def _workaround_new_extension(name, value, critical=False, issuer=None, _pyfree=1):
# m2crypto removes x509v3_lhash with 0.25.1
try:
ctx = m2.x509v3_set_nconf()
if ctx is None:
raise MemoryError()
_init_m2_ctx(ctx, issuer)
x509_ext_ptr = m2.x509v3_ext_conf(None, ctx, name, value)
except AttributeError:
lhash = m2.x509v3_lhash()
ctx = m2.x509v3_set_conf_lhash(lhash)
_init_m2_ctx(ctx, issuer)
x509_ext_ptr = m2.x509v3_ext_conf(lhash, ctx, name, value)
if x509_ext_ptr is None:
raise Exception('Could not create the X509v3 extension')
x509_ext = X509.X509_Extension(x509_ext_ptr, _pyfree)
x509_ext.set_critical(critical)
return x509_ext
def _workaround_new_extension(name, value, critical=False, issuer=None, _pyfree=1):
lhash = m2.x509v3_lhash()
ctx = m2.x509v3_set_conf_lhash(lhash)
_init_m2_ctx(ctx, issuer)
x509_ext_ptr = m2.x509v3_ext_conf(lhash, ctx, name, value)
if x509_ext_ptr is None:
raise Exception('Could not create the X509v3 extension')
x509_ext = X509.X509_Extension(x509_ext_ptr, _pyfree)
x509_ext.set_critical(critical)
return x509_ext
def test_ext(self):
if 0: # XXX
# With this leaks 8 bytes:
name = "proxyCertInfo"
value = "critical,language:Inherit all"
else:
# With this there are no leaks:
name = "nsComment"
value = "Hello"
ctx = m2.x509v3_set_nconf()
x509_ext_ptr = m2.x509v3_ext_conf(None, ctx, name, value)
X509.X509_Extension(x509_ext_ptr, 1)
def new_extension(name, value, critical=0, _pyfree=1):
"""
Create new X509_Extension instance.
"""
if name == 'subjectKeyIdentifier' and \
value.strip('0123456789abcdefABCDEF:') is not '':
raise ValueError('value must be precomputed hash')
lhash = m2.x509v3_lhash()
ctx = m2.x509v3_set_conf_lhash(lhash)
x509_ext_ptr = m2.x509v3_ext_conf(lhash, ctx, name, value)
x509_ext = X509_Extension(x509_ext_ptr, _pyfree)
x509_ext.set_critical(critical)
return x509_ext
def test_ext(self):
if 0: # XXX
# With this leaks 8 bytes:
name = "proxyCertInfo"
value = "critical,language:Inherit all"
else:
# With this there are no leaks:
name = "nsComment"
value = "Hello"
ctx = m2.x509v3_set_nconf()
x509_ext_ptr = m2.x509v3_ext_conf(None, ctx, name, value)
X509.X509_Extension(x509_ext_ptr, 1)
def test_ext(self):
# With this leaks 8 bytes:
name = "proxyCertInfo"
value = "critical,language:Inherit all"
# With this there are no leaks:
#name = "nsComment"
#value = "Hello"
critical = 1
lhash = m2.x509v3_lhash()
ctx = m2.x509v3_set_conf_lhash(lhash)
x509_ext_ptr = m2.x509v3_ext_conf(lhash, ctx, name, value)
x509_ext = X509.X509_Extension(x509_ext_ptr, 1)
def new_extension(name, value, critical=0, _pyfree=1):
# type: (str, bytes, int, int) -> X509_Extension
"""
Create new X509_Extension instance.
"""
if name == 'subjectKeyIdentifier' and \
value.strip('0123456789abcdefABCDEF:') != '':
raise ValueError('value must be precomputed hash')
ctx = m2.x509v3_set_nconf()
x509_ext_ptr = m2.x509v3_ext_conf(None, ctx, name, value)
if x509_ext_ptr is None:
raise X509Error(
"Cannot create X509_Extension with name '%s' and value '%s'" %
(name, value))
x509_ext = X509_Extension(x509_ext_ptr, _pyfree)
x509_ext.set_critical(critical)
return x509_ext
def new_extension(name, value, critical=0, _pyfree=1):
# type: (str, bytes, int, int) -> X509_Extension
"""
Create new X509_Extension instance.
"""
if name == 'subjectKeyIdentifier' and \
value.strip('0123456789abcdefABCDEF:') is not '':
raise ValueError('value must be precomputed hash')
ctx = m2.x509v3_set_nconf()
x509_ext_ptr = m2.x509v3_ext_conf(None, ctx, name, value)
if x509_ext_ptr is None:
raise X509Error(
"Cannot create X509_Extension with name '%s' and value '%s'" %
(name, value))
x509_ext = X509_Extension(x509_ext_ptr, _pyfree)
x509_ext.set_critical(critical)
return x509_ext
def new_extension_fixed(name, value, critical=0, issuer=None, _pyfree=1):
"""
Create new X509_Extension instance with fix for issuer setting.
"""
if name == 'subjectKeyIdentifier' and \
value.strip('0123456789abcdefABCDEF:') is not '':
raise ValueError('value must be precomputed hash')
ctx = m2.x509v3_set_nconf()
# zero out structure, assign issuer
fix_ctx(ctx, issuer)
x509_ext_ptr = m2.x509v3_ext_conf(None, ctx, name, value)
if x509_ext_ptr is None:
raise Exception
x509_ext = X509_Extension(x509_ext_ptr, _pyfree)
x509_ext.set_critical(critical)
return x509_ext
def new_extension_fixed(name, value, critical=0, issuer=None, _pyfree=1):
"""
Create new X509_Extension instance with fix for issuer setting.
"""
if name == 'subjectKeyIdentifier' and \
value.strip('0123456789abcdefABCDEF:') is not '':
raise ValueError('value must be precomputed hash')
ctx = m2.x509v3_set_nconf()
# zero out structure, assign issuer
fix_ctx(ctx, issuer)
x509_ext_ptr = m2.x509v3_ext_conf(None, ctx, name, value)
if x509_ext_ptr is None:
raise Exception
x509_ext = X509_Extension(x509_ext_ptr, _pyfree)
x509_ext.set_critical(critical)
return x509_ext
def new_extension(name, value, critical=0, issuer=None, _pyfree = 1):
"""
Create new X509_Extension instance.
"""
if name == 'subjectKeyIdentifier' and \
value.strip('0123456789abcdefABCDEF:') is not '':
raise ValueError('value must be precomputed hash')
lhash = m2.x509v3_lhash()
ctx = m2.x509v3_set_conf_lhash(lhash)
#ctx not zeroed
fix_ctx(ctx, issuer)
x509_ext_ptr = m2.x509v3_ext_conf(lhash, ctx, name, value)
#ctx,lhash freed
if x509_ext_ptr is None:
raise Exception
x509_ext = X509.X509_Extension(x509_ext_ptr, _pyfree)
x509_ext.set_critical(critical)
return x509_ext