Skip to content

Commit

Permalink
factor out function to dump crl
Browse files Browse the repository at this point in the history
  • Loading branch information
ddcc committed Oct 18, 2015
1 parent a07fa8c commit 0974db9
Show file tree
Hide file tree
Showing 4 changed files with 49 additions and 21 deletions.
5 changes: 5 additions & 0 deletions ChangeLog
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@
2015-10-13 Dominic Chen <[email protected]>

* OpenSSL/crypto.py: Implement the ``dump_crl()`` function to dump a
certificate revocation list out to a string buffer.

2015-09-07 Sam Lee <[email protected]>

* OpenSSL/SSL.py, OpenSSL/test/test_ssl.py: Implemented
Expand Down
53 changes: 33 additions & 20 deletions OpenSSL/crypto.py
Original file line number Diff line number Diff line change
Expand Up @@ -1595,12 +1595,13 @@ def load_certificate(type, buffer):

def dump_certificate(type, cert):
"""
Dump a certificate to a buffer
Dump a certificate to a buffer.
:param type: The file type (one of FILETYPE_PEM, FILETYPE_ASN1, or
FILETYPE_TEXT)
:param cert: The certificate to dump
:return: The buffer with the dumped certificate in
:param type: The file type (one of ``FILETYPE_PEM``, ``FILETYPE_ASN1``, or
``FILETYPE_TEXT``).
:param cert: The certificate to dump.
:return: The buffer with the certificate.
:rtype: :py:data:`bytes`
"""
bio = _new_mem_buf()

Expand Down Expand Up @@ -1998,23 +1999,9 @@ def export(self, cert, key, type=FILETYPE_PEM, days=100,
if not sign_result:
_raise_current_error()

if type == FILETYPE_PEM:
ret = _lib.PEM_write_bio_X509_CRL(bio, self._crl)
elif type == FILETYPE_ASN1:
ret = _lib.i2d_X509_CRL_bio(bio, self._crl)
elif type == FILETYPE_TEXT:
ret = _lib.X509_CRL_print(bio, self._crl)
else:
raise ValueError(
"type argument must be FILETYPE_PEM, FILETYPE_ASN1, or "
"FILETYPE_TEXT"
)
return dump_crl(type, self)

if not ret:
# TODO: This is untested.
_raise_current_error()

return _bio_to_string(bio)
CRLType = CRL


Expand Down Expand Up @@ -2577,6 +2564,32 @@ def verify(cert, signature, data, digest):
_raise_current_error()


def dump_crl(type, crl):
"""
Dump a certificate revocation list to a buffer
:param type: The file type (one of FILETYPE_PEM, FILETYPE_ASN1, or
FILETYPE_TEXT)
:param crl: The certificate revocation list to dump
:return: The buffer with the dumped certificate revocation list
"""
bio = _new_mem_buf()

if type == FILETYPE_PEM:
ret = _lib.PEM_write_bio_X509_CRL(bio, crl._crl)
elif type == FILETYPE_ASN1:
ret = _lib.i2d_X509_CRL_bio(bio, crl._crl)
elif type == FILETYPE_TEXT:
ret = _lib.X509_CRL_print(bio, crl._crl)
else:
raise ValueError(
"type argument must be FILETYPE_PEM, FILETYPE_ASN1, or "
"FILETYPE_TEXT")

assert ret == 1
return _bio_to_string(bio)


def load_crl(type, buffer):
"""
Load a certificate revocation list from a buffer
Expand Down
10 changes: 9 additions & 1 deletion OpenSSL/test/test_crypto.py
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
from OpenSSL.crypto import dump_certificate_request, dump_privatekey
from OpenSSL.crypto import PKCS7Type, load_pkcs7_data
from OpenSSL.crypto import PKCS12, PKCS12Type, load_pkcs12
from OpenSSL.crypto import CRL, Revoked, load_crl
from OpenSSL.crypto import CRL, Revoked, dump_crl, load_crl
from OpenSSL.crypto import NetscapeSPKI, NetscapeSPKIType
from OpenSSL.crypto import (
sign, verify, get_elliptic_curve, get_elliptic_curves)
Expand Down Expand Up @@ -3205,6 +3205,14 @@ def test_load_crl_bad_data(self):
"""
self.assertRaises(Error, load_crl, FILETYPE_PEM, b"hello, world")

def test_dump_crl(self):
"""
Check that the dumped CRL matches the original input.
"""
crl = load_crl(FILETYPE_PEM, crlData)
buf = dump_crl(FILETYPE_PEM, crl)
assert buf == crlData


class X509StoreContextTests(TestCase):
"""
Expand Down
2 changes: 2 additions & 0 deletions doc/api/crypto.rst
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,8 @@ Private keys
Certificate revocation lists
~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.. autofunction:: dump_crl

.. py:function:: load_crl(type, buffer)
Load Certificate Revocation List (CRL) data from a string *buffer*.
Expand Down

0 comments on commit 0974db9

Please sign in to comment.