def text_crlf(text):
bio_in = BIO.MemoryBuffer(text)
bio_out = BIO.MemoryBuffer()
if m2.smime_crlf_copy(bio_in, bio_out):
return bio_out.read()
else:
raise Err.get_error()
def ctSSL_initialize(multithreading=False):
"""
Initialize ctSSL's ctypes bindings, and OpenSSL libraries and error
strings. Optionally initializes OpenSSL multithreading support.
Should always be called before any other ctSSL function.
"""
# Initialize multithreading
multithreading=False # TODO: Clean start. Disabled for now, causes issues
# Might not be required ?
if multithreading:
openSSL_threading_init()
openSSL_threading = True
# Initialize libraries and error strings
libssl.SSL_library_init()
libssl.SSL_load_error_strings()
if libcrypto.RAND_status() != 1:
raise ctSSLInitError('OpenSSL PRNG not seeded with enough data.')
# Tell ctypes the arguments and return types for every C function that is exposed
BIO.init_BIO_functions()
SSL_CTX.init_SSL_CTX_functions()
SSL.init_SSL_functions()
SSL_SESSION.init_SSL_SESSION_functions()
X509.init_X509_functions()
errors.init_ERR_functions()
def ctSSL_initialize(multithreading=False, zlib=False):
"""
Initialize ctSSL's ctypes bindings, and OpenSSL libraries and error
strings. Should always be called before any other ctSSL function.
@type multithreading: boolean
@param multithreading: Initialize OpenSSL multithreading support.
TODO: This actually doesn't do anything ATM.
@type zlib: boolean
@param zlib: Initialize support for Zlib compression.
"""
# Initialize multithreading
multithreading = False # TODO: Clean start. Disabled for now, causes issues
# Might not be required ?
if multithreading:
openSSL_threading_init()
openSSL_threading = True
# Initialize libraries and error strings
libssl.SSL_library_init()
libssl.SSL_load_error_strings()
if libcrypto.RAND_status() != 1:
raise ctSSLInitError('OpenSSL PRNG not seeded with enough data.')
# Tell ctypes the arguments and return types for every C function that is exposed
BIO.init_BIO_functions()
SSL_CTX.init_SSL_CTX_functions()
SSL.init_SSL_functions()
SSL_SESSION.init_SSL_SESSION_functions()
X509.init_X509_functions()
errors.init_ERR_functions()
if zlib: # Enable Zlib compression. Can only be done globally.
try:
libcrypto.COMP_zlib.argtypes = []
libcrypto.COMP_zlib.restype = c_void_p
libssl.SSL_COMP_add_compression_method.argtypes = [c_int, c_void_p]
libssl.SSL_COMP_add_compression_method.restype = c_int
zlib_comp_p = libcrypto.COMP_zlib()
has_zlib = libssl.SSL_COMP_add_compression_method(1, zlib_comp_p)
except AttributeError: # OpenSSL is super old and COMP_XX() is not defined ?
raise errors.ctSSLFeatureNotAvailable(
"Could not enable Zlib compression: not supported by the version of the OpenSSL library that was loaded ?"
)
except: # TODO: Check for common errors here and add meaningful error message
raise
if has_zlib != 0:
raise errors.ctSSLFeatureNotAvailable(
"Could not enable Zlib compression: OpenSSL was not built with Zlib support ?"
)
features_not_available.ZLIB_NOT_AVAIL = False
def ctSSL_initialize(multithreading=False, zlib=False):
"""
Initialize ctSSL's ctypes bindings, and OpenSSL libraries and error
strings. Should always be called before any other ctSSL function.
@type multithreading: boolean
@param multithreading: Initialize OpenSSL multithreading support.
TODO: This actually doesn't do anything ATM.
@type zlib: boolean
@param zlib: Initialize support for Zlib compression.
"""
# Initialize multithreading
multithreading = False # TODO: Clean start. Disabled for now, causes issues
# Might not be required ?
if multithreading:
openSSL_threading_init()
openSSL_threading = True
# Initialize libraries and error strings
libssl.SSL_library_init()
libssl.SSL_load_error_strings()
if libcrypto.RAND_status() != 1:
raise ctSSLInitError("OpenSSL PRNG not seeded with enough data.")
# Tell ctypes the arguments and return types for every C function that is exposed
BIO.init_BIO_functions()
SSL_CTX.init_SSL_CTX_functions()
SSL.init_SSL_functions()
SSL_SESSION.init_SSL_SESSION_functions()
X509.init_X509_functions()
errors.init_ERR_functions()
if zlib: # Enable Zlib compression. Can only be done globally.
try:
libcrypto.COMP_zlib.argtypes = []
libcrypto.COMP_zlib.restype = c_void_p
libssl.SSL_COMP_add_compression_method.argtypes = [c_int, c_void_p]
libssl.SSL_COMP_add_compression_method.restype = c_int
zlib_comp_p = libcrypto.COMP_zlib()
has_zlib = libssl.SSL_COMP_add_compression_method(1, zlib_comp_p)
except AttributeError: # OpenSSL is super old and COMP_XX() is not defined ?
raise errors.ctSSLFeatureNotAvailable(
"Could not enable Zlib compression: not supported by the version of the OpenSSL library that was loaded ?"
)
except: # TODO: Check for common errors here and add meaningful error message
raise
if has_zlib != 0:
raise errors.ctSSLFeatureNotAvailable(
"Could not enable Zlib compression: OpenSSL was not built with Zlib support ?"
)
features_not_available.ZLIB_NOT_AVAIL = False
def as_pem(self, cipher='aes_128_cbc', callback=util.passphrase_callback):
"""
Returns the key(pair) as a string in PEM format.
"""
bio = BIO.MemoryBuffer()
self.save_key_bio(bio, cipher, callback)
return bio.read()
def text_crlf_bio(bio_in):
bio_out = BIO.MemoryBuffer()
m2.smime_crlf_copy(bio_in, bio_out)
if m2.smime_crlf_copy(bio_in, bio_out):
return bio_out
else:
raise Err.get_error()
def smime_load_pkcs7(p7file):
bio = m2.bio_new_file(p7file, 'r')
if bio is None:
raise BIO.BIOError(Err.get_error())
try:
p7_ptr, bio_ptr = m2.smime_read_pkcs7(bio)
finally:
m2.bio_free(bio)
if p7_ptr is None:
raise SMIME_Error(Err.get_error())
if bio_ptr is None:
return PKCS7(p7_ptr, 1), None
else:
return PKCS7(p7_ptr, 1), BIO.BIO(bio_ptr, 1)
def smime_load_pkcs7_bio(p7_bio):
p7_ptr, bio_ptr = m2.smime_read_pkcs7(p7_bio._ptr())
if p7_ptr is None:
raise Err.get_error()
if bio_ptr is None:
return PKCS7(p7_ptr, 1), None
else:
return PKCS7(p7_ptr, 1), BIO.BIO(bio_ptr, 1)
def as_pem(self):
"""
Returns the Diffie-Hellman parameters as a string in PEM format.
"""
assert m2.dh_type_check(self.dh), "'dh' type error"
bio = BIO.MemoryBuffer()
m2.dh_write_params(self.dh, bio._ptr())
return bio.read()
def save_key_der(self, file):
"""
Save the key pair to a file in DER format.
@type file: str
@param file: Filename to save key to
"""
bio = BIO.openfile(file, 'wb')
return self.save_key_der_bio(bio)
def save_pub_key(self, file):
"""
Save the public key to a file in PEM format.
@type file: string
@param file: Name of file to save key to.
"""
bio = BIO.openfile(file, 'wb')
return m2.rsa_write_pub_key(self.rsa, bio._ptr())
def save_key_der(self, file):
"""
Save the key pair to a file in DER format.
@type file: str
@param file: Filename to save key to
"""
bio = BIO.openfile(file, "wb")
return self.save_key_der_bio(bio)
def save_pub_key(self, file):
"""
Save the public key to a file in PEM format.
@type file: string
@param file: Name of file to save key to.
"""
bio = BIO.openfile(file, "wb")
return m2.rsa_write_pub_key(self.rsa, bio._ptr())
def save_key_der(self, file):
"""
Save the key pair to a file in DER format.
@type bio: M2Crypto.BIO.BIO
@param bio: M2Crypto.BIO.BIO object to save key to.
"""
bio = BIO.openfile(file, 'wb')
return self.save_key_der_bio(bio)
def load_key(file, callback=util.passphrase_callback):
"""
Factory function that instantiates a EC object.
@param file: Names the file that contains the PEM representation
of the EC key pair.
@param callback: Python callback object that will be invoked
if the EC key pair is passphrase-protected.
"""
bio = BIO.openfile(file)
return load_key_bio(bio, callback)
def load_key(file, callback=util.passphrase_callback):
"""
Factory function that instantiates a EC object.
@param file: Names the file that contains the PEM representation
of the EC key pair.
@param callback: Python callback object that will be invoked
if the EC key pair is passphrase-protected.
"""
bio = BIO.openfile(file)
return load_key_bio(bio, callback)
def save_params(self, filename):
"""
Save the DSA parameters to a file.
@type filename: str
@param filename: Save the DSA parameters to this file.
@return: 1 (true) if successful
"""
bio = BIO.openfile(filename, 'wb')
ret = m2.dsa_write_params_bio(self.dsa, bio._ptr())
bio.close()
return ret
def save_params(self, filename):
"""
Save the DSA parameters to a file.
@type filename: str
@param filename: Save the DSA parameters to this file.
@return: 1 (true) if successful
"""
bio = BIO.openfile(filename, 'wb')
ret = m2.dsa_write_params_bio(self.dsa, bio._ptr())
bio.close()
return ret
def load_pub_key(file):
"""
Load an RSA public key from file.
@type file: string
@param file: Name of file containing RSA public key in PEM format.
@rtype: M2Crypto.RSA.RSA_pub
@return: M2Crypto.RSA.RSA_pub object.
"""
bio = BIO.openfile(file)
return load_pub_key_bio(bio)
def load_pub_key(file):
"""
Load an RSA public key from file.
@type file: string
@param file: Name of file containing RSA public key in PEM format.
@rtype: M2Crypto.RSA.RSA_pub
@return: M2Crypto.RSA.RSA_pub object.
"""
bio = BIO.openfile(file)
return load_pub_key_bio(bio)
def load_pkcs7(p7file):
bio = m2.bio_new_file(p7file, 'r')
if bio is None:
raise BIO.BIOError(Err.get_error())
try:
p7_ptr = m2.pkcs7_read_bio(bio)
finally:
m2.bio_free(bio)
if p7_ptr is None:
raise PKCS7_Error(Err.get_error())
return PKCS7(p7_ptr, 1)
def save_pub_key(self, filename):
"""
Save the DSA public key (with parameters) to a file.
@type filename: str
@param filename: Save DSA public key (with parameters)
to this file.
@return: 1 (true) if successful
"""
bio = BIO.openfile(filepath, 'wb')
ret = self.save_pub_key_bio(bio)
bio.close()
return ret
def save_pub_key(self, filename):
"""
Save the DSA public key (with parameters) to a file.
@type filename: str
@param filename: Save DSA public key (with parameters)
to this file.
@return: 1 (true) if successful
"""
bio = BIO.openfile(filename, 'wb')
ret = self.save_pub_key_bio(bio)
bio.close()
return ret
def save_key(self, filename, cipher='aes_128_cbc',
callback=util.passphrase_callback):
"""
Save the DSA key pair to a file.
@type filename: str
@param filename: Save the DSA key pair to this file.
@type cipher: str
@param cipher: name of symmetric key algorithm and mode
to encrypt the private key.
@return: 1 (true) if successful
"""
bio = BIO.openfile(filename, 'wb')
ret = self.save_key_bio(bio, cipher, callback)
bio.close()
return ret
def save_key(self, filename, cipher='aes_128_cbc',
callback=util.passphrase_callback):
"""
Save the DSA key pair to a file.
@type filename: str
@param filename: Save the DSA key pair to this file.
@type cipher: str
@param cipher: name of symmetric key algorithm and mode
to encrypt the private key.
@return: 1 (true) if successful
"""
bio = BIO.openfile(filepath, 'wb')
ret = self.save_key_bio(bio, cipher, callback)
bio.close()
return ret
def load_key(file, callback=util.passphrase_callback):
"""
Load an RSA key pair from file.
@type file: string
@param file: Name of file containing RSA public key in PEM format.
@type callback: Python callable
@param callback: A Python callable object that is invoked
to acquire a passphrase with which to unlock the key.
The default is util.passphrase_callback.
@rtype: M2Crypto.RSA.RSA
@return: M2Crypto.RSA.RSA object.
"""
bio = BIO.openfile(file)
return load_key_bio(bio, callback)
def load_key(file, callback=util.passphrase_callback):
"""
Load an RSA key pair from file.
@type file: string
@param file: Name of file containing RSA public key in PEM format.
@type callback: Python callable
@param callback: A Python callable object that is invoked
to acquire a passphrase with which to unlock the key.
The default is util.passphrase_callback.
@rtype: M2Crypto.RSA.RSA
@return: M2Crypto.RSA.RSA object.
"""
bio = BIO.openfile(file)
return load_key_bio(bio, callback)
def load_key_string(string, callback=util.passphrase_callback):
"""
Load an RSA key pair from a string.
@type string: string
@param string: String containing RSA key pair in PEM format.
@type callback: Python callable
@param callback: A Python callable object that is invoked
to acquire a passphrase with which to unlock the key.
The default is util.passphrase_callback.
@rtype: M2Crypto.RSA.RSA
@return: M2Crypto.RSA.RSA object.
"""
bio = BIO.MemoryBuffer(string)
return load_key_bio(bio, callback)
def load_key(file, callback=util.passphrase_callback):
"""
Factory function that instantiates a DSA object from a
PEM encoded DSA key pair.
@type file: str
@param file: Names the file (a path) that contains the PEM
representation of the DSA key pair.
@type callback: A Python callable
@param callback: A Python callback object that will be
invoked if the DSA key pair is
passphrase-protected.
@rtype: DSA
@return: instance of DSA.
"""
bio = BIO.openfile(file)
ret = load_key_bio(bio, callback)
bio.close()
return ret
def load_key(file, callback=util.passphrase_callback):
"""
Factory function that instantiates a DSA object from a
PEM encoded DSA key pair.
@type file: str
@param file: Names the file (a path) that contains the PEM
representation of the DSA key pair.
@type callback: A Python callable
@param callback: A Python callback object that will be
invoked if the DSA key pair is
passphrase-protected.
@rtype: DSA
@return: instance of DSA.
"""
bio = BIO.openfile(file)
ret = load_key_bio(bio, callback)
bio.close()
return ret
def save_key(self, file, cipher="aes_128_cbc", callback=util.passphrase_callback):
"""
Save the key pair to a file in PEM format.
@type file: string
@param file: Name of file to save key to.
@type cipher: string
@param cipher: Symmetric cipher to protect the key. The default
cipher is 'aes_128_cbc'. If cipher is None, then the key is saved
in the clear.
@type callback: Python callable
@param callback: A Python callable object that is invoked
to acquire a passphrase with which to protect the key.
The default is util.passphrase_callback.
"""
bio = BIO.openfile(file, "wb")
return self.save_key_bio(bio, cipher, callback)
def save_key(self, file, cipher='aes_128_cbc', callback=util.passphrase_callback):
"""
Save the key pair to a file in PEM format.
@type file: string
@param file: Name of file to save key to.
@type cipher: string
@param cipher: Symmetric cipher to protect the key. The default
cipher is 'aes_128_cbc'. If cipher is None, then the key is saved
in the clear.
@type callback: Python callable
@param callback: A Python callable object that is invoked
to acquire a passphrase with which to protect the key.
The default is util.passphrase_callback.
"""
bio = BIO.openfile(file, 'wb')
return self.save_key_bio(bio, cipher, callback)
def load_pub_key(file, callback=util.passphrase_callback):
"""
Factory function that instantiates a DSA_pub object using
a DSA public key contained in PEM file. The PEM file
must contain the parameters in addition to the public key.
@type file: str
@param file: Names the file (a path) that contains the PEM
representation of the DSA public key.
@type callback: A Python callable
@param callback: A Python callback object that will be
invoked should the DSA public key be
passphrase-protected.
@rtype: DSA_pub
@return: instance of DSA_pub.
"""
bio = BIO.openfile(file)
ret = load_pub_key_bio(bio, callback)
bio.close()
return ret
def load_pub_key(file, callback=util.passphrase_callback):
"""
Factory function that instantiates a DSA_pub object using
a DSA public key contained in PEM file. The PEM file
must contain the parameters in addition to the public key.
@type file: str
@param file: Names the file (a path) that contains the PEM
representation of the DSA public key.
@type callback: A Python callable
@param callback: A Python callback object that will be
invoked should the DSA public key be
passphrase-protected.
@rtype: DSA_pub
@return: instance of DSA_pub.
"""
bio = BIO.openfile(file)
ret = load_pub_key_bio(bio, callback)
bio.close()
return ret
def __str__(self):
assert m2.asn1_utctime_type_check(
self.asn1_utctime), "'asn1_utctime' type error'"
buf = BIO.MemoryBuffer()
m2.asn1_utctime_print(buf.bio_ptr(), self.asn1_utctime)
return buf.read_all()
def text_crlf_bio(bio_in):
bio_out = BIO.MemoryBuffer()
if m2.smime_crlf_copy(bio_in._ptr(), bio_out._ptr()):
return bio_out
else:
raise SMIME_Error(Err.get_error())
def load_params(file):
bio = BIO.openfile(file)
return load_params_bio(bio)
def as_text(self, flags=0):
buf = BIO.MemoryBuffer()
m2.asn1_string_print_ex(buf.bio_ptr(), self.asn1str, flags)
return buf.read_all()
def load_params(file):
bio = BIO.openfile(file)
return load_params_bio(bio)
def __str__(self):
buf = BIO.MemoryBuffer()
m2.asn1_string_print(buf.bio_ptr(), self.asn1str)
return buf.read_all()
def get_error():
err = BIO.MemoryBuffer()
m2.err_print_errors(err.bio_ptr())
return err.getvalue()