You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@labs.apache.org by dr...@apache.org on 2007/12/06 20:13:36 UTC
svn commit: r601821 - in /labs/badca: BaDCA/Certificates.py
openssl/certmodule.c tests/03CertTestCase.py tests/runTests.py
Author: dreid
Date: Thu Dec 6 11:13:35 2007
New Revision: 601821
URL: http://svn.apache.org/viewvc?rev=601821&view=rev
Log:
Add some more detail to the certificate code
Add some additional tests
This starts to move us along with certificates :-)
Bed calls now though!
Modified:
labs/badca/BaDCA/Certificates.py
labs/badca/openssl/certmodule.c
labs/badca/tests/03CertTestCase.py
labs/badca/tests/runTests.py
Modified: labs/badca/BaDCA/Certificates.py
URL: http://svn.apache.org/viewvc/labs/badca/BaDCA/Certificates.py?rev=601821&r1=601820&r2=601821&view=diff
==============================================================================
--- labs/badca/BaDCA/Certificates.py (original)
+++ labs/badca/BaDCA/Certificates.py Thu Dec 6 11:13:35 2007
@@ -20,11 +20,25 @@
return 0
self.cert = cert.read(filename);
if self.cert:
+ self.processCertificate()
return 1
return 0
- def getPublicKey(self):
+ def getKey(self):
if self.cert is None:
return None
- k = cert.getPublicKey(self.cert)
+ return cert.getPublicKey(self.cert)
+ def getInformation(self, section, part = None):
+ if self.cert is None or len(self.info) == 0:
+ return None
+ if part is None:
+ return self.info[section]
+ try:
+ return self.info[section][part]
+ except:
+ return None
+
+ def processCertificate(self):
+ self.info = cert.parse(self.cert)
+ # todo - get public key!
Modified: labs/badca/openssl/certmodule.c
URL: http://svn.apache.org/viewvc/labs/badca/openssl/certmodule.c?rev=601821&r1=601820&r2=601821&view=diff
==============================================================================
--- labs/badca/openssl/certmodule.c (original)
+++ labs/badca/openssl/certmodule.c Thu Dec 6 11:13:35 2007
@@ -52,6 +52,7 @@
getPublicKey(PyObject *self, PyObject *args)
{
X509 *cert = NULL;
+ RSA *rsa = NULL;
EVP_PKEY *pkey = NULL;
PyObject *pCert = NULL;
@@ -62,24 +63,124 @@
return NULL;
pkey = X509_get_pubkey(cert);
- if (!pkey)
+ if (!pkey) {
+ PyErr_SetString(PyExc_ValueError, "Invalid certificate object supplied");
return NULL;
+ }
- if (pkey->type != EVP_PKEY_RSA)
+ if (pkey->type == EVP_PKEY_RSA)
+ rsa = RSAPublicKey_dup(pkey->pkey.rsa);
+
+ EVP_PKEY_free(pkey);
+ if (rsa)
+ return PyCObject_FromVoidPtr(rsa, delrsa);
+
+ PyErr_SetString(PyExc_ValueError, "Invalid certificate object supplied");
+ return NULL;
+}
+
+static PyObject *
+parseCertificate(PyObject *self, PyObject *args)
+{
+ void *tmp = NULL;
+ PyObject *dict = NULL;
+ X509 *cert = NULL;
+ X509_REQ_INFO *ri = NULL;
+ X509_NAME *subject = NULL, *issuer = NULL;
+
+ if (! PyArg_ParseTuple(args, "O", &tmp))
+ return NULL;
+
+ cert = (X509 *)PyCObject_AsVoidPtr(tmp);
+ if (!cert) {
+ PyErr_SetString(PyExc_ValueError, "Invalid certificate object supplied");
+ return NULL;
+ }
+ subject = X509_get_subject_name(cert);
+ issuer = X509_get_issuer_name(cert);
+ if (! subject || ! issuer) {
+ PyErr_SetString(PyExc_ValueError, "Unable to get issuer or subject details");
goto err;
-printf("got public key!!!\n");
+ }
+
+ dict = PyDict_New();
+
+ /* What follows isn't ideal, so if you have ideas how to improve it... */
+
+ /* certificate version number */
+ {
+ int ver = X509_get_version(cert);
+ if (ver > 0)
+ PyDict_SetItem(dict, Py_BuildValue("s", "Version"),
+ Py_BuildValue("i", (ver + 1)));
+
+ }
+ /* Public Key information */
+ {
+ EVP_PKEY *pkey = X509_get_pubkey(cert);
+ PyObject *pkdict = PyDict_New();
+
+ /* Public Key Algorithm */
+/* {
+ BIO *bp = BIO_new(BIO_s_mem());
+ if (bp && i2a_ASN1_OBJECT(bp, ri->pubkey->algor->algorithm) > 0) {
+ char *strPtr = NULL;
+ long sz = BIO_get_mem_data(bp, &strPtr);
+ (void)BIO_set_close(bp, BIO_NOCLOSE);
+ BIO_free(bp);
+ PyDict_SetItem(pkdict, Py_BuildValue("s", "algorithm"),
+ PyString_FromStringAndSize(strPtr, sz));
+ }
+ }
+*/
+ /* Public key Strength */
+ if (pkey->type == EVP_PKEY_RSA)
+ PyDict_SetItem(pkdict, Py_BuildValue("s", "strength"),
+ Py_BuildValue("l", BN_num_bits(pkey->pkey.rsa->n)));
+
+ PyDict_SetItem(dict, Py_BuildValue("s", "public_key"), pkdict);
+ }
+ /* CSR Subject */
+/*
+ {
+
+ PyObject *sdict = PyDict_New();
+ int i;
+ struct sParts {
+ int nid;
+ const char *dict;
+ } parts[] = {
+ { NID_commonName, "CN" },
+ { NID_countryName, "C" },
+ { NID_organizationName, "O" },
+ { NID_organizationalUnitName, "OU" },
+ { NID_localityName, "L" },
+ { NID_stateOrProvinceName, "ST" },
+ { NID_pkcs9_emailAddress, "Email" },
+ { 0, NULL }
+ };
+
+ for (i = 0; parts[i].nid != 0; i++) {
+ char buf[512];
+ int rv = X509_NAME_get_text_by_NID(ri->subject, parts[i].nid, buf, 512);
+ if (rv > 0)
+ PyDict_SetItem(sdict, Py_BuildValue("s", parts[i].dict),
+ PyString_FromStringAndSize(buf, rv));
+ }
+ PyDict_SetItem(dict, Py_BuildValue("s", "subject"), sdict);
+ }
+*/
- return PyCObject_FromVoidPtr(pkey->pkey.rsa, delrsa);
-
+ return dict;
err:
- if (pkey)
- EVP_PKEY_free(pkey);
+ X509_free(cert);
return NULL;
}
static PyMethodDef CertMethods[] = {
{ "read", readCert, METH_VARARGS, "Read a certificate from a file" },
{ "getPublicKey", getPublicKey, METH_VARARGS, "Get Public Key object" },
+ { "parse", parseCertificate, METH_VARARGS, "Parse a certificate" },
{ NULL, NULL, 0, NULL },
};
Modified: labs/badca/tests/03CertTestCase.py
URL: http://svn.apache.org/viewvc/labs/badca/tests/03CertTestCase.py?rev=601821&r1=601820&r2=601821&view=diff
==============================================================================
--- labs/badca/tests/03CertTestCase.py (original)
+++ labs/badca/tests/03CertTestCase.py Thu Dec 6 11:13:35 2007
@@ -13,10 +13,26 @@
else:
self.Reset()
- def test01Read(self):
- """ Test reading of a CSR from a file """
+ def test01(self):
+ """ Test reading of a certificate from a file """
assert self.obj.readFromFile('tests/certs/test1.pem') == 1, \
"Failed to read the Certificate"
+
+ def test02(self):
+ """ Can we get a public key from a certificate? """
+ assert self.obj.readFromFile('tests/certs/test1.pem') == 1, \
+ "Failed to read the Certificate"
+ key = self.obj.getKey()
+ assert key is not None, "Failed to get public key from certificate"
+
+ def test03(self):
+ """ Can we get information from a certificate? """
+ assert self.obj.readFromFile('tests/certs/test1.pem') == 1, \
+ "Failed to read the Certificate"
+ assert self.obj.getInformation("Version") == 3, \
+ "Failed to get correct version from certificate information"
+ assert self.obj.getInformation("public_key", "strength") == 2048, \
+ "Failed to get correct key strength from certificate information"
if __name__ == "__main__":
unittest.main()
Modified: labs/badca/tests/runTests.py
URL: http://svn.apache.org/viewvc/labs/badca/tests/runTests.py?rev=601821&r1=601820&r2=601821&view=diff
==============================================================================
--- labs/badca/tests/runTests.py (original)
+++ labs/badca/tests/runTests.py Thu Dec 6 11:13:35 2007
@@ -23,7 +23,11 @@
files = os.listdir(self.directory)
for f in files:
if self.fileMatcher.match(f):
- print "\nRunning tests in " + f + "\n"
+ m = re.compile("^\d{2}([A-Za-z]*)TestCase\.py").match(f)
+ if m is not None:
+ print "\nRunning tests for " + m.group(1) + "\n"
+ else:
+ print "\nRunning tests in " + f + "\n"
tests = self.getSuitesFromFilename(f)
if tests is not None:
self.runTests(tests)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@labs.apache.org
For additional commands, e-mail: commits-help@labs.apache.org