def create(dotted, shortname, longname):
"""
Creates new OID in the database
@param dotted - dotted-decimal representation of new OID
@param shortname - short name for new OID
@param longname - long name for new OID
@returns Oid object corresponding to new OID
This function should be used with exreme care. Whenever
possible, it is better to add new OIDs via OpenSSL configuration
file
Results of calling this function twice for same OIDor for
Oid alredy in database are undefined
"""
if pyver > 2:
dotted = dotted.encode('ascii')
shortname = shortname.encode('utf-8')
longname = longname.encode('utf-8')
nid = libcrypto.OBJ_create(dotted, shortname, longname)
if nid == 0:
raise LibCryptoError("Problem adding new OID to the database")
return Oid(nid)
def private_key(self, key_id, ui_method = None, ui_data=None):
from ctypescrypto.pkey import PKey
if ui_method is None:
ui_ptr = libcrypto.UI_OpenSSL()
else:
ui_ptr = ui_method.ptr
pkey = libcrypto.ENGINE_load_private_key(self.ptr, key_id, ui_ptr,
ui_data)
if pkey is None:
raise LibCryptoError("Cannot load private key")
return PKey(ptr=pkey, cansign=True)
def set_default(engine):
"""
Loads specified engine and sets it as default for all
algorithms, supported by it
"""
global default
eng = libcrypto.ENGINE_by_id(engine)
if eng is None:
# Try load engine
eng = libcrypto.ENGINE_by_id("dynamic")
if eng is None:
raise LibCryptoError("Cannot get 'dynamic' engine")
if not libcrypto.ENGINE_ctrl_cmd_string(eng, "SO_PATH", engine, 0):
raise LibCryptoError("Cannot execute ctrl cmd SO_PATH")
if not libcrypto.ENGINE_ctrl_cmd_string(eng, "LOAD", None, 0):
raise LibCryptoError("Cannot execute ctrl cmd LOAD")
if eng is None:
raise ValueError("Cannot find engine " + engine)
libcrypto.ENGINE_set_default(eng, c_int(0xFFFF))
default = eng
def __init__(self, engine_id, **kwargs):
eng = libcrypto.ENGINE_by_id(engine_id)
if eng is None:
# Try load engine
eng = libcrypto.ENGINE_by_id("dynamic")
if eng is None:
raise LibCryptoError("Cannot get 'dynamic' engine")
if not libcrypto.ENGINE_ctrl_cmd_string(eng, "SO_PATH", engine_id,
0):
raise LibCryptoError("Cannot execute ctrl cmd SO_PATH")
if not libcrypto.ENGINE_ctrl_cmd_string(eng, "LOAD", None, 0):
raise LibCryptoError("Cannot execute ctrl cmd LOAD")
if eng is None:
raise ValueError("Cannot find engine " + engine)
for cmd, value in kwargs.items():
if not libcrypto.ENGINE_ctrl_cmd_string(eng, cmd, value, 0):
raise LibCryptoError("Cannot execute ctrl cmd %s" % cmd)
if not libcrypto.ENGINE_init(eng):
raise LibCryptoError("Cannot initialize engine")
self.ptr = eng
def pbkdf2(password, salt, outlen, digesttype="sha1", iterations=2000):
"""
Interface to PKCS5_PBKDF2_HMAC function
Parameters:
@param password - password to derive key from
@param salt - random salt to use for key derivation
@param outlen - number of bytes to derive
@param digesttype - name of digest to use to use (default sha1)
@param iterations - number of iterations to use
@returns outlen bytes of key material derived from password and salt
"""
dgst = DigestType(digesttype)
out = create_string_buffer(outlen)
res = libcrypto.PKCS5_PBKDF2_HMAC(password, len(password), salt, len(salt),
iterations, dgst.digest, outlen, out)
if res <= 0:
raise LibCryptoError("error computing PBKDF2")
return out.raw