From aedbfa156596527ce4ab19168cffafe23c5187ea Mon Sep 17 00:00:00 2001 From: Dominic Chen Date: Tue, 13 Oct 2015 16:32:35 +0000 Subject: [PATCH] factor out function to dump crl --- OpenSSL/crypto.py | 42 ++++++++++++++++++++++--------------- OpenSSL/test/test_crypto.py | 10 ++++++++- 2 files changed, 34 insertions(+), 18 deletions(-) diff --git a/OpenSSL/crypto.py b/OpenSSL/crypto.py index 132d98d7b..13a55cb5b 100644 --- a/OpenSSL/crypto.py +++ b/OpenSSL/crypto.py @@ -1998,23 +1998,7 @@ def export(self, cert, key, type=FILETYPE_PEM, days=100, if not sign_result: _raise_current_error() - if type == FILETYPE_PEM: - ret = _lib.PEM_write_bio_X509_CRL(bio, self._crl) - elif type == FILETYPE_ASN1: - ret = _lib.i2d_X509_CRL_bio(bio, self._crl) - elif type == FILETYPE_TEXT: - ret = _lib.X509_CRL_print(bio, self._crl) - else: - raise ValueError( - "type argument must be FILETYPE_PEM, FILETYPE_ASN1, or " - "FILETYPE_TEXT" - ) - - if not ret: - # TODO: This is untested. - _raise_current_error() - - return _bio_to_string(bio) + return dump_crl(type, self) CRLType = CRL @@ -2576,6 +2560,30 @@ def verify(cert, signature, data, digest): if verify_result != 1: _raise_current_error() +def dump_crl(type, crl): + """ + Dump a certificate revocation list to a buffer + + :param type: The file type (one of FILETYPE_PEM, FILETYPE_ASN1, or + FILETYPE_TEXT) + :param crl: The certificate revocation list to dump + :return: The buffer with the dumped certificate revocation list + """ + bio = _new_mem_buf() + + if type == FILETYPE_PEM: + ret = _lib.PEM_write_bio_X509_CRL(bio, crl._crl) + elif type == FILETYPE_ASN1: + ret = _lib.i2d_X509_CRL_bio(bio, crl._crl) + elif type == FILETYPE_TEXT: + ret = _lib.X509_CRL_print(bio, crl._crl) + else: + raise ValueError( + "type argument must be FILETYPE_PEM, FILETYPE_ASN1, or " + "FILETYPE_TEXT") + + assert ret == 1 + return _bio_to_string(bio) def load_crl(type, buffer): """ diff --git a/OpenSSL/test/test_crypto.py b/OpenSSL/test/test_crypto.py index 0c906b656..c2763fafb 100644 --- a/OpenSSL/test/test_crypto.py +++ b/OpenSSL/test/test_crypto.py @@ -31,7 +31,7 @@ from OpenSSL.crypto import dump_certificate_request, dump_privatekey from OpenSSL.crypto import PKCS7Type, load_pkcs7_data from OpenSSL.crypto import PKCS12, PKCS12Type, load_pkcs12 -from OpenSSL.crypto import CRL, Revoked, load_crl +from OpenSSL.crypto import CRL, Revoked, dump_crl, load_crl from OpenSSL.crypto import NetscapeSPKI, NetscapeSPKIType from OpenSSL.crypto import ( sign, verify, get_elliptic_curve, get_elliptic_curves) @@ -3205,6 +3205,14 @@ def test_load_crl_bad_data(self): """ self.assertRaises(Error, load_crl, FILETYPE_PEM, b"hello, world") + def test_dump_crl(self): + """ + Dump a known CRL and ensure it is output correctly. + """ + crl = load_crl(FILETYPE_PEM, crlData) + buf = dump_crl(FILETYPE_PEM, crl) + self.assertEqual(crlData, buf) + class X509StoreContextTests(TestCase): """