Skip to content

Commit

Permalink
factor out function to dump crl
Browse files Browse the repository at this point in the history
  • Loading branch information
ddcc committed Oct 18, 2015
1 parent a07fa8c commit 7629516
Show file tree
Hide file tree
Showing 4 changed files with 47 additions and 20 deletions.
5 changes: 5 additions & 0 deletions ChangeLog
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
2015-10-13 Dominic Chen <[email protected]>

* OpenSSL/crypto.py: Implement the ``dump_crl()`` function to dump a
certificate revocation list out to a string buffer.

2015-09-07 Sam Lee <[email protected]>

* OpenSSL/SSL.py, OpenSSL/test/test_ssl.py: Implemented
Expand Down
42 changes: 27 additions & 15 deletions OpenSSL/crypto.py
Original file line number Diff line number Diff line change
Expand Up @@ -1998,23 +1998,9 @@ def export(self, cert, key, type=FILETYPE_PEM, days=100,
if not sign_result:
_raise_current_error()

if type == FILETYPE_PEM:
ret = _lib.PEM_write_bio_X509_CRL(bio, self._crl)
elif type == FILETYPE_ASN1:
ret = _lib.i2d_X509_CRL_bio(bio, self._crl)
elif type == FILETYPE_TEXT:
ret = _lib.X509_CRL_print(bio, self._crl)
else:
raise ValueError(
"type argument must be FILETYPE_PEM, FILETYPE_ASN1, or "
"FILETYPE_TEXT"
)
return dump_crl(type, self)

if not ret:
# TODO: This is untested.
_raise_current_error()

return _bio_to_string(bio)
CRLType = CRL


Expand Down Expand Up @@ -2577,6 +2563,32 @@ def verify(cert, signature, data, digest):
_raise_current_error()


def dump_crl(type, crl):
"""
Dump a certificate revocation list to a buffer
:param type: The file type (one of FILETYPE_PEM, FILETYPE_ASN1, or
FILETYPE_TEXT)
:param crl: The certificate revocation list to dump
:return: The buffer with the dumped certificate revocation list
"""
bio = _new_mem_buf()

if type == FILETYPE_PEM:
ret = _lib.PEM_write_bio_X509_CRL(bio, crl._crl)
elif type == FILETYPE_ASN1:
ret = _lib.i2d_X509_CRL_bio(bio, crl._crl)
elif type == FILETYPE_TEXT:
ret = _lib.X509_CRL_print(bio, crl._crl)
else:
raise ValueError(
"type argument must be FILETYPE_PEM, FILETYPE_ASN1, or "
"FILETYPE_TEXT")

assert ret == 1
return _bio_to_string(bio)


def load_crl(type, buffer):
"""
Load a certificate revocation list from a buffer
Expand Down
10 changes: 9 additions & 1 deletion OpenSSL/test/test_crypto.py
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
from OpenSSL.crypto import dump_certificate_request, dump_privatekey
from OpenSSL.crypto import PKCS7Type, load_pkcs7_data
from OpenSSL.crypto import PKCS12, PKCS12Type, load_pkcs12
from OpenSSL.crypto import CRL, Revoked, load_crl
from OpenSSL.crypto import CRL, Revoked, dump_crl, load_crl
from OpenSSL.crypto import NetscapeSPKI, NetscapeSPKIType
from OpenSSL.crypto import (
sign, verify, get_elliptic_curve, get_elliptic_curves)
Expand Down Expand Up @@ -3205,6 +3205,14 @@ def test_load_crl_bad_data(self):
"""
self.assertRaises(Error, load_crl, FILETYPE_PEM, b"hello, world")

def test_dump_crl(self):
"""
Dump a known CRL and ensure it is output correctly.
"""
crl = load_crl(FILETYPE_PEM, crlData)
buf = dump_crl(FILETYPE_PEM, crl)
assert buf == crlData


class X509StoreContextTests(TestCase):
"""
Expand Down
10 changes: 6 additions & 4 deletions doc/api/crypto.rst
Original file line number Diff line number Diff line change
Expand Up @@ -43,10 +43,7 @@ determine the format:
Certificates
~~~~~~~~~~~~

.. py:function:: dump_certificate(type, cert)
Dump the certificate *cert* into a buffer string encoded with the type
*type*.
.. autofunction:: dump_certificate

.. py:function:: load_certificate(type, buffer)
Expand Down Expand Up @@ -90,6 +87,11 @@ Private keys
Certificate revocation lists
~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.. py:function:: dump_crl(type, crl)
Dump the Certificate Revocation List (CRL) *crl* into a buffer string
encoded with the type *type*.

.. py:function:: load_crl(type, buffer)
Load Certificate Revocation List (CRL) data from a string *buffer*.
Expand Down

0 comments on commit 7629516

Please sign in to comment.