4 * Copyright (C) Tollef Fog Heen
5 * See LICENSE for details.
7 * Netscape SPKI handling, thin wrapper
14 * Constructor for Nestcape_SPKI, never called by Python code directly
16 * Arguments: name - A "real" NetscapeSPKI object
17 * dealloc - Boolean value to specify whether the destructor should
18 * free the "real" NetscapeSPKI object
19 * Returns: The newly created NetscapeSPKI object
21 crypto_NetscapeSPKIObj *
22 crypto_NetscapeSPKI_New(NETSCAPE_SPKI *name, int dealloc)
24 crypto_NetscapeSPKIObj *self;
26 self = PyObject_New(crypto_NetscapeSPKIObj, &crypto_NetscapeSPKI_Type);
31 self->netscape_spki = name;
32 self->dealloc = dealloc;
38 static char crypto_NetscapeSPKI_doc[] = "\n\
39 NetscapeSPKI([enc]) -> NetscapeSPKI instance\n\
41 @param enc: Base64 encoded NetscapeSPKI object.\n\
43 @return: The NetscapeSPKI object\n\
47 crypto_NetscapeSPKI_new(PyTypeObject *subtype, PyObject *args, PyObject *kwargs) {
52 if (!PyArg_ParseTuple(args, "|s#:NetscapeSPKI", &enc, &enc_len))
56 spki = NETSCAPE_SPKI_b64_decode(enc, enc_len);
58 spki = NETSCAPE_SPKI_new();
61 exception_from_error_queue(crypto_Error);
64 return (PyObject *)crypto_NetscapeSPKI_New(spki, 1);
69 * Deallocate the memory used by the NetscapeSPKI object
71 * Arguments: self - The NetscapeSPKI object
75 crypto_NetscapeSPKI_dealloc(crypto_NetscapeSPKIObj *self)
77 /* Sometimes we don't have to dealloc this */
79 NETSCAPE_SPKI_free(self->netscape_spki);
84 static char crypto_NetscapeSPKI_sign_doc[] = "\n\
85 Sign the certificate request using the supplied key and digest\n\
87 @param pkey: The key to sign with\n\
88 @param digest: The message digest to use\n\
93 crypto_NetscapeSPKI_sign(crypto_NetscapeSPKIObj *self, PyObject *args)
99 if (!PyArg_ParseTuple(args, "O!s:sign", &crypto_PKey_Type, &pkey,
103 if (pkey->only_public) {
104 PyErr_SetString(PyExc_ValueError, "Key has only public part");
108 if (!pkey->initialized) {
109 PyErr_SetString(PyExc_ValueError, "Key is uninitialized");
113 if ((digest = EVP_get_digestbyname(digest_name)) == NULL)
115 PyErr_SetString(PyExc_ValueError, "No such digest method");
119 if (!NETSCAPE_SPKI_sign(self->netscape_spki, pkey->pkey, digest))
121 exception_from_error_queue(crypto_Error);
129 static char crypto_NetscapeSPKI_verify_doc[] = "\n\
130 Verifies a certificate request using the supplied public key\n\
132 @param key: a public key\n\
133 @return: True if the signature is correct.\n\
134 @raise OpenSSL.crypto.Error: If the signature is invalid or there is a\n\
135 problem verifying the signature.\n\
139 crypto_NetscapeSPKI_verify(crypto_NetscapeSPKIObj *self, PyObject *args)
141 crypto_PKeyObj *pkey;
144 if (!PyArg_ParseTuple(args, "O!:verify", &crypto_PKey_Type, &pkey)) {
148 if ((answer = NETSCAPE_SPKI_verify(self->netscape_spki, pkey->pkey)) <= 0) {
149 exception_from_error_queue(crypto_Error);
153 return PyLong_FromLong((long)answer);
156 static char crypto_NetscapeSPKI_b64_encode_doc[] = "\n\
157 Generate a base64 encoded string from an SPKI\n\
159 @return: The base64 encoded string\n\
163 crypto_NetscapeSPKI_b64_encode(crypto_NetscapeSPKIObj *self, PyObject *args)
167 if (!PyArg_ParseTuple(args, ":b64_encode"))
170 str = NETSCAPE_SPKI_b64_encode(self->netscape_spki);
171 return PyBytes_FromString(str);
175 static char crypto_NetscapeSPKI_get_pubkey_doc[] = "\n\
176 Get the public key of the certificate\n\
178 @return: The public key\n\
182 crypto_NetscapeSPKI_get_pubkey(crypto_NetscapeSPKIObj *self, PyObject *args)
184 crypto_PKeyObj *crypto_PKey_New(EVP_PKEY *, int);
186 crypto_PKeyObj *py_pkey;
188 if (!PyArg_ParseTuple(args, ":get_pubkey"))
191 if ((pkey = NETSCAPE_SPKI_get_pubkey(self->netscape_spki)) == NULL)
193 exception_from_error_queue(crypto_Error);
197 py_pkey = crypto_PKey_New(pkey, 1);
198 if (py_pkey != NULL) {
199 py_pkey->only_public = 1;
201 return (PyObject *)py_pkey;
204 static char crypto_NetscapeSPKI_set_pubkey_doc[] = "\n\
205 Set the public key of the certificate\n\
207 @param pkey: The public key\n\
212 crypto_NetscapeSPKI_set_pubkey(crypto_NetscapeSPKIObj *self, PyObject *args)
214 crypto_PKeyObj *pkey;
216 if (!PyArg_ParseTuple(args, "O!:set_pubkey", &crypto_PKey_Type, &pkey))
219 if (!NETSCAPE_SPKI_set_pubkey(self->netscape_spki, pkey->pkey))
221 exception_from_error_queue(crypto_Error);
230 * ADD_METHOD(name) expands to a correct PyMethodDef declaration
231 * { 'name', (PyCFunction)crypto_NetscapeSPKI_name, METH_VARARGS }
234 #define ADD_METHOD(name) \
235 { #name, (PyCFunction)crypto_NetscapeSPKI_##name, METH_VARARGS, crypto_NetscapeSPKI_##name##_doc }
236 static PyMethodDef crypto_NetscapeSPKI_methods[] =
238 ADD_METHOD(get_pubkey),
239 ADD_METHOD(set_pubkey),
240 ADD_METHOD(b64_encode),
247 PyTypeObject crypto_NetscapeSPKI_Type = {
248 PyOpenSSL_HEAD_INIT(&PyType_Type, 0)
250 sizeof(crypto_NetscapeSPKIObj),
252 (destructor)crypto_NetscapeSPKI_dealloc,
258 NULL, /* as_number */
259 NULL, /* as_sequence */
260 NULL, /* as_mapping */
266 NULL, /* as_buffer */
268 crypto_NetscapeSPKI_doc, /* doc */
271 NULL, /* tp_richcompare */
272 0, /* tp_weaklistoffset */
274 NULL, /* tp_iternext */
275 crypto_NetscapeSPKI_methods, /* tp_methods */
276 NULL, /* tp_members */
277 NULL, /* tp_getset */
280 NULL, /* tp_descr_get */
281 NULL, /* tp_descr_set */
282 0, /* tp_dictoffset */
285 crypto_NetscapeSPKI_new, /* tp_new */
290 * Initialize the X509Name part of the crypto module
292 * Arguments: module - The crypto module
296 init_crypto_netscape_spki(PyObject *module) {
297 if (PyType_Ready(&crypto_NetscapeSPKI_Type) < 0) {
301 if (PyModule_AddObject(module, "NetscapeSPKI", (PyObject *)&crypto_NetscapeSPKI_Type) != 0) {
305 if (PyModule_AddObject(module, "NetscapeSPKIType", (PyObject *)&crypto_NetscapeSPKI_Type) != 0) {