You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@labs.apache.org by dr...@apache.org on 2007/12/05 16:15:32 UTC
svn commit: r601354 - in /labs/badca: ./ BaDCA/CSRs.py openssl/csrmodule.c
tests/CSRTestCase.py
Author: dreid
Date: Wed Dec 5 07:15:31 2007
New Revision: 601354
URL: http://svn.apache.org/viewvc?rev=601354&view=rev
Log:
Start dealing with key issues for CSR's
Add tests for dealing with CSR keys
Modified:
labs/badca/ (props changed)
labs/badca/BaDCA/CSRs.py
labs/badca/openssl/csrmodule.c
labs/badca/tests/CSRTestCase.py
Propchange: labs/badca/
------------------------------------------------------------------------------
--- svn:ignore (original)
+++ svn:ignore Wed Dec 5 07:15:31 2007
@@ -1,4 +1,4 @@
Makefile
configure
config.*
-
+*.cache
Modified: labs/badca/BaDCA/CSRs.py
URL: http://svn.apache.org/viewvc/labs/badca/BaDCA/CSRs.py?rev=601354&r1=601353&r2=601354&view=diff
==============================================================================
--- labs/badca/BaDCA/CSRs.py (original)
+++ labs/badca/BaDCA/CSRs.py Wed Dec 5 07:15:31 2007
@@ -15,15 +15,14 @@
info = None
csr = None
sha1 = None
- pKey = None
+ rKey = None
def __init__(self, filename = None):
- self.rKey = Keys.RSAKey()
if filename is not None:
csr = csr.fromFile(filename)
- def getPrivateKey(self):
- return self.pKey
+ def getKey(self):
+ return self.rKey
def setPrivateKey(self, thekey):
self.pKey = thekey
@@ -35,9 +34,17 @@
self.Reset()
self.csr = csr.fromFile(filename)
if self.csr:
- self.info = csr.parse(self.csr)
- print str(self.info)
- return 1
+ return self.processCSR()
+ return 0
+
+ def readFromMemory(self, txt):
+ if txt is None or txt == '':
+ return 0
+ if self.csr is not None:
+ self.Reset()
+ self.csr = csr.fromMemory(txt)
+ if self.csr:
+ return self.processCSR()
return 0
def getSubject(self, which):
@@ -114,8 +121,23 @@
else:
print "No subject information found????"
+
+
def Reset(self):
info = None
csr = None
sha1 = None
+
+ def processCSR(self):
+ if self.csr is None:
+ return 0
+ # a CSR should contain a public key object
+ key = csr.getKey(self.csr)
+ if key is None:
+ return 0
+ self.rKey = Keys.RSAKey(public = key)
+ if self.rKey is None:
+ print "no key object..."
+ return 0
+ return 1
Modified: labs/badca/openssl/csrmodule.c
URL: http://svn.apache.org/viewvc/labs/badca/openssl/csrmodule.c?rev=601354&r1=601353&r2=601354&view=diff
==============================================================================
--- labs/badca/openssl/csrmodule.c (original)
+++ labs/badca/openssl/csrmodule.c Wed Dec 5 07:15:31 2007
@@ -11,6 +11,15 @@
X509_REQ_free((X509_REQ *)ptr);
}
+/* This fucntion is called when an RSA pointer is finally freed by
+ * Python. This is done via setting this as the 2nd argument in
+ * PyCObject_FromVoidPtr().
+ */
+static void delrsa(void *ptr)
+{
+ RSA_free((RSA *)ptr);
+}
+
static X509_NAME *makeSubjectFromDict(PyObject *dict, unsigned long chtype)
{
X509_NAME *subj = X509_NAME_new();
@@ -68,8 +77,10 @@
BIO_free_all(in);
- if (!req)
+ if (!req) {
+ PyErr_SetString(PyExc_IOError, "Unable to get REQ object from file");
return NULL;
+ }
return PyCObject_FromVoidPtr(req, delcsr);
}
@@ -84,7 +95,16 @@
if (! PyArg_ParseTuple(args, "s#", &ptr, &len))
return NULL;
+ if (len == 0) {
+ PyErr_SetString(PyExc_IOError, "Zero length string passed");
+ return NULL;
+ }
+
in = BIO_new_mem_buf(ptr, len);
+ if (!in) {
+ PyErr_SetString(PyExc_MemoryError, "Unable to create a BIO object");
+ return NULL;
+ }
/* We expect the CSR to be in PEM format, so try that first... */
req=PEM_read_bio_X509_REQ(in, NULL, NULL, NULL);
/* If that fails, see if it was in ASN1 format */
@@ -93,12 +113,43 @@
BIO_free_all(in);
- if (!req)
+ if (!req) {
+ PyErr_SetString(PyExc_IOError, "Unable to get REQ object from memory");
return NULL;
+ }
return PyCObject_FromVoidPtr(req, delcsr);
}
static PyObject *
+getPublicKey(PyObject *self, PyObject *args)
+{
+ void *tmp = NULL;
+ X509_REQ *req = NULL;
+ EVP_PKEY *pkey = NULL;
+ RSA *rsa = NULL;
+
+ if (! PyArg_ParseTuple(args, "O", &tmp))
+ return NULL;
+
+ req = (X509_REQ *)PyCObject_AsVoidPtr(tmp);
+ if (!req) {
+ PyErr_SetString(PyExc_TypeError, "Invalid X509_REQ object passed");
+ return NULL;
+ }
+
+ pkey = X509_REQ_get_pubkey(req);
+ if (pkey) {
+ if (pkey->type == EVP_PKEY_RSA)
+ rsa = RSAPublicKey_dup(pkey->pkey.rsa);
+ EVP_PKEY_free(pkey);
+ }
+ if (rsa)
+ return PyCObject_FromVoidPtr(rsa, delrsa);
+ PyErr_SetString(PyExc_ValueError, "Invalid CSR object");
+ return NULL;
+}
+
+static PyObject *
parseRequest(PyObject *self, PyObject *args)
{
void *tmp = NULL;
@@ -122,7 +173,7 @@
/* CSR version number */
{
- const char *neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":"";
+// const char *neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":"";
long l=0;
int i;
for(i=0; i<ri->version->length; i++) {
@@ -289,6 +340,7 @@
static PyMethodDef CSRMethods[] = {
{ "fromFile", readCSRFromFile, METH_VARARGS, "Read a CSR from a file" },
{ "fromMemory", readCSRFromMemory, METH_VARARGS, "Read a CSR from a block of memory" },
+ { "getKey", getPublicKey, METH_VARARGS, "Get the X509_RSA public key object from the CSR" },
{ "parse", parseRequest, METH_VARARGS, "Parse a request into a python dict" },
{ "create", createRequest, METH_VARARGS, "Create a request from information supplied" },
{ "asString", getRequestAsString, METH_VARARGS, "Get request as string" },
Modified: labs/badca/tests/CSRTestCase.py
URL: http://svn.apache.org/viewvc/labs/badca/tests/CSRTestCase.py?rev=601354&r1=601353&r2=601354&view=diff
==============================================================================
--- labs/badca/tests/CSRTestCase.py (original)
+++ labs/badca/tests/CSRTestCase.py Wed Dec 5 07:15:31 2007
@@ -12,10 +12,28 @@
else:
self.Reset()
- def testRead(self):
+ def test01Read(self):
+ """ Test reading of a CSR from a file """
assert self.obj.readFromFile('tests/csr/test1.csr') == 1, \
"Failed to read the CSR"
+ def test02Read2(self):
+ """ Test reading of a CSR from a string """
+ f = open('tests/csr/test1.csr', 'r')
+ txt = f.read()
+ f.close()
+ assert self.obj.readFromMemory(txt) == 1, \
+ "Failed to parse the CSR in memory"
+
+ def test03Key(self):
+ """ Test key extraction from a CSR """
+ assert self.obj.readFromFile('tests/csr/test1.csr') == 1, \
+ "Failed to read the CSR"
+ key = self.obj.getKey()
+ assert key is not None, "Unable to get Key object from CSR"
+ assert key.hasPublic(), "No public key found"
+ assert key.hasPrivate() == 0, "Private key found when none should exist"
+ assert key.bits == 2048, "Incorrect strength key returned"
if __name__ == "__main__":
unittest.main()
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@labs.apache.org
For additional commands, e-mail: commits-help@labs.apache.org