ParseTuple(args, ":get_friendlyname")) |
| 184 | return NULL; |
| 185 | |
| 186 | Py_INCREF(self->friendlyname); |
Rick Dean | 99251c2 | 2009-07-24 09:32:46 -0500 | [diff] [blame] | 187 | return (PyObject *) self->friendlyname; |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 188 | } |
| 189 | |
| 190 | static char crypto_PKCS12_set_friendlyname_doc[] = "\n\ |
| 191 | Replace or set the certificate portion of the PKCS12 structure\n\ |
| 192 | \n\ |
| 193 | @param name: The new friendly name.\n\ |
| 194 | @type name: L{str}\n\ |
| 195 | @return: None\n\ |
| 196 | "; |
| 197 | static PyObject * |
Jean-Paul Calderone | 4a45cbc | 2009-07-24 21:41:12 -0400 | [diff] [blame] | 198 | crypto_PKCS12_set_friendlyname(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds) { |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 199 | PyObject *name = NULL; |
| 200 | static char *kwlist[] = {"name", NULL}; |
| 201 | |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 202 | if (!PyArg_ParseTupleAndKeywords(args, keywds, "O:set_friendlyname", |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 203 | kwlist, &name)) |
| 204 | return NULL; |
| 205 | |
Jean-Paul Calderone | 2f6c66f | 2010-08-11 19:53:43 -0400 | [diff] [blame] | 206 | if (name != Py_None && ! PyBytes_CheckExact(name)) { |
Jean-Paul Calderone | add7bf0 | 2010-08-22 17:38:30 -0400 | [diff] [blame] | 207 | PyErr_SetString(PyExc_TypeError, "name must be a byte string or None"); |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 208 | return NULL; |
| 209 | } |
| 210 | |
| 211 | Py_INCREF(name); /* Make consistent before calling Py_DECREF() */ |
| 212 | Py_DECREF(self->friendlyname); |
| 213 | self->friendlyname = name; |
| 214 | |
| 215 | Py_INCREF(Py_None); |
| 216 | return Py_None; |
| 217 | } |
| 218 | |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 219 | static char crypto_PKCS12_export_doc[] = "\n\ |
Rick Dean | e182f48 | 2009-07-17 14:49:48 -0500 | [diff] [blame] | 220 | export([passphrase=None][, friendly_name=None][, iter=2048][, maciter=1]\n\ |
| 221 | Dump a PKCS12 object as a string. See also \"man PKCS12_create\".\n\ |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 222 | \n\ |
Rick Dean | e182f48 | 2009-07-17 14:49:48 -0500 | [diff] [blame] | 223 | @param passphrase: used to encrypt the PKCS12\n\ |
| 224 | @type passphrase: L{str}\n\ |
Rick Dean | e182f48 | 2009-07-17 14:49:48 -0500 | [diff] [blame] | 225 | @param iter: How many times to repeat the encryption\n\ |
| 226 | @type iter: L{int}\n\ |
| 227 | @param maciter: How many times to repeat the MAC\n\ |
| 228 | @type maciter: L{int}\n\ |
| 229 | @return: The string containing the PKCS12\n\ |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 230 | "; |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 231 | static PyObject * |
Jean-Paul Calderone | 4a45cbc | 2009-07-24 21:41:12 -0400 | [diff] [blame] | 232 | crypto_PKCS12_export(crypto_PKCS12Obj *self, PyObject *args, PyObject *keywds) { |
| 233 | int i; /* Py_ssize_t for Python 2.5+ */ |
| 234 | PyObject *obj; |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 235 | int buf_len; |
| 236 | PyObject *buffer; |
| 237 | char *temp, *passphrase = NULL, *friendly_name = NULL; |
| 238 | BIO *bio; |
| 239 | PKCS12 *p12; |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 240 | EVP_PKEY *pkey = NULL; |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 241 | STACK_OF(X509) *cacerts = NULL; |
| 242 | X509 *x509 = NULL; |
Rick Dean | e182f48 | 2009-07-17 14:49:48 -0500 | [diff] [blame] | 243 | int iter = 0; /* defaults to PKCS12_DEFAULT_ITER */ |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 244 | int maciter = 0; |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 245 | static char *kwlist[] = {"passphrase", "iter", "maciter", NULL}; |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 246 | |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 247 | if (!PyArg_ParseTupleAndKeywords(args, keywds, "|zii:export", |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 248 | kwlist, &passphrase, &iter, &maciter)) |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 249 | return NULL; |
| 250 | |
Rick Dean | 585cd9e | 2009-07-18 14:58:11 -0500 | [diff] [blame] | 251 | if (self->key != Py_None) { |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 252 | pkey = ((crypto_PKeyObj*) self->key)->pkey; |
| 253 | } |
Rick Dean | 585cd9e | 2009-07-18 14:58:11 -0500 | [diff] [blame] | 254 | if (self->cert != Py_None) { |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 255 | x509 = ((crypto_X509Obj*) self->cert)->x509; |
| 256 | } |
Rick Dean | 585cd9e | 2009-07-18 14:58:11 -0500 | [diff] [blame] | 257 | if (self->cacerts != Py_None) { |
Rick Dean | 8fefeb0 | 2009-07-24 10:56:29 -0500 | [diff] [blame] | 258 | cacerts = sk_X509_new_null(); |
Jean-Paul Calderone | 4a45cbc | 2009-07-24 21:41:12 -0400 | [diff] [blame] | 259 | for (i = 0; i < PyTuple_Size(self->cacerts); i++) { /* For each CA cert */ |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 260 | obj = PySequence_GetItem(self->cacerts, i); |
| 261 | /* assert(PyObject_IsInstance(obj, (PyObject *) &crypto_X509_Type )); */ |
| 262 | sk_X509_push(cacerts, (( crypto_X509Obj* ) obj)->x509); |
| 263 | Py_DECREF(obj); |
| 264 | } |
| 265 | } |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 266 | if (self->friendlyname != Py_None) { |
Jean-Paul Calderone | 2f6c66f | 2010-08-11 19:53:43 -0400 | [diff] [blame] | 267 | friendly_name = PyBytes_AsString(self->friendlyname); |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 268 | } |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 269 | |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 270 | p12 = PKCS12_create(passphrase, friendly_name, pkey, x509, cacerts, |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 271 | NID_pbe_WithSHA1And3_Key_TripleDES_CBC, |
| 272 | NID_pbe_WithSHA1And3_Key_TripleDES_CBC, |
| 273 | iter, maciter, 0); |
Rick Dean | 8fefeb0 | 2009-07-24 10:56:29 -0500 | [diff] [blame] | 274 | sk_X509_free(cacerts); /* NULL safe. Free just the container. */ |
Jean-Paul Calderone | 4a45cbc | 2009-07-24 21:41:12 -0400 | [diff] [blame] | 275 | if (p12 == NULL) { |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 276 | exception_from_error_queue(crypto_Error); |
| 277 | return NULL; |
| 278 | } |
| 279 | bio = BIO_new(BIO_s_mem()); |
| 280 | i2d_PKCS12_bio(bio, p12); |
| 281 | buf_len = BIO_get_mem_data(bio, &temp); |
Jean-Paul Calderone | 2f6c66f | 2010-08-11 19:53:43 -0400 | [diff] [blame] | 282 | buffer = PyBytes_FromStringAndSize(temp, buf_len); |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 283 | BIO_free(bio); |
| 284 | return buffer; |
| 285 | } |
| 286 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 287 | /* |
| 288 | * ADD_METHOD(name) expands to a correct PyMethodDef declaration |
| 289 | * { 'name', (PyCFunction)crypto_PKCS12_name, METH_VARARGS, crypto_PKCS12_name_doc } |
| 290 | * for convenience |
| 291 | */ |
| 292 | #define ADD_METHOD(name) \ |
| 293 | { #name, (PyCFunction)crypto_PKCS12_##name, METH_VARARGS, crypto_PKCS12_##name##_doc } |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 294 | #define ADD_KW_METHOD(name) \ |
| 295 | { #name, (PyCFunction)crypto_PKCS12_##name, METH_VARARGS | METH_KEYWORDS, crypto_PKCS12_##name##_doc } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 296 | static PyMethodDef crypto_PKCS12_methods[] = |
| 297 | { |
| 298 | ADD_METHOD(get_certificate), |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 299 | ADD_KW_METHOD(set_certificate), |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 300 | ADD_METHOD(get_privatekey), |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 301 | ADD_KW_METHOD(set_privatekey), |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 302 | ADD_METHOD(get_ca_certificates), |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 303 | ADD_KW_METHOD(set_ca_certificates), |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 304 | ADD_METHOD(get_friendlyname), |
| 305 | ADD_KW_METHOD(set_friendlyname), |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 306 | ADD_KW_METHOD(export), |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 307 | { NULL, NULL } |
| 308 | }; |
| 309 | #undef ADD_METHOD |
| 310 | |
| 311 | /* |
| 312 | * Constructor for PKCS12 objects, never called by Python code directly. |
| 313 | * The strategy for this object is to create all the Python objects |
| 314 | * corresponding to the cert/key/CA certs right away |
| 315 | * |
Jean-Paul Calderone | 32eb031 | 2009-07-25 11:15:55 -0400 | [diff] [blame] | 316 | * Arguments: p12 - A "real" PKCS12 object or NULL |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 317 | * passphrase - Passphrase to use when decrypting the PKCS12 object |
| 318 | * Returns: The newly created PKCS12 object |
| 319 | */ |
| 320 | crypto_PKCS12Obj * |
Jean-Paul Calderone | 32eb031 | 2009-07-25 11:15:55 -0400 | [diff] [blame] | 321 | crypto_PKCS12_New(PKCS12 *p12, char *passphrase) { |
Jean-Paul Calderone | e58415f | 2009-07-24 21:12:45 -0400 | [diff] [blame] | 322 | crypto_PKCS12Obj *self = NULL; |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 323 | PyObject *cacertobj = NULL; |
| 324 | |
Jean-Paul Calderone | b96d13e | 2009-07-25 11:33:22 -0400 | [diff] [blame] | 325 | unsigned char *alias_str; |
| 326 | int alias_len; |
Jean-Paul Calderone | 32eb031 | 2009-07-25 11:15:55 -0400 | [diff] [blame] | 327 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 328 | X509 *cert = NULL; |
| 329 | EVP_PKEY *pkey = NULL; |
| 330 | STACK_OF(X509) *cacerts = NULL; |
| 331 | |
| 332 | int i, cacert_count = 0; |
| 333 | |
| 334 | /* allocate space for the CA cert stack */ |
Jean-Paul Calderone | 32eb031 | 2009-07-25 11:15:55 -0400 | [diff] [blame] | 335 | if((cacerts = sk_X509_new_null()) == NULL) { |
Rick Dean | aace5e9 | 2009-07-24 10:44:49 -0500 | [diff] [blame] | 336 | goto error; /* out of memory? */ |
Jean-Paul Calderone | 32eb031 | 2009-07-25 11:15:55 -0400 | [diff] [blame] | 337 | } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 338 | |
| 339 | /* parse the PKCS12 lump */ |
Jean-Paul Calderone | b51bda3 | 2011-05-04 16:57:45 -0400 | [diff] [blame^] | 340 | if (p12) { |
| 341 | if (!PKCS12_parse(p12, passphrase, &pkey, &cert, &cacerts)) { |
| 342 | /* |
| 343 | * If PKCS12_parse fails, and it allocated cacerts, it seems to |
| 344 | * free cacerts, but not re-NULL the pointer. Zounds! Make sure |
| 345 | * it is re-set to NULL here, else we'll have a double-free below. |
| 346 | */ |
| 347 | cacerts = NULL; |
| 348 | exception_from_error_queue(crypto_Error); |
| 349 | goto error; |
| 350 | } else { |
| 351 | /* |
| 352 | * OpenSSL 1.0.0 sometimes leaves an X509_check_private_key error in |
| 353 | * the queue for no particular reason. This error isn't interesting |
| 354 | * to anyone outside this function. It's not even interesting to |
| 355 | * us. Get rid of it. |
| 356 | */ |
| 357 | flush_error_queue(); |
| 358 | } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 359 | } |
| 360 | |
Jean-Paul Calderone | 32eb031 | 2009-07-25 11:15:55 -0400 | [diff] [blame] | 361 | if (!(self = PyObject_GC_New(crypto_PKCS12Obj, &crypto_PKCS12_Type))) { |
Rick Dean | ee56830 | 2009-07-24 09:56:29 -0500 | [diff] [blame] | 362 | goto error; |
Jean-Paul Calderone | 32eb031 | 2009-07-25 11:15:55 -0400 | [diff] [blame] | 363 | } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 364 | |
Rick Dean | 8fefeb0 | 2009-07-24 10:56:29 -0500 | [diff] [blame] | 365 | /* client certificate and friendlyName */ |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 366 | if (cert == NULL) { |
| 367 | Py_INCREF(Py_None); |
| 368 | self->cert = Py_None; |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 369 | Py_INCREF(Py_None); |
| 370 | self->friendlyname = Py_None; |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 371 | } else { |
Jean-Paul Calderone | 32eb031 | 2009-07-25 11:15:55 -0400 | [diff] [blame] | 372 | if ((self->cert = (PyObject *)crypto_X509_New(cert, 1)) == NULL) { |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 373 | goto error; |
Jean-Paul Calderone | 32eb031 | 2009-07-25 11:15:55 -0400 | [diff] [blame] | 374 | } |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 375 | |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 376 | /* Now we need to extract the friendlyName of the PKCS12 |
Jean-Paul Calderone | 304866b | 2009-07-25 12:03:55 -0400 | [diff] [blame] | 377 | * that was stored by PKCS_parse() in the alias of the |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 378 | * certificate. */ |
Jean-Paul Calderone | b96d13e | 2009-07-25 11:33:22 -0400 | [diff] [blame] | 379 | alias_str = X509_alias_get0(cert, &alias_len); |
Jean-Paul Calderone | 304866b | 2009-07-25 12:03:55 -0400 | [diff] [blame] | 380 | if (alias_str) { |
Jean-Paul Calderone | 40dd099 | 2010-08-22 17:52:07 -0400 | [diff] [blame] | 381 | self->friendlyname = Py_BuildValue(BYTESTRING_FMT "#", alias_str, alias_len); |
Jean-Paul Calderone | add7bf0 | 2010-08-22 17:38:30 -0400 | [diff] [blame] | 382 | if (!self->friendlyname) { |
Jean-Paul Calderone | 304866b | 2009-07-25 12:03:55 -0400 | [diff] [blame] | 383 | /* |
| 384 | * XXX Untested |
| 385 | */ |
| 386 | goto error; |
| 387 | } |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 388 | /* success */ |
| 389 | } else { |
| 390 | Py_INCREF(Py_None); |
| 391 | self->friendlyname = Py_None; |
| 392 | } |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 393 | } |
Rick Dean | 8fefeb0 | 2009-07-24 10:56:29 -0500 | [diff] [blame] | 394 | |
| 395 | /* private key */ |
Rick Dean | 623ee36 | 2009-07-17 12:22:16 -0500 | [diff] [blame] | 396 | if (pkey == NULL) { |
| 397 | Py_INCREF(Py_None); |
| 398 | self->key = Py_None; |
| 399 | } else { |
| 400 | if ((self->key = (PyObject *)crypto_PKey_New(pkey, 1)) == NULL) |
| 401 | goto error; |
| 402 | } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 403 | |
Rick Dean | 8fefeb0 | 2009-07-24 10:56:29 -0500 | [diff] [blame] | 404 | /* CA certs */ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 405 | cacert_count = sk_X509_num(cacerts); |
Jean-Paul Calderone | 304866b | 2009-07-25 12:03:55 -0400 | [diff] [blame] | 406 | if (cacert_count <= 0) { |
Rick Dean | aace5e9 | 2009-07-24 10:44:49 -0500 | [diff] [blame] | 407 | Py_INCREF(Py_None); |
| 408 | self->cacerts = Py_None; |
| 409 | } else { |
Jean-Paul Calderone | 304866b | 2009-07-25 12:03:55 -0400 | [diff] [blame] | 410 | if ((self->cacerts = PyTuple_New(cacert_count)) == NULL) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 411 | goto error; |
Jean-Paul Calderone | 304866b | 2009-07-25 12:03:55 -0400 | [diff] [blame] | 412 | } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 413 | |
Jean-Paul Calderone | 304866b | 2009-07-25 12:03:55 -0400 | [diff] [blame] | 414 | for (i = 0; i < cacert_count; i++) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 415 | cert = sk_X509_value(cacerts, i); |
Jean-Paul Calderone | 304866b | 2009-07-25 12:03:55 -0400 | [diff] [blame] | 416 | if ((cacertobj = (PyObject *)crypto_X509_New(cert, 1)) == NULL) { |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 417 | goto error; |
Jean-Paul Calderone | 304866b | 2009-07-25 12:03:55 -0400 | [diff] [blame] | 418 | } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 419 | PyTuple_SET_ITEM(self->cacerts, i, cacertobj); |
| 420 | } |
| 421 | } |
| 422 | |
Rick Dean | 8fefeb0 | 2009-07-24 10:56:29 -0500 | [diff] [blame] | 423 | sk_X509_free(cacerts); /* Don't free the certs, just the container. */ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 424 | PyObject_GC_Track(self); |
| 425 | |
| 426 | return self; |
Rick Dean | ee56830 | 2009-07-24 09:56:29 -0500 | [diff] [blame] | 427 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 428 | error: |
Rick Dean | 8fefeb0 | 2009-07-24 10:56:29 -0500 | [diff] [blame] | 429 | sk_X509_free(cacerts); /* NULL safe. Free just the container. */ |
Jean-Paul Calderone | d0a9876 | 2009-07-25 21:23:01 -0400 | [diff] [blame] | 430 | if (self) { |
| 431 | crypto_PKCS12_clear(self); |
| 432 | PyObject_GC_Del(self); |
| 433 | } |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 434 | return NULL; |
| 435 | } |
| 436 | |
Rick Dean | cbeaca0 | 2009-07-17 12:50:12 -0500 | [diff] [blame] | 437 | static char crypto_PKCS12_doc[] = "\n\ |
| 438 | PKCS12() -> PKCS12 instance\n\ |
| 439 | \n\ |
Rick Dean | e182f48 | 2009-07-17 14:49:48 -0500 | [diff] [blame] | 440 | Create a new empty PKCS12 object.\n\ |
Rick Dean | cbeaca0 | 2009-07-17 12:50:12 -0500 | [diff] [blame] | 441 | \n\ |
| 442 | @returns: The PKCS12 object\n\ |
| 443 | "; |
| 444 | static PyObject * |
Jean-Paul Calderone | b1a3af1 | 2009-07-25 12:21:18 -0400 | [diff] [blame] | 445 | crypto_PKCS12_new(PyTypeObject *subtype, PyObject *args, PyObject *kwargs) { |
Rick Dean | cbeaca0 | 2009-07-17 12:50:12 -0500 | [diff] [blame] | 446 | if (!PyArg_ParseTuple(args, ":PKCS12")) { |
| 447 | return NULL; |
| 448 | } |
| 449 | |
| 450 | return (PyObject *)crypto_PKCS12_New(NULL, NULL); |
| 451 | } |
| 452 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 453 | /* |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 454 | * Call the visitproc on all contained objects. |
| 455 | * |
| 456 | * Arguments: self - The PKCS12 object |
| 457 | * visit - Function to call |
| 458 | * arg - Extra argument to visit |
| 459 | * Returns: 0 if all goes well, otherwise the return code from the first |
| 460 | * call that gave non-zero result. |
| 461 | */ |
| 462 | static int |
| 463 | crypto_PKCS12_traverse(crypto_PKCS12Obj *self, visitproc visit, void *arg) |
| 464 | { |
| 465 | int ret = 0; |
| 466 | |
| 467 | if (ret == 0 && self->cert != NULL) |
| 468 | ret = visit(self->cert, arg); |
| 469 | if (ret == 0 && self->key != NULL) |
| 470 | ret = visit(self->key, arg); |
| 471 | if (ret == 0 && self->cacerts != NULL) |
| 472 | ret = visit(self->cacerts, arg); |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 473 | if (ret == 0 && self->friendlyname != NULL) |
| 474 | ret = visit(self->friendlyname, arg); |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 475 | return ret; |
| 476 | } |
| 477 | |
| 478 | /* |
| 479 | * Decref all contained objects and zero the pointers. |
| 480 | * |
| 481 | * Arguments: self - The PKCS12 object |
| 482 | * Returns: Always 0. |
| 483 | */ |
| 484 | static int |
| 485 | crypto_PKCS12_clear(crypto_PKCS12Obj *self) |
| 486 | { |
| 487 | Py_XDECREF(self->cert); |
| 488 | self->cert = NULL; |
| 489 | Py_XDECREF(self->key); |
| 490 | self->key = NULL; |
| 491 | Py_XDECREF(self->cacerts); |
| 492 | self->cacerts = NULL; |
Rick Dean | 42d69e1 | 2009-07-20 11:36:08 -0500 | [diff] [blame] | 493 | Py_XDECREF(self->friendlyname); |
| 494 | self->friendlyname = NULL; |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 495 | return 0; |
| 496 | } |
| 497 | |
| 498 | /* |
| 499 | * Deallocate the memory used by the PKCS12 object |
| 500 | * |
| 501 | * Arguments: self - The PKCS12 object |
| 502 | * Returns: None |
| 503 | */ |
| 504 | static void |
| 505 | crypto_PKCS12_dealloc(crypto_PKCS12Obj *self) |
| 506 | { |
| 507 | PyObject_GC_UnTrack(self); |
| 508 | crypto_PKCS12_clear(self); |
| 509 | PyObject_GC_Del(self); |
| 510 | } |
| 511 | |
| 512 | PyTypeObject crypto_PKCS12_Type = { |
Jean-Paul Calderone | 3fe7f67 | 2010-08-11 23:55:10 -0400 | [diff] [blame] | 513 | PyOpenSSL_HEAD_INIT(&PyType_Type, 0) |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 514 | "PKCS12", |
| 515 | sizeof(crypto_PKCS12Obj), |
| 516 | 0, |
| 517 | (destructor)crypto_PKCS12_dealloc, |
| 518 | NULL, /* print */ |
Jean-Paul Calderone | 2f6c66f | 2010-08-11 19:53:43 -0400 | [diff] [blame] | 519 | NULL, /* getattr */ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 520 | NULL, /* setattr */ |
| 521 | NULL, /* compare */ |
| 522 | NULL, /* repr */ |
| 523 | NULL, /* as_number */ |
| 524 | NULL, /* as_sequence */ |
| 525 | NULL, /* as_mapping */ |
| 526 | NULL, /* hash */ |
| 527 | NULL, /* call */ |
| 528 | NULL, /* str */ |
| 529 | NULL, /* getattro */ |
| 530 | NULL, /* setattro */ |
| 531 | NULL, /* as_buffer */ |
| 532 | Py_TPFLAGS_DEFAULT | Py_TPFLAGS_HAVE_GC, |
Jean-Paul Calderone | e7901d7 | 2009-07-24 18:21:26 -0400 | [diff] [blame] | 533 | crypto_PKCS12_doc, |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 534 | (traverseproc)crypto_PKCS12_traverse, |
| 535 | (inquiry)crypto_PKCS12_clear, |
Rick Dean | cbeaca0 | 2009-07-17 12:50:12 -0500 | [diff] [blame] | 536 | NULL, /* tp_richcompare */ |
| 537 | 0, /* tp_weaklistoffset */ |
| 538 | NULL, /* tp_iter */ |
| 539 | NULL, /* tp_iternext */ |
| 540 | crypto_PKCS12_methods, /* tp_methods */ |
| 541 | NULL, /* tp_members */ |
| 542 | NULL, /* tp_getset */ |
| 543 | NULL, /* tp_base */ |
| 544 | NULL, /* tp_dict */ |
| 545 | NULL, /* tp_descr_get */ |
| 546 | NULL, /* tp_descr_set */ |
| 547 | 0, /* tp_dictoffset */ |
| 548 | NULL, /* tp_init */ |
| 549 | NULL, /* tp_alloc */ |
| 550 | crypto_PKCS12_new, /* tp_new */ |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 551 | }; |
| 552 | |
| 553 | /* |
| 554 | * Initialize the PKCS12 part of the crypto sub module |
| 555 | * |
Jean-Paul Calderone | dc138fa | 2009-06-27 14:32:07 -0400 | [diff] [blame] | 556 | * Arguments: module - The crypto module |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 557 | * Returns: None |
| 558 | */ |
| 559 | int |
Jean-Paul Calderone | dc138fa | 2009-06-27 14:32:07 -0400 | [diff] [blame] | 560 | init_crypto_pkcs12(PyObject *module) { |
| 561 | if (PyType_Ready(&crypto_PKCS12_Type) < 0) { |
| 562 | return 0; |
| 563 | } |
| 564 | |
Rick Dean | cbeaca0 | 2009-07-17 12:50:12 -0500 | [diff] [blame] | 565 | if (PyModule_AddObject(module, "PKCS12", (PyObject *)&crypto_PKCS12_Type) != 0) { |
| 566 | return 0; |
| 567 | } |
| 568 | |
Jean-Paul Calderone | dc138fa | 2009-06-27 14:32:07 -0400 | [diff] [blame] | 569 | if (PyModule_AddObject(module, "PKCS12Type", (PyObject *)&crypto_PKCS12_Type) != 0) { |
| 570 | return 0; |
| 571 | } |
| 572 | |
Jean-Paul Calderone | 897bc25 | 2008-02-18 20:50:23 -0500 | [diff] [blame] | 573 | return 1; |
| 574 | } |