def verify(self, pkey=None):
# type: (Optional[EVP.PKey]) -> int
assert m2.x509_type_check(self.x509), "'x509' type error"
if pkey:
return m2.x509_verify(self.x509, pkey.pkey)
else:
return m2.x509_verify(self.x509, self.get_pubkey().pkey)
def set_issuer_name(self, name):
# type: (X509_Name) -> int
"""
:return: 1 on success, 0 on failure
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_issuer_name(self.x509, name.x509_name)
def set_not_before(self, asn1_utctime):
# type: (ASN1.ASN1_UTCTIME) -> int
"""
@return: 1 on success, 0 on failure
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_not_before(self.x509, asn1_utctime._ptr())
def set_not_after(self, asn1_time):
# type: (ASN1.ASN1_TIME) -> int
"""
:return: 1 on success, 0 on failure
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_not_after(self.x509, asn1_time._ptr())
def set_issuer_name(self, name):
# type: (X509_Name) -> int
"""
:return: 1 on success, 0 on failure
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_issuer_name(self.x509, name.x509_name)
def set_not_after(self, asn1_time):
# type: (ASN1.ASN1_TIME) -> int
"""
:return: 1 on success, 0 on failure
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_not_after(self.x509, asn1_time._ptr())
def verify(self, pkey=None):
# type: (Optional[EVP.PKey]) -> int
assert m2.x509_type_check(self.x509), "'x509' type error"
if pkey:
return m2.x509_verify(self.x509, pkey.pkey)
else:
return m2.x509_verify(self.x509, self.get_pubkey().pkey)
def __init__(self, x509=None, _pyfree=0):
if x509 is not None:
assert m2.x509_type_check(x509), "'x509' type error"
self.x509 = x509
self._pyfree = _pyfree
else:
self.x509 = m2.x509_new()
self._pyfree = 1
def get_not_after(self):
assert m2.x509_type_check(self.x509), "'x509' type error"
out = ASN1.ASN1_UTCTIME(m2.x509_get_not_after(self.x509))
if 'Bad time value' in str(out):
raise X509Error('''M2Crypto cannot handle dates after year 2050.
See RFC 5280 4.1.2.5 for more information.
''')
return out
def __init__(self, x509=None, _pyfree=0):
if x509 is not None:
assert m2.x509_type_check(x509), "'x509' type error"
self.x509 = x509
self._pyfree = _pyfree
else:
self.x509 = m2.x509_new()
self._pyfree = 1
def set_subject(self, name):
"""
Set subject name.
@type name: X509_Name
@param name: subjectName field.
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_subject_name(self.x509, name.x509_name)
def add_ext(self, ext):
"""
Add X509 extension to this certificate.
@type ext: X509_Extension
@param ext: Extension
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_add_ext(self.x509, ext.x509_ext, -1)
def set_subject(self, name):
"""
Set subject name.
@type name: X509_Name
@param name: subjectName field.
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_subject_name(self.x509, name.x509_name)
def add_ext(self, ext):
"""
Add X509 extension to this certificate.
@type ext: X509_Extension
@param ext: Extension
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_add_ext(self.x509, ext.x509_ext, -1)
def set_pubkey(self, pkey):
"""
Set the public key for the certificate
@type pkey: EVP_PKEY
@param pkey: Public key
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_pubkey(self.x509, pkey.pkey)
def get_not_after(self):
assert m2.x509_type_check(self.x509), "'x509' type error"
out = ASN1.ASN1_UTCTIME(m2.x509_get_not_after(self.x509))
if 'Bad time value' in str(out):
raise X509Error(
'''M2Crypto cannot handle dates after year 2050.
See RFC 5280 4.1.2.5 for more information.
''')
return out
def set_pubkey(self, pkey):
"""
Set the public key for the certificate
@type pkey: EVP_PKEY
@param pkey: Public key
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_pubkey(self.x509, pkey.pkey)
def set_version(self, version):
# type: (int) -> int
"""
Set version of the certificate.
:param version: Version number.
:return: Returns 0 on failure.
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_version(self.x509, version)
def set_subject(self, name):
# type: (X509_Name) -> int
"""
Set subject name.
@param name: subjectName field.
@return 1 for success and 0 for failure
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_subject_name(self.x509, name.x509_name)
def add_ext(self, ext):
# type: (X509_Extension) -> int
"""
Add X509 extension to this certificate.
@param ext: Extension
@return 1 for success and 0 for failure
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_add_ext(self.x509, ext.x509_ext, -1)
def set_version(self, version):
# type: (int) -> int
"""
Set version of the certificate.
:param version: Version number.
:return: Returns 0 on failure.
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_version(self.x509, version)
def set_pubkey(self, pkey):
# type: (EVP.PKey) -> int
"""
Set the public key for the certificate
@param pkey: Public key
@return 1 for success and 0 for failure
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_pubkey(self.x509, pkey.pkey)
def set_pubkey(self, pkey):
# type: (EVP.PKey) -> int
"""
Set the public key for the certificate
:param pkey: Public key
:return 1 for success and 0 for failure
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_pubkey(self.x509, pkey.pkey)
def set_version(self, version):
"""
Set version.
@type version: int
@param version: Version number.
@rtype: int
@return: Returns 0 on failure.
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_version(self.x509, version)
def set_version(self, version):
"""
Set version.
@type version: int
@param version: Version number.
@rtype: int
@return: Returns 0 on failure.
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_version(self.x509, version)
def set_subject(self, name):
# type: (X509_Name) -> int
"""
Set subject name.
:param name: subjectName field.
:return 1 for success and 0 for failure
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_subject_name(self.x509, name.x509_name)
def add_ext(self, ext):
# type: (X509_Extension) -> int
"""
Add X509 extension to this certificate.
:param ext: Extension
:return 1 for success and 0 for failure
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_add_ext(self.x509, ext.x509_ext, -1)
def set_serial_number(self, serial):
"""
Set serial number.
@type serial: int
@param serial: Serial number.
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
# This "magically" changes serial since asn1_integer
# is C pointer to x509's internal serial number.
asn1_integer = m2.x509_get_serial_number(self.x509)
return m2.asn1_integer_set(asn1_integer, serial)
def set_serial_number(self, serial):
"""
Set serial number.
@type serial: int
@param serial: Serial number.
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
# This "magically" changes serial since asn1_integer
# is C pointer to x509's internal serial number.
asn1_integer = m2.x509_get_serial_number(self.x509)
return m2.asn1_integer_set(asn1_integer, serial)
def set_serial_number(self, serial):
# type: (ASN1.ASN1_Integer) -> int
"""
Set serial number.
@param serial: Serial number.
@return 1 for success and 0 for failure.
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
# This "magically" changes serial since asn1_integer
# is C pointer to x509's internal serial number.
asn1_integer = m2.x509_get_serial_number(self.x509)
return m2.asn1_integer_set(asn1_integer, serial)
def __init__(self, x509=None, _pyfree=0):
# type: (Optional[bytes], int) -> None
"""
:param x509: binary representation of
the underlying OpenSSL X509 object.
:param _pyfree:
"""
if x509 is not None:
assert m2.x509_type_check(x509), "'x509' type error"
self.x509 = x509
self._pyfree = _pyfree
else:
self.x509 = m2.x509_new()
self._pyfree = 1
def __init__(self, x509=None, _pyfree=0):
# type: (Optional[bytes], int) -> None
"""
:param x509: binary representation of
the underlying OpenSSL X509 object.
:param _pyfree:
"""
if x509 is not None:
assert m2.x509_type_check(x509), "'x509' type error"
self.x509 = x509
self._pyfree = _pyfree
else:
self.x509 = m2.x509_new()
self._pyfree = 1
def set_serial_number(self, serial):
# type: (ASN1.ASN1_Integer) -> int
"""
Set serial number.
:param serial: Serial number.
:return 1 for success and 0 for failure.
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
# This "magically" changes serial since asn1_integer
# is C pointer to x509's internal serial number.
asn1_integer = m2.x509_get_serial_number(self.x509)
return m2.asn1_integer_set(asn1_integer, serial)
def sign(self, pkey, md):
"""
Sign the certificate.
@type pkey: EVP_PKEY
@param pkey: Public key
@type md: str
@param md: Message digest algorithm to use for signing,
for example 'sha1'.
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
mda = getattr(m2, md, None)
if mda is None:
raise ValueError('unknown message digest', md)
return m2.x509_sign(self.x509, pkey.pkey, mda())
def sign(self, pkey, md):
# type: (EVP.PKey, str) -> int
"""
Sign the certificate.
@param pkey: Public key
@param md: Message digest algorithm to use for signing,
for example 'sha1'.
@return int
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
mda = getattr(m2, md, None)
if mda is None:
raise ValueError('unknown message digest', md)
return m2.x509_sign(self.x509, pkey.pkey, mda())
def sign(self, pkey, md):
# type: (EVP.PKey, str) -> int
"""
Sign the certificate.
:param pkey: Public key
:param md: Message digest algorithm to use for signing,
for example 'sha1'.
:return int
"""
assert m2.x509_type_check(self.x509), "'x509' type error"
mda = getattr(m2, md, None)
if mda is None:
raise ValueError('unknown message digest', md)
return m2.x509_sign(self.x509, pkey.pkey, mda())
def as_text(self):
# type: () -> str
assert m2.x509_type_check(self.x509), "'x509' type error"
buf = BIO.MemoryBuffer()
m2.x509_print(buf.bio_ptr(), self.x509)
return util.py3str(buf.read_all())
def _ptr(self):
# type: () -> bytes
assert m2.x509_type_check(self.x509), "'x509' type error"
return self.x509
def set_not_after(self, asn1_utctime):
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_not_after(self.x509, asn1_utctime._ptr())
def get_subject(self):
# type: () -> X509_Name
assert m2.x509_type_check(self.x509), "'x509' type error"
return X509_Name(m2.x509_get_subject_name(self.x509))
def get_not_before(self):
# type: () -> ASN1.ASN1_TIME
assert m2.x509_type_check(self.x509), "'x509' type error"
return ASN1.ASN1_TIME(m2.x509_get_not_before(self.x509))
def get_version(self):
# type: () -> int
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_get_version(self.x509)
def set_issuer_name(self, name):
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_issuer_name(self.x509, name.x509_name)
def get_serial_number(self):
# type: () -> ASN1.ASN1_Integer
assert m2.x509_type_check(self.x509), "'x509' type error"
asn1_integer = m2.x509_get_serial_number(self.x509)
return m2.asn1_integer_get(asn1_integer)
def get_not_before(self):
# type: () -> ASN1.ASN1_TIME
assert m2.x509_type_check(self.x509), "'x509' type error"
return ASN1.ASN1_TIME(m2.x509_get_not_before(self.x509))
def verify(self, pkey=None):
assert m2.x509_type_check(self.x509), "'x509' type error"
if pkey:
return m2.x509_verify(self.x509, pkey.pkey)
else:
return m2.x509_verify(self.x509, self.get_pubkey().pkey)
def get_pubkey(self):
# type: () -> EVP.PKey
assert m2.x509_type_check(self.x509), "'x509' type error"
return EVP.PKey(m2.x509_get_pubkey(self.x509), _pyfree=1)
def get_subject(self):
# type: () -> X509_Name
assert m2.x509_type_check(self.x509), "'x509' type error"
return X509_Name(m2.x509_get_subject_name(self.x509))
def get_issuer(self):
assert m2.x509_type_check(self.x509), "'x509' type error"
return X509_Name(m2.x509_get_issuer_name(self.x509))
def as_der(self):
# type: () -> bytes
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.i2d_x509(self.x509)
def _ptr(self):
# type: () -> bytes
assert m2.x509_type_check(self.x509), "'x509' type error"
return self.x509
def get_version(self):
# type: () -> int
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_get_version(self.x509)
def set_not_after(self, asn1_utctime):
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_not_after(self.x509, asn1_utctime._ptr())
def get_issuer(self):
assert m2.x509_type_check(self.x509), "'x509' type error"
return X509_Name(m2.x509_get_issuer_name(self.x509))
def get_serial_number(self):
# type: () -> ASN1.ASN1_Integer
assert m2.x509_type_check(self.x509), "'x509' type error"
asn1_integer = m2.x509_get_serial_number(self.x509)
return m2.asn1_integer_get(asn1_integer)
def as_der(self):
# type: () -> bytes
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.i2d_x509(self.x509)
def get_pubkey(self):
# type: () -> EVP.PKey
assert m2.x509_type_check(self.x509), "'x509' type error"
return EVP.PKey(m2.x509_get_pubkey(self.x509), _pyfree=1)
def as_text(self):
# type: () -> str
assert m2.x509_type_check(self.x509), "'x509' type error"
buf = BIO.MemoryBuffer()
m2.x509_print(buf.bio_ptr(), self.x509)
return six.ensure_text(buf.read_all())
def verify(self, pkey=None):
assert m2.x509_type_check(self.x509), "'x509' type error"
if pkey:
return m2.x509_verify(self.x509, pkey.pkey)
else:
return m2.x509_verify(self.x509, self.get_pubkey().pkey)
def set_issuer_name(self, name):
assert m2.x509_type_check(self.x509), "'x509' type error"
return m2.x509_set_issuer_name(self.x509, name.x509_name)
