Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

factor out function to dump crl #368

Closed
wants to merge 2 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion ChangeLog
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
2015-10-13 Dominic Chen <d.c.ddcc@gmail.com>

* OpenSSL/crypto.py: Implement the ``dump_crl()`` function to dump a
certificate revocation list out to a string buffer.

2015-09-07 Sam Lee <sam.rr.lee@gmail.com>

* OpenSSL/SSL.py, OpenSSL/test/test_ssl.py: Implemented
Expand Down Expand Up @@ -45,7 +50,7 @@
Connection.shutdown() is called when the underlying transport has
gone away.

2011-09-02 Hynek Schlawack <hs@ox.cx>
2015-04-14 Hynek Schlawack <hs@ox.cx>

* Release 0.15

Expand Down
2 changes: 2 additions & 0 deletions doc/api/crypto.rst
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,8 @@ Private keys
Certificate revocation lists
~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.. autofunction:: dump_crl

.. py:function:: load_crl(type, buffer)

Load Certificate Revocation List (CRL) data from a string *buffer*.
Expand Down
43 changes: 28 additions & 15 deletions src/OpenSSL/crypto.py
Original file line number Diff line number Diff line change
Expand Up @@ -1998,23 +1998,9 @@ def export(self, cert, key, type=FILETYPE_PEM, days=100,
if not sign_result:
_raise_current_error()

if type == FILETYPE_PEM:
ret = _lib.PEM_write_bio_X509_CRL(bio, self._crl)
elif type == FILETYPE_ASN1:
ret = _lib.i2d_X509_CRL_bio(bio, self._crl)
elif type == FILETYPE_TEXT:
ret = _lib.X509_CRL_print(bio, self._crl)
else:
raise ValueError(
"type argument must be FILETYPE_PEM, FILETYPE_ASN1, or "
"FILETYPE_TEXT"
)
return dump_crl(type, self)

if not ret:
# TODO: This is untested.
_raise_current_error()

return _bio_to_string(bio)
CRLType = CRL


Expand Down Expand Up @@ -2577,6 +2563,33 @@ def verify(cert, signature, data, digest):
_raise_current_error()


def dump_crl(type, crl):
"""
Dump a certificate revocation list to a buffer.

:param type: The file type (one of ``FILETYPE_PEM``, ``FILETYPE_ASN1``, or
``FILETYPE_TEXT``).
:param cert: The CRL to dump.
:return: The buffer with the CRL.
:rtype: :py:data:`bytes`
"""
bio = _new_mem_buf()

if type == FILETYPE_PEM:
ret = _lib.PEM_write_bio_X509_CRL(bio, crl._crl)
elif type == FILETYPE_ASN1:
ret = _lib.i2d_X509_CRL_bio(bio, crl._crl)
elif type == FILETYPE_TEXT:
ret = _lib.X509_CRL_print(bio, crl._crl)
else:
raise ValueError(
"type argument must be FILETYPE_PEM, FILETYPE_ASN1, or "
"FILETYPE_TEXT")

assert ret == 1
return _bio_to_string(bio)


def load_crl(type, buffer):
"""
Load a certificate revocation list from a buffer
Expand Down
10 changes: 9 additions & 1 deletion tests/test_crypto.py
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
from OpenSSL.crypto import dump_certificate_request, dump_privatekey
from OpenSSL.crypto import PKCS7Type, load_pkcs7_data
from OpenSSL.crypto import PKCS12, PKCS12Type, load_pkcs12
from OpenSSL.crypto import CRL, Revoked, load_crl
from OpenSSL.crypto import CRL, Revoked, dump_crl, load_crl
from OpenSSL.crypto import NetscapeSPKI, NetscapeSPKIType
from OpenSSL.crypto import (
sign, verify, get_elliptic_curve, get_elliptic_curves)
Expand Down Expand Up @@ -3206,6 +3206,14 @@ def test_load_crl_bad_data(self):
"""
self.assertRaises(Error, load_crl, FILETYPE_PEM, b"hello, world")

def test_dump_crl(self):
"""
The dumped CRL matches the original input.
"""
crl = load_crl(FILETYPE_PEM, crlData)
buf = dump_crl(FILETYPE_PEM, crl)
assert buf == crlData


class X509StoreContextTests(TestCase):
"""
Expand Down