diff options
| author | Rob Austein <sra@hactrn.net> | 2009-05-28 06:03:09 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2009-05-28 06:03:09 +0000 |
| commit | 57d8177c2746a63e193a7012461230df0a0a78aa (patch) | |
| tree | 714644dfad46f6ab0166ac610fc9c71ce40e929b /pow/POW-0.7/POW.c | |
| parent | 73648f919fa9630613a8a608f91930ca2a3bb43a (diff) | |
Massive cleanup, mostly cosmetic.
svn path=/pow/POW-0.7/POW.c; revision=2455
Diffstat (limited to 'pow/POW-0.7/POW.c')
| -rw-r--r-- | pow/POW-0.7/POW.c | 6949 |
1 files changed, 3459 insertions, 3490 deletions
diff --git a/pow/POW-0.7/POW.c b/pow/POW-0.7/POW.c index 92b43f52..92e6fccc 100644 --- a/pow/POW-0.7/POW.c +++ b/pow/POW-0.7/POW.c @@ -111,14 +111,14 @@ // SSL connection states // PEM encoded data types -#define RSA_PUBLIC_KEY 1 -#define RSA_PRIVATE_KEY 2 -#define DSA_PUBLIC_KEY 3 -#define DSA_PRIVATE_KEY 4 -#define DH_PUBLIC_KEY 5 -#define DH_PRIVATE_KEY 6 +#define RSA_PUBLIC_KEY 1 +#define RSA_PRIVATE_KEY 2 +#define DSA_PUBLIC_KEY 3 +#define DSA_PRIVATE_KEY 4 +#define DH_PUBLIC_KEY 5 +#define DH_PRIVATE_KEY 6 #define X509_CERTIFICATE 7 -#define X_X509_CRL 8 //X509_CRL already used by OpenSSL library +#define X_X509_CRL 8 // X509_CRL already used by OpenSSL library #define PKCS7_MESSAGE 9 #define CMS_MESSAGE 10 @@ -160,7 +160,7 @@ #define X_pkcs7_Check(op) ((op)->ob_type == &pkcs7type) #define X_cms_Check(op) ((op)->ob_type == &cmstype) -static char pow_module__doc__ [] = +static char pow_module__doc__ [] = "<moduleDescription>\n" " <header>\n" " <name>POW</name>\n" @@ -198,7 +198,7 @@ static char pow_module__doc__ [] = " several new features relating to security. Other areas have been\n" " improved: PRNG support, certificate and CRL signing, certificate chain\n" " and client verification. Many bugs have been fixed, and certain\n" -" parts of code re-written where necessary. I hope you enjoy using POW \n" +" parts of code re-written where necessary. I hope you enjoy using POW\n" " and please feel free to send me feature requests and bug reports.\n" " </para>\n" " </body>\n" @@ -222,64 +222,64 @@ static PyTypeObject cmstype; /*========== C stucts ==========*/ typedef struct { - PyObject_HEAD - X509 *x509; + PyObject_HEAD + X509 *x509; } x509_object; typedef struct { - PyObject_HEAD - X509_STORE *store; + PyObject_HEAD + X509_STORE *store; } x509_store_object; typedef struct { - PyObject_HEAD - X509_CRL *crl; + PyObject_HEAD + X509_CRL *crl; } x509_crl_object; typedef struct { - PyObject_HEAD - X509_REVOKED *revoked; + PyObject_HEAD + X509_REVOKED *revoked; } x509_revoked_object; typedef struct { - PyObject_HEAD - void *cipher; - int key_type; - int cipher_type; + PyObject_HEAD + void *cipher; + int key_type; + int cipher_type; } asymmetric_object; typedef struct { - PyObject_HEAD - EVP_CIPHER_CTX cipher_ctx; - int cipher_type; + PyObject_HEAD + EVP_CIPHER_CTX cipher_ctx; + int cipher_type; } symmetric_object; typedef struct { - PyObject_HEAD - EVP_MD_CTX digest_ctx; - int digest_type; + PyObject_HEAD + EVP_MD_CTX digest_ctx; + int digest_type; } digest_object; typedef struct { - PyObject_HEAD - HMAC_CTX hmac_ctx; + PyObject_HEAD + HMAC_CTX hmac_ctx; } hmac_object; typedef struct { - PyObject_HEAD - int ctxset; - SSL *ssl; - SSL_CTX *ctx; + PyObject_HEAD + int ctxset; + SSL *ssl; + SSL_CTX *ctx; } ssl_object; typedef struct { - PyObject_HEAD - PKCS7 *pkcs7; + PyObject_HEAD + PKCS7 *pkcs7; } pkcs7_object; typedef struct { - PyObject_HEAD - CMS_ContentInfo *cms; + PyObject_HEAD + CMS_ContentInfo *cms; } cms_object; /*========== C structs ==========*/ @@ -291,7 +291,7 @@ typedef struct { */ #if 0 -#define KVETCH(_msg_) write(2, _msg_ "\n", sizeof(_msg_)) +#define KVETCH(_msg_) write(2, _msg_ "\n", sizeof(_msg_)) #else #define KVETCH(_msg_) #endif @@ -310,70 +310,70 @@ typedef struct { * mention making it easier to track down obscure OpenSSL errors. */ -#define lose(_msg_) \ - do { \ - PyErr_SetString(SSLErrorObject, (_msg_)); \ - goto error; \ - } while (0) +#define lose(_msg_) \ + do { \ + PyErr_SetString(SSLErrorObject, (_msg_)); \ + goto error; \ + } while (0) -#define lose_type_error(_msg_) \ - do { \ - PyErr_SetString(PyExc_TypeError, (_msg_)); \ - goto error; \ - } while (0) +#define lose_type_error(_msg_) \ + do { \ + PyErr_SetString(PyExc_TypeError, (_msg_)); \ + goto error; \ + } while (0) -#define lose_openssl_error(_msg_) \ - do { \ - set_openssl_pyerror((_msg_)); \ - goto error; \ - } while (0) +#define lose_openssl_error(_msg_) \ + do { \ + set_openssl_pyerror((_msg_)); \ + goto error; \ + } while (0) #define lose_ssl_error(_self_, _code_) \ - do { \ - PyErr_SetObject(SSLErrorObject, \ - ssl_err_factory(SSL_get_error((_self_)->ssl, \ - (_code_)))); \ - goto error; \ - } while (0) - -#define assert_no_unhandled_openssl_errors() \ - do { \ - if (ERR_peek_error()) { \ - if (result) { \ - Py_XDECREF(result); \ - result = NULL; \ - } \ - lose_openssl_error(assert_helper(__LINE__)); \ - } \ - } while (0) + do { \ + PyErr_SetObject(SSLErrorObject, \ + ssl_err_factory(SSL_get_error((_self_)->ssl, \ + (_code_)))); \ + goto error; \ + } while (0) + +#define assert_no_unhandled_openssl_errors() \ + do { \ + if (ERR_peek_error()) { \ + if (result) { \ + Py_XDECREF(result); \ + result = NULL; \ + } \ + lose_openssl_error(assert_helper(__LINE__)); \ + } \ + } while (0) static char * assert_helper(int line) { - static const char fmt[] = "Unhandled OpenSSL error at " __FILE__ ":%d!"; - static char msg[sizeof(fmt) + 10]; + static const char fmt[] = "Unhandled OpenSSL error at " __FILE__ ":%d!"; + static char msg[sizeof(fmt) + 10]; - snprintf(msg, sizeof(msg), fmt, line); - return msg; + snprintf(msg, sizeof(msg), fmt, line); + return msg; } static int docset_helper_add(PyObject *set, char *v) { - PyObject *value = NULL; + PyObject *value = NULL; - if ( !(value = PyString_FromString(v) ) ) - lose("could not allocate memory"); + if ((value = PyString_FromString(v)) == NULL) + lose("could not allocate memory"); - if ( PyList_Append( set, value ) != 0) - goto error; + if (PyList_Append(set, value) != 0) + goto error; - return 1; + return 1; -error: + error: - Py_XDECREF(value); - return 0; + Py_XDECREF(value); + return 0; } /* @@ -383,363 +383,356 @@ error: static const EVP_CIPHER * evp_cipher_factory(int cipher_type) { - switch(cipher_type) - { + switch(cipher_type) { #ifndef OPENSSL_NO_DES - case DES_ECB: return EVP_des_ecb(); - case DES_EDE: return EVP_des_ede(); - case DES_EDE3: return EVP_des_ede3(); - case DES_CFB: return EVP_des_cfb(); - case DES_EDE_CFB: return EVP_des_ede_cfb(); - case DES_EDE3_CFB: return EVP_des_ede3_cfb(); - case DES_OFB: return EVP_des_ofb(); - case DES_EDE_OFB: return EVP_des_ede_ofb(); - case DES_EDE3_OFB: return EVP_des_ede3_ofb(); - case DES_CBC: return EVP_des_cbc(); - case DES_EDE_CBC: return EVP_des_ede_cbc(); - case DES_EDE3_CBC: return EVP_des_ede3_cbc(); - case DESX_CBC: return EVP_desx_cbc(); + case DES_ECB: return EVP_des_ecb(); + case DES_EDE: return EVP_des_ede(); + case DES_EDE3: return EVP_des_ede3(); + case DES_CFB: return EVP_des_cfb(); + case DES_EDE_CFB: return EVP_des_ede_cfb(); + case DES_EDE3_CFB: return EVP_des_ede3_cfb(); + case DES_OFB: return EVP_des_ofb(); + case DES_EDE_OFB: return EVP_des_ede_ofb(); + case DES_EDE3_OFB: return EVP_des_ede3_ofb(); + case DES_CBC: return EVP_des_cbc(); + case DES_EDE_CBC: return EVP_des_ede_cbc(); + case DES_EDE3_CBC: return EVP_des_ede3_cbc(); + case DESX_CBC: return EVP_desx_cbc(); #endif #ifndef OPENSSL_NO_RC4 - case RC4: return EVP_rc4(); - case RC4_40: return EVP_rc4_40(); + case RC4: return EVP_rc4(); + case RC4_40: return EVP_rc4_40(); #endif #ifndef OPENSSL_NO_IDEA - case IDEA_ECB: return EVP_idea_ecb(); - case IDEA_CFB: return EVP_idea_cfb(); - case IDEA_OFB: return EVP_idea_ofb(); - case IDEA_CBC: return EVP_idea_cbc(); + case IDEA_ECB: return EVP_idea_ecb(); + case IDEA_CFB: return EVP_idea_cfb(); + case IDEA_OFB: return EVP_idea_ofb(); + case IDEA_CBC: return EVP_idea_cbc(); #endif #ifndef OPENSSL_NO_RC2 - case RC2_ECB: return EVP_rc2_ecb(); - case RC2_CBC: return EVP_rc2_cbc(); - case RC2_40_CBC: return EVP_rc2_40_cbc(); - case RC2_CFB: return EVP_rc2_cfb(); - case RC2_OFB: return EVP_rc2_ofb(); + case RC2_ECB: return EVP_rc2_ecb(); + case RC2_CBC: return EVP_rc2_cbc(); + case RC2_40_CBC: return EVP_rc2_40_cbc(); + case RC2_CFB: return EVP_rc2_cfb(); + case RC2_OFB: return EVP_rc2_ofb(); #endif #ifndef OPENSSL_NO_BF - case BF_ECB: return EVP_bf_ecb(); - case BF_CBC: return EVP_bf_cbc(); - case BF_CFB: return EVP_bf_cfb(); - case BF_OFB: return EVP_bf_ofb(); + case BF_ECB: return EVP_bf_ecb(); + case BF_CBC: return EVP_bf_cbc(); + case BF_CFB: return EVP_bf_cfb(); + case BF_OFB: return EVP_bf_ofb(); #endif #ifndef OPENSSL_NO_CAST5 - case CAST5_ECB: return EVP_cast5_ecb(); - case CAST5_CBC: return EVP_cast5_cbc(); - case CAST5_CFB: return EVP_cast5_cfb(); - case CAST5_OFB: return EVP_cast5_ofb(); + case CAST5_ECB: return EVP_cast5_ecb(); + case CAST5_CBC: return EVP_cast5_cbc(); + case CAST5_CFB: return EVP_cast5_cfb(); + case CAST5_OFB: return EVP_cast5_ofb(); #endif #ifndef OPENSSL_NO_RC5 - case RC5_32_12_16_CBC: return EVP_rc5_32_12_16_cbc(); - case RC5_32_12_16_CFB: return EVP_rc5_32_12_16_cfb(); - case RC5_32_12_16_ECB: return EVP_rc5_32_12_16_ecb(); - case RC5_32_12_16_OFB: return EVP_rc5_32_12_16_ofb(); + case RC5_32_12_16_CBC: return EVP_rc5_32_12_16_cbc(); + case RC5_32_12_16_CFB: return EVP_rc5_32_12_16_cfb(); + case RC5_32_12_16_ECB: return EVP_rc5_32_12_16_ecb(); + case RC5_32_12_16_OFB: return EVP_rc5_32_12_16_ofb(); #endif - default: return NULL; - } + default: return NULL; + } } static PyObject * ssl_err_factory(int err) { - switch(err) - { - case SSL_ERROR_NONE: - return Py_BuildValue( "(is)", SSL_ERROR_NONE, "SSL_ERROR_NONE" ); - case SSL_ERROR_ZERO_RETURN: - return Py_BuildValue( "(is)", SSL_ERROR_ZERO_RETURN, "SSL_ERROR_ZERO_RETURN" ); - case SSL_ERROR_WANT_READ: - return Py_BuildValue( "(is)", SSL_ERROR_WANT_READ, "SSL_ERROR_WANT_READ" ); - case SSL_ERROR_WANT_WRITE: - return Py_BuildValue( "(is)", SSL_ERROR_WANT_WRITE, "SSL_ERROR_WANT_WRITE" ); - case SSL_ERROR_WANT_X509_LOOKUP: - return Py_BuildValue( "(is)", SSL_ERROR_WANT_X509_LOOKUP, "SSL_ERROR_WANT_X509_LOOKUP" ); - case SSL_ERROR_SYSCALL: - return Py_BuildValue( "(is)", SSL_ERROR_SYSCALL, "SSL_ERROR_SYSCALL" ); - case SSL_ERROR_SSL: - return Py_BuildValue( "(is)", SSL_ERROR_SSL, "SSL_ERROR_SSL" ); - case SSL_ERROR_WANT_CONNECT: - return Py_BuildValue( "(is)", SSL_ERROR_WANT_CONNECT, "SSL_ERROR_WANT_CONNECT" ); - case SSL_ERROR_WANT_ACCEPT: - return Py_BuildValue( "(is)", SSL_ERROR_WANT_ACCEPT, "SSL_ERROR_WANT_ACCEPT" ); - - default: - return Py_BuildValue( "(is)", err, "UNKNOWN_SSL_ERROR" ); - } + switch(err) { + case SSL_ERROR_NONE: + return Py_BuildValue("(is)", SSL_ERROR_NONE, "SSL_ERROR_NONE"); + case SSL_ERROR_ZERO_RETURN: + return Py_BuildValue("(is)", SSL_ERROR_ZERO_RETURN, "SSL_ERROR_ZERO_RETURN"); + case SSL_ERROR_WANT_READ: + return Py_BuildValue("(is)", SSL_ERROR_WANT_READ, "SSL_ERROR_WANT_READ"); + case SSL_ERROR_WANT_WRITE: + return Py_BuildValue("(is)", SSL_ERROR_WANT_WRITE, "SSL_ERROR_WANT_WRITE"); + case SSL_ERROR_WANT_X509_LOOKUP: + return Py_BuildValue("(is)", SSL_ERROR_WANT_X509_LOOKUP, "SSL_ERROR_WANT_X509_LOOKUP"); + case SSL_ERROR_SYSCALL: + return Py_BuildValue("(is)", SSL_ERROR_SYSCALL, "SSL_ERROR_SYSCALL"); + case SSL_ERROR_SSL: + return Py_BuildValue("(is)", SSL_ERROR_SSL, "SSL_ERROR_SSL"); + case SSL_ERROR_WANT_CONNECT: + return Py_BuildValue("(is)", SSL_ERROR_WANT_CONNECT, "SSL_ERROR_WANT_CONNECT"); + case SSL_ERROR_WANT_ACCEPT: + return Py_BuildValue("(is)", SSL_ERROR_WANT_ACCEPT, "SSL_ERROR_WANT_ACCEPT"); + + default: + return Py_BuildValue("(is)", err, "UNKNOWN_SSL_ERROR"); + } } static PyObject * X509_object_helper_set_name(X509_NAME *name, PyObject *name_sequence) { - PyObject *pair = NULL; PyObject *type = NULL; PyObject *value = NULL; - int no_pairs = 0, i = 0, str_type = 0, nid; - unsigned char *valueptr = NULL; - char *typeptr = NULL; + PyObject *pair = NULL; PyObject *type = NULL; PyObject *value = NULL; + int no_pairs = 0, i = 0, str_type = 0, nid; + unsigned char *valueptr = NULL; + char *typeptr = NULL; - no_pairs = PySequence_Size( name_sequence ); - for (i = 0; i < no_pairs; i++) - { - if ( ( pair = PySequence_GetItem( name_sequence, i ) ) == NULL ) - return NULL; + no_pairs = PySequence_Size(name_sequence); + for (i = 0; i < no_pairs; i++) { + if ((pair = PySequence_GetItem(name_sequence, i)) == NULL) + return NULL; - if ( !( PyTuple_Check(pair) || PyList_Check(pair) ) ) - lose_type_error("inapropriate type"); + if (!PyTuple_Check(pair) && !PyList_Check(pair)) + lose_type_error("inapropriate type"); - if ( PySequence_Size(pair) != 2 ) - lose("each name entry must have 2 elements"); + if (PySequence_Size(pair) != 2) + lose("each name entry must have 2 elements"); - if ( !(type = PySequence_GetItem( pair, 0 ) ) ) - lose_type_error("could not get type string"); + if ((type = PySequence_GetItem(pair, 0)) == NULL) + lose_type_error("could not get type string"); - if ( !PyString_Check(type) ) - lose_type_error("inapropriate type"); + if (!PyString_Check(type)) + lose_type_error("inapropriate type"); - if ( !( value = PySequence_GetItem( pair, 1 ) ) ) - lose_type_error("could not get value string"); + if ((value = PySequence_GetItem(pair, 1)) == NULL) + lose_type_error("could not get value string"); - if ( !PyString_Check(value) ) - lose_type_error("inapropriate type"); + if (!PyString_Check(value)) + lose_type_error("inapropriate type"); - typeptr = PyString_AsString(type); - valueptr = (unsigned char *) PyString_AsString(value); + typeptr = PyString_AsString(type); + valueptr = (unsigned char *) PyString_AsString(value); - str_type = ASN1_PRINTABLE_type( valueptr, -1 ); - if ( !(nid = OBJ_ln2nid(typeptr)) ) - if ( !(nid = OBJ_sn2nid(typeptr)) ) - lose("unknown ASN1 object"); + str_type = ASN1_PRINTABLE_type(valueptr, -1); + if ((nid = OBJ_ln2nid(typeptr)) == 0 && + (nid = OBJ_sn2nid(typeptr)) == 0) + lose("unknown ASN1 object"); - if ( !X509_NAME_add_entry_by_NID( name, nid, str_type, valueptr, strlen((char *) valueptr), -1, 0 ) ) - lose("unable to add name entry"); + if (!X509_NAME_add_entry_by_NID(name, nid, str_type, valueptr, + strlen((char *) valueptr), -1, 0)) + lose("unable to add name entry"); - Py_DECREF(pair); - Py_DECREF(type); - Py_DECREF(value); - pair = NULL; - type = NULL; - value = NULL; - } - return name_sequence; + Py_DECREF(pair); + Py_DECREF(type); + Py_DECREF(value); + pair = NULL; + type = NULL; + value = NULL; + } + return name_sequence; -error: + error: - Py_XDECREF(pair); - Py_XDECREF(type); - Py_XDECREF(value); + Py_XDECREF(pair); + Py_XDECREF(type); + Py_XDECREF(value); - return NULL; + return NULL; } static PyObject * X509_object_helper_get_name(X509_NAME *name, int format) { - int no_entries = 0, no_pairs = 0, i = 0, j = 0, value_len = 0, nid = 0; - X509_NAME_ENTRY *entry = NULL; - char *value = NULL, long_name[512]; - const char *short_name; + int no_entries = 0, no_pairs = 0, i = 0, j = 0, value_len = 0, nid = 0; + X509_NAME_ENTRY *entry = NULL; + char *value = NULL, long_name[512]; + const char *short_name; + + PyObject *result_list = NULL; + PyObject *pair = NULL; + PyObject *py_type = NULL; + PyObject *py_value = NULL; + + no_entries = X509_NAME_entry_count(name); + + if ((result_list = PyTuple_New(no_entries)) == NULL) + lose("could not allocate memory"); + + for(i = 0; i < no_entries; i++) { + if ((entry = X509_NAME_get_entry(name, i)) == NULL) + lose("could not get certificate name"); + + if (entry->value->length + 1 > value_len) { + if (value) + free(value); + + if ((value = malloc(entry->value->length + 1)) == NULL) + lose("could not allocate memory"); + + value_len = entry->value->length + 1; + } + memcpy(value, entry->value->data, entry->value->length); + value[entry->value->length] = 0; - PyObject *result_list = NULL; - PyObject *pair = NULL; - PyObject *py_type = NULL; - PyObject *py_value = NULL; + if (!i2t_ASN1_OBJECT(long_name, sizeof(long_name), entry->object)) + lose("could not find object name"); - no_entries = X509_NAME_entry_count( name ); + switch (format) { + case SHORTNAME_FORMAT: + nid = OBJ_ln2nid(long_name); + short_name = OBJ_nid2sn(nid); + py_type = PyString_FromString(short_name); + break; + case LONGNAME_FORMAT: + py_type = PyString_FromString(long_name); + break; + default: + lose("unknown name format"); + } - if ( !(result_list = PyTuple_New( no_entries ) ) ) + py_value = PyString_FromString(value); + + if ((pair = PyTuple_New(2)) == NULL) lose("could not allocate memory"); - for(i = 0; i < no_entries; i++) - { - if ( !(entry = X509_NAME_get_entry( name, i ) ) ) - lose("could not get certificate name"); + PyTuple_SetItem(pair, 0, py_type); + PyTuple_SetItem(pair, 1, py_value); + PyTuple_SetItem(result_list, i, pair); + } - if (entry->value->length + 1 > value_len) - { - if (value) - free(value); + if (value) + free(value); - if ( !(value = malloc( entry->value->length + 1 ) ) ) - lose("could not allocate memory"); + return result_list; - value_len = entry->value->length + 1; - } - memcpy( value, entry->value->data, entry->value->length ); - value[ entry->value->length ] = 0; + error: - if ( !(i2t_ASN1_OBJECT(long_name, sizeof(long_name), entry->object) ) ) - lose("could not object name"); + if (value) + free(value); - if ( format == SHORTNAME_FORMAT ) - { - nid = OBJ_ln2nid( long_name ); - short_name = OBJ_nid2sn( nid ); - py_type = PyString_FromString(short_name); - } - else if ( format == LONGNAME_FORMAT ) - py_type = PyString_FromString(long_name); - else - lose("unknown name format"); - - py_value = PyString_FromString(value); - - if ( !(pair = PyTuple_New( 2 ) ) ) - lose("could not allocate memory"); - - PyTuple_SetItem( pair, 0, py_type ); - PyTuple_SetItem( pair, 1, py_value ); - PyTuple_SetItem( result_list, i, pair ); - } - - if (value) - free(value); - - return result_list; - -error: - - if (value) - free(value); - - if (result_list) - { - no_pairs = PyTuple_Size( result_list ); - for (i = 0; i < no_pairs; i++) - { - pair = PyTuple_GetItem( result_list, i ); - no_entries = PyTuple_Size( result_list ); - for (j = 0; j < no_entries; j++) - { - py_value = PyTuple_GetItem( pair, i ); - Py_DECREF( py_value ); - } + if (result_list) { + no_pairs = PyTuple_Size(result_list); + for (i = 0; i < no_pairs; i++) { + pair = PyTuple_GetItem(result_list, i); + no_entries = PyTuple_Size(result_list); + for (j = 0; j < no_entries; j++) { + py_value = PyTuple_GetItem(pair, i); + Py_DECREF(py_value); } - } + } + } - Py_XDECREF(py_type); - Py_XDECREF(py_value); - Py_XDECREF(result_list); - return NULL; + Py_XDECREF(py_type); + Py_XDECREF(py_value); + Py_XDECREF(result_list); + return NULL; } static void set_openssl_pyerror(const char *msg) { - char *buf = NULL; - BIO *bio = NULL; - int len; + char *buf = NULL; + BIO *bio = NULL; + int len; - if (!(bio = BIO_new(BIO_s_mem()))) - goto error; + if ((bio = BIO_new(BIO_s_mem())) == NULL) + goto error; - BIO_puts(bio, msg); - BIO_puts(bio, ":\n"); - ERR_print_errors(bio); + BIO_puts(bio, msg); + BIO_puts(bio, ":\n"); + ERR_print_errors(bio); - if (!(len = BIO_ctrl_pending(bio))) - goto error; - if (!(buf = malloc(len + 1))) - goto error; - if (BIO_read(bio, buf, len) != len) - goto error; - buf[len] = '\0'; + if ((len = BIO_ctrl_pending(bio)) == 0) + goto error; + if ((buf = malloc(len + 1)) == NULL) + goto error; + if (BIO_read(bio, buf, len) != len) + goto error; + buf[len] = '\0'; - PyErr_SetString(SSLErrorObject, buf); + PyErr_SetString(SSLErrorObject, buf); - /* fall through */ -error: + /* fall through */ + error: - if (bio) - BIO_free(bio); - if (buf) - free(buf); + if (bio) + BIO_free(bio); + if (buf) + free(buf); } static STACK_OF(X509) * x509_helper_sequence_to_stack(PyObject *x509_sequence) { - x509_object *tmpX509 = NULL; - STACK_OF(X509) *x509_stack = NULL; - int size = 0, i = 0; + x509_object *tmpX509 = NULL; + STACK_OF(X509) *x509_stack = NULL; + int size = 0, i = 0; - if ( x509_sequence != Py_None && !PyTuple_Check( x509_sequence ) && !PyList_Check(x509_sequence) ) - lose_type_error("inapropriate type"); + if (x509_sequence != Py_None && !PyTuple_Check(x509_sequence) && !PyList_Check(x509_sequence)) + lose_type_error("inapropriate type"); - if (!(x509_stack = sk_X509_new_null() ) ) - lose("could not create new x509 stack"); + if ((x509_stack = sk_X509_new_null()) == NULL) + lose("could not create new x509 stack"); - if ( x509_sequence != Py_None ) - { - size = PySequence_Size( x509_sequence ); + if (x509_sequence != Py_None) { + size = PySequence_Size(x509_sequence); - for (i = 0; i < size; i++) - { - if ( !( tmpX509 = (x509_object*)PySequence_GetItem( x509_sequence, i ) ) ) - goto error; + for (i = 0; i < size; i++) { + if ((tmpX509 = (x509_object*)PySequence_GetItem(x509_sequence, i)) == NULL) + goto error; - if ( !X_X509_Check( tmpX509 ) ) - lose_type_error("inapropriate type"); + if (!X_X509_Check(tmpX509)) + lose_type_error("inapropriate type"); - if (!sk_X509_push( x509_stack, tmpX509->x509 ) ) - lose("could not add x509 to stack"); - Py_DECREF(tmpX509); - tmpX509 = NULL; - } - } + if (!sk_X509_push(x509_stack, tmpX509->x509)) + lose("could not add x509 to stack"); + Py_DECREF(tmpX509); + tmpX509 = NULL; + } + } - return x509_stack; + return x509_stack; -error: + error: - if(x509_stack) - sk_X509_free(x509_stack); + if(x509_stack) + sk_X509_free(x509_stack); - Py_XDECREF(tmpX509); + Py_XDECREF(tmpX509); - return NULL; + return NULL; } static PyObject * stack_to_tuple_helper(_STACK *sk, PyObject *(*handler)(void *)) { - PyObject *result_list = NULL, *result_tuple = NULL, *obj = NULL; - int n, i; + PyObject *result_list = NULL, *result_tuple = NULL, *obj = NULL; + int n, i; - if ( !(result_list = PyList_New(0))) + if ((result_list = PyList_New(0)) == NULL) + lose("could not allocate memory"); + + while (sk_num(sk)) { + + if ((obj = handler(sk_value(sk, 0))) == NULL) lose("could not allocate memory"); - while (sk_num(sk)) { + sk_shift(sk); - if ( !(obj = handler(sk_value(sk, 0)))) - lose("could not allocate memory"); + if (PyList_Append(result_list, obj) != 0) + goto error; - sk_shift(sk); + obj = NULL; + } - if (PyList_Append(result_list, obj) != 0) - goto error; + result_tuple = PyList_AsTuple(result_list); + Py_DECREF(result_list); - obj = NULL; - } + return Py_BuildValue("O", result_tuple); - result_tuple = PyList_AsTuple(result_list); - Py_DECREF(result_list); - - return Py_BuildValue("O", result_tuple); + error: -error: + if (obj) { + Py_DECREF(obj); + } - if (obj) { + if (result_list) { + n = PyList_Size(result_list); + for (i = 0; i < n; i++) { + obj = PyList_GetItem(result_list, i); Py_DECREF(obj); - } + } + Py_DECREF(result_list); + } - if (result_list) { - n = PyList_Size(result_list); - for (i = 0; i < n; i++) { - obj = PyList_GetItem(result_list, i); - Py_DECREF(obj); - } - Py_DECREF(result_list); - } - - return NULL; + return NULL; } /*========== helper funcitons ==========*/ @@ -748,19 +741,19 @@ error: static x509_object * X509_object_new(void) { - x509_object *self; + x509_object *self; - self = PyObject_New( x509_object, &x509type ); - if (self == NULL) - goto error; + self = PyObject_New(x509_object, &x509type); + if (self == NULL) + goto error; - self->x509 = X509_new(); - return self; + self->x509 = X509_new(); + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } /* @@ -770,42 +763,42 @@ error: static x509_object * X509_object_pem_read(BIO *in) { - x509_object *self; + x509_object *self; - if ( !(self = PyObject_New( x509_object, &x509type ) ) ) - goto error; + if ((self = PyObject_New(x509_object, &x509type)) == NULL) + goto error; - if( !(self->x509 = PEM_read_bio_X509( in, NULL, NULL, NULL ) ) ) - lose("could not load PEM encoded certificate"); + if ((self->x509 = PEM_read_bio_X509(in, NULL, NULL, NULL)) == NULL) + lose("could not load PEM encoded certificate"); - return self; + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } static x509_object * X509_object_der_read(unsigned char *src, int len) { - x509_object *self; - unsigned char *ptr = src; + x509_object *self; + unsigned char *ptr = src; - if ( !(self = PyObject_New( x509_object, &x509type ) ) ) - goto error; + if ((self = PyObject_New(x509_object, &x509type)) == NULL) + goto error; - self->x509 = X509_new(); + self->x509 = X509_new(); - if( !(d2i_X509( &self->x509, (const unsigned char **) &ptr, len ) ) ) - lose("could not load PEM encoded certificate"); + if(!d2i_X509(&self->x509, (const unsigned char **) &ptr, len)) + lose("could not load PEM encoded certificate"); - return self; + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } /* @@ -816,57 +809,60 @@ error: static PyObject * X509_object_write_helper(x509_object *self, PyObject *args, int format) { - int len = 0; - char *buf = NULL; - BIO *out_bio = NULL; - PyObject *cert = NULL; - - if (!PyArg_ParseTuple(args, "")) - return NULL; + int len = 0; + char *buf = NULL; + BIO *out_bio = NULL; + PyObject *cert = NULL; - out_bio = BIO_new(BIO_s_mem()); + if (!PyArg_ParseTuple(args, "")) + return NULL; - if (format == DER_FORMAT) - { - if (!i2d_X509_bio(out_bio, self->x509) ) - lose("unable to write certificate"); - } - else if (format == PEM_FORMAT) - { - if (!PEM_write_bio_X509(out_bio, self->x509) ) - lose("unable to write certificate"); - } - else - lose("internal error, unknown output format"); + out_bio = BIO_new(BIO_s_mem()); - if ( !(len = BIO_ctrl_pending(out_bio) ) ) - lose("unable to get bytes stored in bio"); + switch (format) { - if ( !(buf = malloc(len) ) ) - lose("unable to allocate memory"); + case DER_FORMAT: + if (!i2d_X509_bio(out_bio, self->x509)) + lose("unable to write certificate"); + break; - if ( BIO_read( out_bio, buf, len ) != len ) - lose("unable to write out cert"); + case PEM_FORMAT: + if (!PEM_write_bio_X509(out_bio, self->x509)) + lose("unable to write certificate"); + break; - cert = Py_BuildValue("s#", buf, len); + default: + lose("internal error, unknown output format"); + } - BIO_free(out_bio); - free(buf); - return cert; - -error: + if ((len = BIO_ctrl_pending(out_bio)) == 0) + lose("unable to get bytes stored in bio"); - if (out_bio) - BIO_free(out_bio); + if ((buf = malloc(len)) == NULL) + lose("unable to allocate memory"); - if (buf) - free(buf); + if (BIO_read(out_bio, buf, len) != len) + lose("unable to write out cert"); - Py_XDECREF(cert); - return NULL; + cert = Py_BuildValue("s#", buf, len); + + BIO_free(out_bio); + free(buf); + return cert; + + error: + + if (out_bio) + BIO_free(out_bio); + + if (buf) + free(buf); + + Py_XDECREF(cert); + return NULL; } -static char X509_object_pem_write__doc__[] = +static char X509_object_pem_write__doc__[] = "<method>\n" " <header>\n" " <memberof>X509</memberof>\n" @@ -884,7 +880,7 @@ static char X509_object_pem_write__doc__[] = static PyObject * X509_object_pem_write(x509_object *self, PyObject *args) { - return X509_object_write_helper(self, args, PEM_FORMAT); + return X509_object_write_helper(self, args, PEM_FORMAT); } static char X509_object_der_write__doc__[] = @@ -905,13 +901,13 @@ static char X509_object_der_write__doc__[] = static PyObject * X509_object_der_write(x509_object *self, PyObject *args) { - return X509_object_write_helper(self, args, DER_FORMAT); + return X509_object_write_helper(self, args, DER_FORMAT); } /* * Currently this function only supports RSA keys. */ -static char X509_object_set_public_key__doc__[] = +static char X509_object_set_public_key__doc__[] = "<method>\n" " <header>\n" " <memberof>X509</memberof>\n" @@ -932,33 +928,33 @@ static char X509_object_set_public_key__doc__[] = static PyObject * X509_object_set_public_key(x509_object *self, PyObject *args) { - EVP_PKEY *pkey = NULL; - asymmetric_object *asym; + EVP_PKEY *pkey = NULL; + asymmetric_object *asym; - if (!PyArg_ParseTuple(args, "O!", &asymmetrictype, &asym)) - goto error; + if (!PyArg_ParseTuple(args, "O!", &asymmetrictype, &asym)) + goto error; - if ( !(pkey = EVP_PKEY_new() ) ) - lose("could not allocate memory"); + if ((pkey = EVP_PKEY_new()) == NULL) + lose("could not allocate memory"); - if ( !(EVP_PKEY_assign_RSA(pkey, asym->cipher) ) ) - lose("EVP_PKEY assignment error"); + if (!EVP_PKEY_assign_RSA(pkey, asym->cipher)) + lose("EVP_PKEY assignment error"); - if ( !(X509_set_pubkey(self->x509,pkey) ) ) - lose("could not set certificate's public key"); + if (!X509_set_pubkey(self->x509,pkey)) + lose("could not set certificate's public key"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - if (pkey) - EVP_PKEY_free(pkey); + if (pkey) + EVP_PKEY_free(pkey); - return NULL; + return NULL; } -static char X509_object_sign__doc__[] = +static char X509_object_sign__doc__[] = "<method>\n" " <header>\n" " <memberof>X509</memberof>\n" @@ -972,8 +968,8 @@ static char X509_object_sign__doc__[] = " example for the methods which should be invoked before signing a\n" " certificate. <parameter>key</parameter> should be an instance of\n" " <classname>Asymmetric</classname> containing a private key.\n" -" The optional parameter <parameter>digest</parameter> indicates \n" -" which digest function should be used to compute the hash to be \n" +" The optional parameter <parameter>digest</parameter> indicates\n" +" which digest function should be used to compute the hash to be\n" " signed, it should be one of the following:\n" " </para>\n" " <simplelist>\n" @@ -994,86 +990,76 @@ static char X509_object_sign__doc__[] = static PyObject * X509_object_sign(x509_object *self, PyObject *args) { - EVP_PKEY *pkey = NULL; - asymmetric_object *asym; - int digest = MD5_DIGEST; + EVP_PKEY *pkey = NULL; + asymmetric_object *asym; + int digest = MD5_DIGEST; - if (!PyArg_ParseTuple(args, "O!|i", &asymmetrictype, &asym, &digest)) - goto error; + if (!PyArg_ParseTuple(args, "O!|i", &asymmetrictype, &asym, &digest)) + goto error; - if ( !(pkey = EVP_PKEY_new() ) ) - lose("could not allocate memory"); + if ((pkey = EVP_PKEY_new()) == NULL) + lose("could not allocate memory"); - if (asym->key_type != RSA_PRIVATE_KEY) - lose("cannot use this type of key"); + if (asym->key_type != RSA_PRIVATE_KEY) + lose("cannot use this type of key"); - if ( !(EVP_PKEY_assign_RSA(pkey, asym->cipher) ) ) - lose("EVP_PKEY assignment error"); + if (!EVP_PKEY_assign_RSA(pkey, asym->cipher)) + lose("EVP_PKEY assignment error"); - switch (digest) - { - case MD5_DIGEST: - { - if (!X509_sign(self->x509, pkey, EVP_md5() ) ) - lose("could not sign certificate"); - break; - } - case MD2_DIGEST: - { - if (!X509_sign(self->x509, pkey, EVP_md2() ) ) - lose("could not sign certificate"); - break; - } - case SHA_DIGEST: - { - if (!X509_sign(self->x509, pkey, EVP_sha() ) ) - lose("could not sign certificate"); - break; - } - case SHA1_DIGEST: - { - if (!X509_sign(self->x509, pkey, EVP_sha1() ) ) - lose("could not sign certificate"); - break; - } - case RIPEMD160_DIGEST: - { - if (!X509_sign(self->x509, pkey, EVP_ripemd160() ) ) - lose("could not sign certificate"); - break; - } - case SHA256_DIGEST: - { - if (!X509_sign(self->x509, pkey, EVP_sha256() ) ) - lose("could not sign certificate"); - break; - } - case SHA384_DIGEST: - { - if (!X509_sign(self->x509, pkey, EVP_sha384() ) ) - lose("could not sign certificate"); - break; - } - case SHA512_DIGEST: - { - if (!X509_sign(self->x509, pkey, EVP_sha512() ) ) - lose("could not sign certificate"); - break; - } - } + switch (digest) { + case MD5_DIGEST: + if (!X509_sign(self->x509, pkey, EVP_md5())) + lose("could not sign certificate"); + break; + + case MD2_DIGEST: + if (!X509_sign(self->x509, pkey, EVP_md2())) + lose("could not sign certificate"); + break; - return Py_BuildValue(""); + case SHA_DIGEST: + if (!X509_sign(self->x509, pkey, EVP_sha())) + lose("could not sign certificate"); + break; -error: + case SHA1_DIGEST: + if (!X509_sign(self->x509, pkey, EVP_sha1())) + lose("could not sign certificate"); + break; - if (pkey) - EVP_PKEY_free(pkey); + case RIPEMD160_DIGEST: + if (!X509_sign(self->x509, pkey, EVP_ripemd160())) + lose("could not sign certificate"); + break; - return NULL; + case SHA256_DIGEST: + if (!X509_sign(self->x509, pkey, EVP_sha256())) + lose("could not sign certificate"); + break; + + case SHA384_DIGEST: + if (!X509_sign(self->x509, pkey, EVP_sha384())) + lose("could not sign certificate"); + break; + + case SHA512_DIGEST: + if (!X509_sign(self->x509, pkey, EVP_sha512())) + lose("could not sign certificate"); + break; + } + + return Py_BuildValue(""); + + error: + + if (pkey) + EVP_PKEY_free(pkey); + + return NULL; } -static char X509_object_get_version__doc__[] = +static char X509_object_get_version__doc__[] = "<method>\n" " <header>\n" " <memberof>X509</memberof>\n" @@ -1082,7 +1068,7 @@ static char X509_object_get_version__doc__[] = " <body>\n" " <para>\n" " This method returns the version number from the version field of\n" -" this certificate. \n" +" this certificate.\n" " </para>\n" " </body>\n" "</method>\n" @@ -1092,22 +1078,21 @@ static char X509_object_get_version__doc__[] = static PyObject * X509_object_get_version(x509_object *self, PyObject *args) { - long version = 0; + long version = 0; - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - if ( !(version = X509_get_version( self->x509 ) ) ) - lose("could not get certificate version"); + version = X509_get_version(self->x509); - return Py_BuildValue("l", version); + return Py_BuildValue("l", version); -error: + error: - return NULL; + return NULL; } -static char X509_object_set_version__doc__[] = +static char X509_object_set_version__doc__[] = "<method>\n" " <header>\n" " <memberof>X509</memberof>\n" @@ -1127,19 +1112,19 @@ static char X509_object_set_version__doc__[] = static PyObject * X509_object_set_version(x509_object *self, PyObject *args) { - long version = 0; + long version = 0; - if (!PyArg_ParseTuple(args, "l", &version)) - goto error; + if (!PyArg_ParseTuple(args, "l", &version)) + goto error; - if ( !X509_set_version( self->x509, version ) ) - lose("could not set certificate version"); + if (!X509_set_version(self->x509, version)) + lose("could not set certificate version"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static char X509_object_get_serial__doc__[] = @@ -1160,26 +1145,26 @@ static char X509_object_get_serial__doc__[] = static PyObject * X509_object_get_serial(x509_object *self, PyObject *args) { - long serial = 0; - ASN1_INTEGER *asn1i = NULL; + long serial = 0; + ASN1_INTEGER *asn1i = NULL; - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - if ( !(asn1i = X509_get_serialNumber( self->x509 ) ) ) - lose("could not get serial number"); + if ((asn1i = X509_get_serialNumber(self->x509)) == NULL) + lose("could not get serial number"); - if ( (serial = ASN1_INTEGER_get(asn1i) ) == -1 ) - lose("could not convert ASN1 Integer to long"); + if ((serial = ASN1_INTEGER_get(asn1i)) == -1) + lose("could not convert ASN1 Integer to long"); - return Py_BuildValue("l", serial); + return Py_BuildValue("l", serial); -error: + error: - return NULL; + return NULL; } -static char X509_object_set_serial__doc__[] = +static char X509_object_set_serial__doc__[] = "<method>\n" " <header>\n" " <memberof>X509</memberof>\n" @@ -1199,31 +1184,31 @@ static char X509_object_set_serial__doc__[] = static PyObject * X509_object_set_serial(x509_object *self, PyObject *args) { - long serial = 0; - ASN1_INTEGER *asn1i = NULL; + long serial = 0; + ASN1_INTEGER *asn1i = NULL; - if (!PyArg_ParseTuple(args, "l", &serial)) - goto error; + if (!PyArg_ParseTuple(args, "l", &serial)) + goto error; - if ( !(asn1i = ASN1_INTEGER_new() ) ) - lose("could not allocate memory"); + if ((asn1i = ASN1_INTEGER_new()) == NULL) + lose("could not allocate memory"); - if ( !ASN1_INTEGER_set( asn1i, serial ) ) - lose("could not set ASN1 integer"); + if (!ASN1_INTEGER_set(asn1i, serial)) + lose("could not set ASN1 integer"); - if ( !X509_set_serialNumber( self->x509, asn1i ) ) - lose("could not set certificate serial"); + if (!X509_set_serialNumber(self->x509, asn1i)) + lose("could not set certificate serial"); - ASN1_INTEGER_free(asn1i); + ASN1_INTEGER_free(asn1i); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - if (asn1i) - ASN1_INTEGER_free(asn1i); + if (asn1i) + ASN1_INTEGER_free(asn1i); - return NULL; + return NULL; } static char X509_object_get_issuer__doc__[] = @@ -1262,27 +1247,27 @@ static char X509_object_get_issuer__doc__[] = static PyObject * X509_object_get_issuer(x509_object *self, PyObject *args) { - PyObject *result_list = NULL; - X509_NAME *name = NULL; - int format = SHORTNAME_FORMAT; + PyObject *result_list = NULL; + X509_NAME *name = NULL; + int format = SHORTNAME_FORMAT; - if (!PyArg_ParseTuple(args, "|i", &format)) - goto error; + if (!PyArg_ParseTuple(args, "|i", &format)) + goto error; - if ( !(name = X509_get_issuer_name( self->x509 ) ) ) - lose("could not get issuers name"); + if ((name = X509_get_issuer_name(self->x509)) == NULL) + lose("could not get issuers name"); - if ( !(result_list = X509_object_helper_get_name(name, format) ) ) - lose("failed to produce name list"); + if ((result_list = X509_object_helper_get_name(name, format)) == NULL) + lose("failed to produce name list"); - return result_list; + return result_list; -error: + error: - return NULL; + return NULL; } -static char X509_object_get_subject__doc__[] = +static char X509_object_get_subject__doc__[] = "<method>\n" " <header>\n" " <memberof>X509</memberof>\n" @@ -1302,24 +1287,24 @@ static char X509_object_get_subject__doc__[] = static PyObject * X509_object_get_subject(x509_object *self, PyObject *args) { - PyObject *result_list = NULL; - X509_NAME *name = NULL; - int format = SHORTNAME_FORMAT; + PyObject *result_list = NULL; + X509_NAME *name = NULL; + int format = SHORTNAME_FORMAT; - if (!PyArg_ParseTuple(args, "|i", &format)) - goto error; + if (!PyArg_ParseTuple(args, "|i", &format)) + goto error; - if ( !(name = X509_get_subject_name( self->x509 ) ) ) - lose("could not get issuers name"); + if ((name = X509_get_subject_name(self->x509)) == NULL) + lose("could not get issuers name"); - if ( !(result_list = X509_object_helper_get_name(name, format) ) ) - lose("failed to produce name list"); + if ((result_list = X509_object_helper_get_name(name, format)) == NULL) + lose("failed to produce name list"); - return result_list; + return result_list; -error: + error: - return NULL; + return NULL; } static char X509_object_set_subject__doc__[] = @@ -1342,34 +1327,34 @@ static char X509_object_set_subject__doc__[] = static PyObject * X509_object_set_subject(x509_object *self, PyObject *args) { - PyObject *name_sequence = NULL; - X509_NAME *name = NULL; + PyObject *name_sequence = NULL; + X509_NAME *name = NULL; - if (!PyArg_ParseTuple(args, "O", &name_sequence)) - goto error; + if (!PyArg_ParseTuple(args, "O", &name_sequence)) + goto error; - if ( !( PyTuple_Check( name_sequence ) || PyList_Check(name_sequence) ) ) - lose_type_error("Inapropriate type"); + if (!PyTuple_Check(name_sequence) && !PyList_Check(name_sequence)) + lose_type_error("Inapropriate type"); - if ( !(name = X509_NAME_new() ) ) - lose("could not allocate memory"); + if ((name = X509_NAME_new()) == NULL) + lose("could not allocate memory"); - if ( !X509_object_helper_set_name(name, name_sequence) ) - lose("unable to set new name"); + if (!X509_object_helper_set_name(name, name_sequence)) + lose("unable to set new name"); - if ( !X509_set_subject_name(self->x509,name) ) - lose("unable to set name"); - - X509_NAME_free(name); + if (!X509_set_subject_name(self->x509, name)) + lose("unable to set name"); - return Py_BuildValue(""); + X509_NAME_free(name); -error: + return Py_BuildValue(""); - return NULL; + error: + + return NULL; } -static char X509_object_set_issuer__doc__[] = +static char X509_object_set_issuer__doc__[] = "<method>\n" " <header>\n" " <memberof>X509</memberof>\n" @@ -1389,37 +1374,37 @@ static char X509_object_set_issuer__doc__[] = static PyObject * X509_object_set_issuer(x509_object *self, PyObject *args) { - PyObject *name_sequence = NULL; - X509_NAME *name = NULL; + PyObject *name_sequence = NULL; + X509_NAME *name = NULL; - if (!PyArg_ParseTuple(args, "O", &name_sequence)) - goto error; + if (!PyArg_ParseTuple(args, "O", &name_sequence)) + goto error; - if ( !( PyTuple_Check( name_sequence ) || PyList_Check(name_sequence) ) ) - lose_type_error("Inapropriate type"); + if (!PyTuple_Check(name_sequence) && !PyList_Check(name_sequence)) + lose_type_error("Inapropriate type"); - if ( !(name = X509_NAME_new() ) ) - lose("could not allocate memory"); + if ((name = X509_NAME_new()) == NULL) + lose("could not allocate memory"); - if ( !X509_object_helper_set_name(name, name_sequence) ) - lose("unable to set new name"); + if (!X509_object_helper_set_name(name, name_sequence)) + lose("unable to set new name"); - if ( !X509_set_issuer_name(self->x509,name) ) - lose("unable to set name"); + if (!X509_set_issuer_name(self->x509,name)) + lose("unable to set name"); - X509_NAME_free(name); + X509_NAME_free(name); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - if (name) - X509_NAME_free(name); + if (name) + X509_NAME_free(name); - return NULL; + return NULL; } -static char X509_object_get_not_before__doc__[] = +static char X509_object_get_not_before__doc__[] = "<method>\n" " <header>\n" " <memberof>X509</memberof>\n" @@ -1441,14 +1426,14 @@ static char X509_object_get_not_before__doc__[] = static PyObject * X509_object_get_not_before (x509_object *self, PyObject *args) { - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - return Py_BuildValue("s", self->x509->cert_info->validity->notBefore->data); + return Py_BuildValue("s", self->x509->cert_info->validity->notBefore->data); -error: + error: - return NULL; + return NULL; } static char X509_object_get_not_after__doc__[] = @@ -1472,14 +1457,14 @@ static char X509_object_get_not_after__doc__[] = static PyObject * X509_object_get_not_after (x509_object *self, PyObject *args) { - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - return Py_BuildValue("s", self->x509->cert_info->validity->notAfter->data); + return Py_BuildValue("s", self->x509->cert_info->validity->notAfter->data); -error: + error: - return NULL; + return NULL; } static char X509_object_set_not_after__doc__[] = @@ -1504,23 +1489,22 @@ static char X509_object_set_not_after__doc__[] = static PyObject * X509_object_set_not_after (x509_object *self, PyObject *args) { - //int new_time = 0; - char *new_time = NULL; + char *new_time = NULL; - if (!PyArg_ParseTuple(args, "s", &new_time)) - goto error; + if (!PyArg_ParseTuple(args, "s", &new_time)) + goto error; - if ( !ASN1_UTCTIME_set_string(self->x509->cert_info->validity->notAfter, new_time) ) - lose("could not set time"); + if (!ASN1_UTCTIME_set_string(self->x509->cert_info->validity->notAfter, new_time)) + lose("could not set time"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } -static char X509_object_set_not_before__doc__[] = +static char X509_object_set_not_before__doc__[] = "<method>\n" " <header>\n" " <memberof>X509</memberof>\n" @@ -1542,20 +1526,19 @@ static char X509_object_set_not_before__doc__[] = static PyObject * X509_object_set_not_before (x509_object *self, PyObject *args) { - //int new_time = 0; - char *new_time = NULL; + char *new_time = NULL; - if (!PyArg_ParseTuple(args, "s", &new_time)) - goto error; + if (!PyArg_ParseTuple(args, "s", &new_time)) + goto error; - if ( !ASN1_UTCTIME_set_string(self->x509->cert_info->validity->notBefore, new_time) ) - lose("could not set time"); + if (!ASN1_UTCTIME_set_string(self->x509->cert_info->validity->notBefore, new_time)) + lose("could not set time"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static char X509_object_add_extension__doc__[] = @@ -1584,8 +1567,8 @@ static char X509_object_add_extension__doc__[] = " <title><function>addExtension</function> method usage</title>\n" " <programlisting>\n" " basic = POW.pkix.BasicConstraints()\n" -" basic.set([1,5]) \n" -" serverCert.addExtension( 'basicConstraints', 0, basic.toString())\n" +" basic.set([1,5])\n" +" serverCert.addExtension('basicConstraints', 0, basic.toString())\n" " </programlisting>\n" " </example>\n" " </body>\n" @@ -1595,42 +1578,42 @@ static char X509_object_add_extension__doc__[] = static PyObject * X509_object_add_extension(x509_object *self, PyObject *args) { - int critical = 0, nid = 0, len = 0; - char *name = NULL; - unsigned char *buf = NULL; - ASN1_OCTET_STRING *octetString = NULL; - X509_EXTENSION *extn = NULL; + int critical = 0, nid = 0, len = 0; + char *name = NULL; + unsigned char *buf = NULL; + ASN1_OCTET_STRING *octetString = NULL; + X509_EXTENSION *extn = NULL; - if (!PyArg_ParseTuple(args, "sis#", &name, &critical, &buf, &len)) - goto error; + if (!PyArg_ParseTuple(args, "sis#", &name, &critical, &buf, &len)) + goto error; - if ( !(octetString = M_ASN1_OCTET_STRING_new() ) ) - lose("could not allocate memory"); + if ((octetString = M_ASN1_OCTET_STRING_new()) == NULL) + lose("could not allocate memory"); - if ( !ASN1_OCTET_STRING_set(octetString, buf, len) ) - lose("could not set ASN1 Octect string"); + if (!ASN1_OCTET_STRING_set(octetString, buf, len)) + lose("could not set ASN1 Octect string"); - if ( NID_undef == (nid = OBJ_txt2nid(name) ) ) - lose("extension has unknown object identifier"); + if ((nid = OBJ_txt2nid(name)) == NID_undef) + lose("extension has unknown object identifier"); - if ( !( extn = X509_EXTENSION_create_by_NID(NULL, nid, critical, octetString) ) ) - lose("unable to create ASN1 X509 Extension object"); + if ((extn = X509_EXTENSION_create_by_NID(NULL, nid, critical, octetString)) == NULL) + lose("unable to create ASN1 X509 Extension object"); - if (!self->x509->cert_info->extensions) - if ( !(self->x509->cert_info->extensions = sk_X509_EXTENSION_new_null() ) ) - lose("unable to allocate memory"); + if (!self->x509->cert_info->extensions && + (self->x509->cert_info->extensions = sk_X509_EXTENSION_new_null()) == NULL) + lose("unable to allocate memory"); - if ( !sk_X509_EXTENSION_push(self->x509->cert_info->extensions, extn) ) - lose("unable to add extension"); + if (!sk_X509_EXTENSION_push(self->x509->cert_info->extensions, extn)) + lose("unable to add extension"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - if(extn) - X509_EXTENSION_free(extn); - - return NULL; + if (extn) + X509_EXTENSION_free(extn); + + return NULL; } static char X509_object_clear_extensions__doc__[] = @@ -1651,23 +1634,22 @@ static char X509_object_clear_extensions__doc__[] = static PyObject * X509_object_clear_extensions(x509_object *self, PyObject *args) { - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - if (self->x509->cert_info->extensions) - { - sk_X509_EXTENSION_free(self->x509->cert_info->extensions); - self->x509->cert_info->extensions = NULL; - } + if (self->x509->cert_info->extensions) { + sk_X509_EXTENSION_free(self->x509->cert_info->extensions); + self->x509->cert_info->extensions = NULL; + } - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } -static char X509_object_count_extensions__doc__[] = +static char X509_object_count_extensions__doc__[] = "<method>\n" " <header>\n" " <memberof>X509</memberof>\n" @@ -1685,24 +1667,22 @@ static char X509_object_count_extensions__doc__[] = static PyObject * X509_object_count_extensions(x509_object *self, PyObject *args) { - int num = 0; - if (!PyArg_ParseTuple(args, "")) - goto error; + int num = 0; - if (self->x509->cert_info->extensions) - { - num = sk_X509_EXTENSION_num(self->x509->cert_info->extensions); - return Py_BuildValue("i", num); - } - else - return Py_BuildValue("i", 0); + if (!PyArg_ParseTuple(args, "")) + goto error; -error: + if (self->x509->cert_info->extensions) + num = sk_X509_EXTENSION_num(self->x509->cert_info->extensions); - return NULL; + return Py_BuildValue("i", num); + + error: + + return NULL; } -static char X509_object_get_extension__doc__[] = +static char X509_object_get_extension__doc__[] = "<method>\n" " <header>\n" " <memberof>X509</memberof>\n" @@ -1721,37 +1701,34 @@ static char X509_object_get_extension__doc__[] = static PyObject * X509_object_get_extension(x509_object *self, PyObject *args) { - int num = 0, index = 0, ext_nid = 0; - char const *ext_ln = NULL; - char unknown_ext [] = "unknown"; - X509_EXTENSION *ext; - if (!PyArg_ParseTuple(args, "i", &index)) - goto error; + int num = 0, index = 0, ext_nid = 0; + char const *ext_ln = NULL; + char unknown_ext [] = "unknown"; + X509_EXTENSION *ext; - if (self->x509->cert_info->extensions) - { - num = sk_X509_EXTENSION_num(self->x509->cert_info->extensions); - } - else - num = 0; + if (!PyArg_ParseTuple(args, "i", &index)) + goto error; - if (index >= num) - lose("certificate does not have that many extensions"); + if (self->x509->cert_info->extensions) + num = sk_X509_EXTENSION_num(self->x509->cert_info->extensions); - if ( !(ext = sk_X509_EXTENSION_value(self->x509->cert_info->extensions, index) ) ) - lose("could not get extension"); + if (index >= num) + lose("certificate does not have that many extensions"); - if ( NID_undef == (ext_nid = OBJ_obj2nid(ext->object) ) ) - lose("extension has unknown object identifier"); + if ((ext = sk_X509_EXTENSION_value(self->x509->cert_info->extensions, index)) == NULL) + lose("could not get extension"); - if ( NULL == (ext_ln = OBJ_nid2sn(ext_nid) ) ) - ext_ln = unknown_ext; + if ((ext_nid = OBJ_obj2nid(ext->object)) == NID_undef) + lose("extension has unknown object identifier"); - return Py_BuildValue("sis#", ext_ln, ext->critical, ext->value->data, ext->value->length ); + if ((ext_ln = OBJ_nid2sn(ext_nid)) == NULL) + ext_ln = unknown_ext; -error: + return Py_BuildValue("sis#", ext_ln, ext->critical, ext->value->data, ext->value->length); - return NULL; + error: + + return NULL; } static char x509_object_pprint__doc__[] = @@ -1772,83 +1749,83 @@ static char x509_object_pprint__doc__[] = static PyObject * x509_object_pprint(x509_object *self, PyObject *args) { - int len = 0, ret = 0; - char *buf = NULL; - BIO *out_bio = NULL; - PyObject *cert = NULL; - - if (!PyArg_ParseTuple(args, "")) - goto error; + int len = 0, ret = 0; + char *buf = NULL; + BIO *out_bio = NULL; + PyObject *cert = NULL; + + if (!PyArg_ParseTuple(args, "")) + goto error; - out_bio = BIO_new(BIO_s_mem()); + out_bio = BIO_new(BIO_s_mem()); - if (!X509_print(out_bio, self->x509) ) - lose("unable to write crl"); + if (!X509_print(out_bio, self->x509)) + lose("unable to write crl"); - if ( !(len = BIO_ctrl_pending(out_bio) ) ) - lose("unable to get bytes stored in bio"); + if ((len = BIO_ctrl_pending(out_bio)) == 0) + lose("unable to get bytes stored in bio"); - if ( !(buf = malloc(len) ) ) - lose("unable to allocate memory"); + if ((buf = malloc(len)) == NULL) + lose("unable to allocate memory"); - if ( (ret = BIO_read( out_bio, buf, len ) ) != len ) - lose("unable to write out cert"); + if ((ret = BIO_read(out_bio, buf, len)) != len) + lose("unable to write out cert"); - cert = Py_BuildValue("s#", buf, len); + cert = Py_BuildValue("s#", buf, len); - BIO_free(out_bio); - free(buf); - return cert; - -error: + BIO_free(out_bio); + free(buf); + return cert; - if (out_bio) - BIO_free(out_bio); + error: - if (buf) - free(buf); + if (out_bio) + BIO_free(out_bio); - return NULL; + if (buf) + free(buf); + + return NULL; } static struct PyMethodDef X509_object_methods[] = { - {"pemWrite", (PyCFunction)X509_object_pem_write, METH_VARARGS, NULL}, - {"derWrite", (PyCFunction)X509_object_der_write, METH_VARARGS, NULL}, - {"sign", (PyCFunction)X509_object_sign, METH_VARARGS, NULL}, - {"setPublicKey", (PyCFunction)X509_object_set_public_key, METH_VARARGS, NULL}, - {"getVersion", (PyCFunction)X509_object_get_version, METH_VARARGS, NULL}, - {"setVersion", (PyCFunction)X509_object_set_version, METH_VARARGS, NULL}, - {"getSerial", (PyCFunction)X509_object_get_serial, METH_VARARGS, NULL}, - {"setSerial", (PyCFunction)X509_object_set_serial, METH_VARARGS, NULL}, - {"getIssuer", (PyCFunction)X509_object_get_issuer, METH_VARARGS, NULL}, - {"setIssuer", (PyCFunction)X509_object_set_issuer, METH_VARARGS, NULL}, - {"getSubject", (PyCFunction)X509_object_get_subject, METH_VARARGS, NULL}, - {"setSubject", (PyCFunction)X509_object_set_subject, METH_VARARGS, NULL}, - {"getNotBefore", (PyCFunction)X509_object_get_not_before, METH_VARARGS, NULL}, - {"getNotAfter", (PyCFunction)X509_object_get_not_after, METH_VARARGS, NULL}, - {"setNotAfter", (PyCFunction)X509_object_set_not_after, METH_VARARGS, NULL}, - {"setNotBefore", (PyCFunction)X509_object_set_not_before, METH_VARARGS, NULL}, - {"addExtension", (PyCFunction)X509_object_add_extension, METH_VARARGS, NULL}, - {"clearExtensions",(PyCFunction)X509_object_clear_extensions, METH_VARARGS, NULL}, - {"countExtensions",(PyCFunction)X509_object_count_extensions, METH_VARARGS, NULL}, - {"getExtension", (PyCFunction)X509_object_get_extension, METH_VARARGS, NULL}, - {"pprint", (PyCFunction)x509_object_pprint, METH_VARARGS, NULL}, - - {NULL, NULL} /* sentinel */ + {"pemWrite", (PyCFunction)X509_object_pem_write, METH_VARARGS, NULL}, + {"derWrite", (PyCFunction)X509_object_der_write, METH_VARARGS, NULL}, + {"sign", (PyCFunction)X509_object_sign, METH_VARARGS, NULL}, + {"setPublicKey", (PyCFunction)X509_object_set_public_key, METH_VARARGS, NULL}, + {"getVersion", (PyCFunction)X509_object_get_version, METH_VARARGS, NULL}, + {"setVersion", (PyCFunction)X509_object_set_version, METH_VARARGS, NULL}, + {"getSerial", (PyCFunction)X509_object_get_serial, METH_VARARGS, NULL}, + {"setSerial", (PyCFunction)X509_object_set_serial, METH_VARARGS, NULL}, + {"getIssuer", (PyCFunction)X509_object_get_issuer, METH_VARARGS, NULL}, + {"setIssuer", (PyCFunction)X509_object_set_issuer, METH_VARARGS, NULL}, + {"getSubject", (PyCFunction)X509_object_get_subject, METH_VARARGS, NULL}, + {"setSubject", (PyCFunction)X509_object_set_subject, METH_VARARGS, NULL}, + {"getNotBefore", (PyCFunction)X509_object_get_not_before, METH_VARARGS, NULL}, + {"getNotAfter", (PyCFunction)X509_object_get_not_after, METH_VARARGS, NULL}, + {"setNotAfter", (PyCFunction)X509_object_set_not_after, METH_VARARGS, NULL}, + {"setNotBefore", (PyCFunction)X509_object_set_not_before, METH_VARARGS, NULL}, + {"addExtension", (PyCFunction)X509_object_add_extension, METH_VARARGS, NULL}, + {"clearExtensions", (PyCFunction)X509_object_clear_extensions, METH_VARARGS, NULL}, + {"countExtensions", (PyCFunction)X509_object_count_extensions, METH_VARARGS, NULL}, + {"getExtension", (PyCFunction)X509_object_get_extension, METH_VARARGS, NULL}, + {"pprint", (PyCFunction)x509_object_pprint, METH_VARARGS, NULL}, + + {NULL} /* sentinel */ }; static PyObject * X509_object_getattr(x509_object *self, char *name) { - return Py_FindMethod(X509_object_methods, (PyObject *)self, name); + return Py_FindMethod(X509_object_methods, (PyObject *)self, name); } static void X509_object_dealloc(x509_object *self, char *name) { - X509_free( self->x509 ); - PyObject_Del(self); + X509_free(self->x509); + PyObject_Del(self); } static char x509type__doc__[] = @@ -1858,7 +1835,7 @@ static char x509type__doc__[] = " </header>\n" " <body>\n" " <para>\n" -" This class provides access to a significant proportion of X509 \n" +" This class provides access to a significant proportion of X509\n" " functionality of OpenSSL.\n" " </para>\n" "\n" @@ -1874,20 +1851,20 @@ static char x509type__doc__[] = "\n" " c = POW.X509()\n" "\n" -" name = [ ['C', 'GB'], ['ST', 'Hertfordshire'], \n" +" name = [ ['C', 'GB'], ['ST', 'Hertfordshire'],\n" " ['O','The House'], ['CN', 'Peter Shannon'] ]\n" "\n" -" c.setIssuer( name )\n" -" c.setSubject( name )\n" +" c.setIssuer(name)\n" +" c.setSubject(name)\n" " c.setSerial(0)\n" -" t1 = POW.pkix.time2utc( time.time() ) \n" -" t2 = POW.pkix.time2utc( time.time() + 60*60*24*365) \n" +" t1 = POW.pkix.time2utc(time.time())\n" +" t2 = POW.pkix.time2utc(time.time() + 60*60*24*365)\n" " c.setNotBefore(t1)\n" " c.setNotAfter(t2)\n" " c.setPublicKey(publicKey)\n" " c.sign(privateKey)\n" "\n" -" certFile.write( c.pemWrite() )\n" +" certFile.write(c.pemWrite())\n" "\n" " privateFile.close()\n" " publicFile.close()\n" @@ -1929,20 +1906,19 @@ static PyTypeObject x509type = { static x509_store_object * x509_store_object_new(void) { - x509_store_object *self = NULL; + x509_store_object *self = NULL; - self = PyObject_New( x509_store_object, &x509_storetype ); - if (self == NULL) - goto error; + if ((self = PyObject_New(x509_store_object, &x509_storetype)) == NULL) + goto error; - self->store = X509_STORE_new(); + self->store = X509_STORE_new(); - return self; + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } static char x509_store_object_verify__doc__[] = @@ -1958,7 +1934,7 @@ static char x509_store_object_verify__doc__[] = " <function>verify</function> is based on the\n" " <function>X509_verify_cert</function>. It handles certain aspects\n" " of verification but not others. The certificate will be verified\n" -" against <constant>notBefore</constant>, \n" +" against <constant>notBefore</constant>,\n" " <constant>notAfter</constant> and trusted certificates.\n" " It crucially will not handle checking the certificate against\n" " CRLs. This functionality will probably make it into OpenSSL\n" @@ -1971,23 +1947,23 @@ static char x509_store_object_verify__doc__[] = static PyObject * x509_store_object_verify(x509_store_object *self, PyObject *args) { - X509_STORE_CTX csc; - x509_object *x509 = NULL; - int result = 0; + X509_STORE_CTX csc; + x509_object *x509 = NULL; + int result = 0; - if (!PyArg_ParseTuple(args, "O!", &x509type, &x509)) - goto error; + if (!PyArg_ParseTuple(args, "O!", &x509type, &x509)) + goto error; - X509_STORE_CTX_init( &csc, self->store, x509->x509, NULL ); - result = X509_verify_cert( &csc ) == 1; + X509_STORE_CTX_init(&csc, self->store, x509->x509, NULL); + result = X509_verify_cert(&csc) == 1; - X509_STORE_CTX_cleanup( &csc ); + X509_STORE_CTX_cleanup(&csc); - return Py_BuildValue("i", result); + return Py_BuildValue("i", result); -error: + error: - return NULL; + return NULL; } static char x509_store_object_verify_chain__doc__[] = @@ -2000,18 +1976,18 @@ static char x509_store_object_verify_chain__doc__[] = " </header>\n" " <body>\n" " <para>\n" -" The <classname>X509Store</classname> method <function>verifyChain</function> \n" -" is based on the <function>X509_verify_cert</function> but is initialised \n" -" with a <classname>X509</classname> object to verify and list of \n" -" <classname>X509</classname> objects which form a chain to a trusted \n" -" certificate. Certain aspects of the verification are handled but not others. \n" -" The certificates will be verified against <constant>notBefore</constant>, \n" -" <constant>notAfter</constant> and trusted certificates. It crucially will \n" -" not handle checking the certificate against CRLs. This functionality will \n" +" The <classname>X509Store</classname> method <function>verifyChain</function>\n" +" is based on the <function>X509_verify_cert</function> but is initialised\n" +" with a <classname>X509</classname> object to verify and list of\n" +" <classname>X509</classname> objects which form a chain to a trusted\n" +" certificate. Certain aspects of the verification are handled but not others.\n" +" The certificates will be verified against <constant>notBefore</constant>,\n" +" <constant>notAfter</constant> and trusted certificates. It crucially will\n" +" not handle checking the certificate against CRLs. This functionality will\n" " probably make it into OpenSSL 0.9.7.\n" " </para>\n" " <para>\n" -" This may all sound quite straight forward but determining the \n" +" This may all sound quite straight forward but determining the\n" " certificate associated with the signature on another certificate\n" " can be very time consuming. The management aspects of\n" " certificates are addressed by various V3 extensions which are not\n" @@ -2024,31 +2000,31 @@ static char x509_store_object_verify_chain__doc__[] = static PyObject * x509_store_object_verify_chain(x509_store_object *self, PyObject *args) { - PyObject *x509_sequence = NULL; - X509_STORE_CTX csc; - x509_object *x509 = NULL; - STACK_OF(X509) *x509_stack = NULL; - int result = 0; + PyObject *x509_sequence = NULL; + X509_STORE_CTX csc; + x509_object *x509 = NULL; + STACK_OF(X509) *x509_stack = NULL; + int result = 0; - if (!PyArg_ParseTuple(args, "O!O", &x509type, &x509, &x509_sequence)) - goto error; + if (!PyArg_ParseTuple(args, "O!O", &x509type, &x509, &x509_sequence)) + goto error; - if ( !(x509_stack = x509_helper_sequence_to_stack(x509_sequence)) ) - goto error; + if ((x509_stack = x509_helper_sequence_to_stack(x509_sequence)) == NULL) + goto error; - X509_STORE_CTX_init( &csc, self->store, x509->x509, x509_stack ); - result = X509_verify_cert( &csc ) == 1; + X509_STORE_CTX_init(&csc, self->store, x509->x509, x509_stack); + result = X509_verify_cert(&csc) == 1; - X509_STORE_CTX_cleanup( &csc ); - sk_X509_free(x509_stack); - return Py_BuildValue("i", result); + X509_STORE_CTX_cleanup(&csc); + sk_X509_free(x509_stack); + return Py_BuildValue("i", result); -error: + error: - if(x509_stack) - sk_X509_free(x509_stack); + if (x509_stack) + sk_X509_free(x509_stack); - return NULL; + return NULL; } static char x509_store_object_verify_detailed__doc__[] = @@ -2063,18 +2039,18 @@ static char x509_store_object_verify_detailed__doc__[] = " </header>\n" " <body>\n" " <para>\n" -" The <classname>X509Store</classname> method <function>verifyDetailed</function> \n" -" is based on the <function>X509_verify_cert</function> but is initialised \n" -" with a <classname>X509</classname> object to verify and list of \n" -" <classname>X509</classname> objects which form a chain to a trusted \n" -" certificate. Certain aspects of the verification are handled but not others. \n" -" The certificates will be verified against <constant>notBefore</constant>, \n" -" <constant>notAfter</constant> and trusted certificates. It crucially will \n" -" not handle checking the certificate against CRLs. This functionality will \n" +" The <classname>X509Store</classname> method <function>verifyDetailed</function>\n" +" is based on the <function>X509_verify_cert</function> but is initialised\n" +" with a <classname>X509</classname> object to verify and list of\n" +" <classname>X509</classname> objects which form a chain to a trusted\n" +" certificate. Certain aspects of the verification are handled but not others.\n" +" The certificates will be verified against <constant>notBefore</constant>,\n" +" <constant>notAfter</constant> and trusted certificates. It crucially will\n" +" not handle checking the certificate against CRLs. This functionality will\n" " probably make it into OpenSSL 0.9.7.\n" " </para>\n" " <para>\n" -" This may all sound quite straight forward but determining the \n" +" This may all sound quite straight forward but determining the\n" " certificate associated with the signature on another certificate\n" " can be very time consuming. The management aspects of\n" " certificates are addressed by various V3 extensions which are not\n" @@ -2094,33 +2070,33 @@ static char x509_store_object_verify_detailed__doc__[] = static PyObject * x509_store_object_verify_detailed(x509_store_object *self, PyObject *args) { - PyObject *x509_sequence = Py_None; - X509_STORE_CTX csc; - x509_object *x509 = NULL; - STACK_OF(X509) *x509_stack = NULL; - PyObject *result = NULL; - int ret = 0; + PyObject *x509_sequence = Py_None; + X509_STORE_CTX csc; + x509_object *x509 = NULL; + STACK_OF(X509) *x509_stack = NULL; + PyObject *result = NULL; + int ret = 0; - if (!PyArg_ParseTuple(args, "O!|O", &x509type, &x509, &x509_sequence)) - goto error; + if (!PyArg_ParseTuple(args, "O!|O", &x509type, &x509, &x509_sequence)) + goto error; - if (x509_sequence && !(x509_stack = x509_helper_sequence_to_stack(x509_sequence))) - goto error; + if (x509_sequence && !(x509_stack = x509_helper_sequence_to_stack(x509_sequence))) + goto error; - X509_STORE_CTX_init( &csc, self->store, x509->x509, x509_stack ); + X509_STORE_CTX_init(&csc, self->store, x509->x509, x509_stack); - ret = X509_verify_cert( &csc ) == 1; + ret = X509_verify_cert(&csc) == 1; - result = Py_BuildValue("(iii)", ret, csc.error, csc.error_depth); + result = Py_BuildValue("(iii)", ret, csc.error, csc.error_depth); - X509_STORE_CTX_cleanup( &csc ); + X509_STORE_CTX_cleanup(&csc); -error: /* fall through */ + error: /* fall through */ - if (x509_stack) - sk_X509_free(x509_stack); + if (x509_stack) + sk_X509_free(x509_stack); - return result; + return result; } static char x509_store_object_add_trust__doc__[] = @@ -2137,7 +2113,7 @@ static char x509_store_object_add_trust__doc__[] = " instance of <classname>X509</classname>. Using trusted certificates to manage\n" " verification is relatively primitive, more sophisticated systems\n" " can be constructed at an application level by by constructing\n" -" certificate chains to verify. \n" +" certificate chains to verify.\n" " </para>\n" " </body>\n" "</method>\n" @@ -2146,18 +2122,18 @@ static char x509_store_object_add_trust__doc__[] = static PyObject * x509_store_object_add_trust(x509_store_object *self, PyObject *args) { - x509_object *x509 = NULL; + x509_object *x509 = NULL; - if (!PyArg_ParseTuple(args, "O!", &x509type, &x509)) - goto error; + if (!PyArg_ParseTuple(args, "O!", &x509type, &x509)) + goto error; - X509_STORE_add_cert( self->store, x509->x509 ); + X509_STORE_add_cert(self->store, x509->x509); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static char x509_store_object_add_crl__doc__[] = @@ -2185,41 +2161,41 @@ static char x509_store_object_add_crl__doc__[] = static PyObject * x509_store_object_add_crl(x509_store_object *self, PyObject *args) { - x509_crl_object *crl = NULL; + x509_crl_object *crl = NULL; - if (!PyArg_ParseTuple(args, "O!", &x509_crltype, &crl)) - goto error; + if (!PyArg_ParseTuple(args, "O!", &x509_crltype, &crl)) + goto error; - X509_STORE_add_crl( self->store, crl->crl ); + X509_STORE_add_crl(self->store, crl->crl); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static struct PyMethodDef x509_store_object_methods[] = { - {"verify", (PyCFunction)x509_store_object_verify, METH_VARARGS, NULL}, - {"verifyChain", (PyCFunction)x509_store_object_verify_chain, METH_VARARGS, NULL}, - {"verifyDetailed", (PyCFunction)x509_store_object_verify_detailed, METH_VARARGS, NULL}, - {"addTrust", (PyCFunction)x509_store_object_add_trust, METH_VARARGS, NULL}, - {"addCrl", (PyCFunction)x509_store_object_add_crl, METH_VARARGS, NULL}, - - {NULL, NULL} /* sentinel */ + {"verify", (PyCFunction)x509_store_object_verify, METH_VARARGS, NULL}, + {"verifyChain", (PyCFunction)x509_store_object_verify_chain, METH_VARARGS, NULL}, + {"verifyDetailed", (PyCFunction)x509_store_object_verify_detailed, METH_VARARGS, NULL}, + {"addTrust", (PyCFunction)x509_store_object_add_trust, METH_VARARGS, NULL}, + {"addCrl", (PyCFunction)x509_store_object_add_crl, METH_VARARGS, NULL}, + + {NULL, NULL} /* sentinel */ }; static PyObject * x509_store_object_getattr(x509_store_object *self, char *name) { - return Py_FindMethod(x509_store_object_methods, (PyObject *)self, name); + return Py_FindMethod(x509_store_object_methods, (PyObject *)self, name); } static void x509_store_object_dealloc(x509_store_object *self, char *name) { - X509_STORE_free( self->store ); - PyObject_Del(self); + X509_STORE_free(self->store); + PyObject_Del(self); } static char x509_storetype__doc__[] = @@ -2238,19 +2214,19 @@ static char x509_storetype__doc__[] = " <programlisting>\n" " store = POW.X509Store()\n" "\n" -" caFile = open( 'test/cacert.pem', 'r' )\n" -" ca = POW.pemRead( POW.X509_CERTIFICATE, caFile.read() )\n" +" caFile = open('test/cacert.pem', 'r')\n" +" ca = POW.pemRead(POW.X509_CERTIFICATE, caFile.read())\n" " caFile.close()\n" "\n" -" store.addTrust( ca )\n" +" store.addTrust(ca)\n" "\n" -" certFile = open( 'test/foocom.cert', 'r' )\n" -" x509 = POW.pemRead( POW.X509_CERTIFICATE, certFile.read() )\n" +" certFile = open('test/foocom.cert', 'r')\n" +" x509 = POW.pemRead(POW.X509_CERTIFICATE, certFile.read())\n" " certFile.close()\n" "\n" " print x509.pprint()\n" -" \n" -" if store.verify( x509 ):\n" +"\n" +" if store.verify(x509):\n" " print 'Verified certificate!.'\n" " else:\n" " print 'Failed to verify certificate!.'\n" @@ -2290,65 +2266,64 @@ static PyTypeObject x509_storetype = { static x509_crl_object * x509_crl_object_new(void) { - x509_crl_object *self = NULL; + x509_crl_object *self = NULL; - self = PyObject_New( x509_crl_object, &x509_crltype ); - if (self == NULL) - goto error; + self = PyObject_New(x509_crl_object, &x509_crltype); + if (self == NULL) + goto error; - self->crl = X509_CRL_new(); + self->crl = X509_CRL_new(); - return self; + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } static x509_crl_object * x509_crl_object_pem_read(BIO *in) { - x509_crl_object *self; + x509_crl_object *self; - self = PyObject_New( x509_crl_object, &x509_crltype ); - if (self == NULL) - goto error; + if ((self = PyObject_New(x509_crl_object, &x509_crltype)) == NULL) + goto error; - if( !(self->crl = PEM_read_bio_X509_CRL( in, NULL, NULL, NULL ) ) ) - lose("could not load certificate"); + if ((self->crl = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL)) == NULL) + lose("could not load certificate"); - return self; + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } static x509_crl_object * x509_crl_object_der_read(unsigned char *src, int len) { - x509_crl_object *self; - unsigned char* ptr = src; + x509_crl_object *self; + unsigned char* ptr = src; - if ( !(self = PyObject_New( x509_crl_object, &x509_crltype ) ) ) - goto error; + if ((self = PyObject_New(x509_crl_object, &x509_crltype)) == NULL) + goto error; - self->crl = X509_CRL_new(); + self->crl = X509_CRL_new(); - if( !(d2i_X509_CRL( &self->crl, (const unsigned char **) &ptr, len ) ) ) - lose("could not load PEM encoded CRL"); + if (!d2i_X509_CRL(&self->crl, (const unsigned char **) &ptr, len)) + lose("could not load PEM encoded CRL"); - return self; + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } -static char x509_crl_object_get_version__doc__[] = +static char x509_crl_object_get_version__doc__[] = "<method>\n" " <header>\n" " <memberof>X509Crl</memberof>\n" @@ -2357,7 +2332,7 @@ static char x509_crl_object_get_version__doc__[] = " <body>\n" " <para>\n" " This method returns the version number from the version field of\n" -" this CRL. \n" +" this CRL.\n" " </para>\n" " </body>\n" "</method>\n" @@ -2366,22 +2341,22 @@ static char x509_crl_object_get_version__doc__[] = static PyObject * x509_crl_object_get_version(x509_crl_object *self, PyObject *args) { - long version = 0; + long version = 0; - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - if ( (version = ASN1_INTEGER_get( self->crl->crl->version ) ) == -1 ) - lose("could not get crl version"); + if ((version = ASN1_INTEGER_get(self->crl->crl->version)) == -1) + lose("could not get crl version"); - return Py_BuildValue("l", version); + return Py_BuildValue("l", version); -error: + error: - return NULL; + return NULL; } -static char x509_crl_object_set_version__doc__[] = +static char x509_crl_object_set_version__doc__[] = "<method>\n" " <header>\n" " <memberof>X509Crl</memberof>\n" @@ -2401,31 +2376,31 @@ static char x509_crl_object_set_version__doc__[] = static PyObject * x509_crl_object_set_version(x509_crl_object *self, PyObject *args) { - long version = 0; - ASN1_INTEGER *asn1_version = NULL; + long version = 0; + ASN1_INTEGER *asn1_version = NULL; - if (!PyArg_ParseTuple(args, "i", &version)) - goto error; + if (!PyArg_ParseTuple(args, "i", &version)) + goto error; - if ( !(asn1_version = ASN1_INTEGER_new() ) ) - lose("could not allocate memory"); + if ((asn1_version = ASN1_INTEGER_new()) == NULL) + lose("could not allocate memory"); - if ( !ASN1_INTEGER_set( asn1_version, version ) ) - lose("could not get set version"); + if (!ASN1_INTEGER_set(asn1_version, version)) + lose("could not get set version"); - self->crl->crl->version = asn1_version; + self->crl->crl->version = asn1_version; - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - if (asn1_version) - ASN1_INTEGER_free(asn1_version); + if (asn1_version) + ASN1_INTEGER_free(asn1_version); - return NULL; + return NULL; } -static char x509_crl_object_get_issuer__doc__[] = +static char x509_crl_object_get_issuer__doc__[] = "<method>\n" " <header>\n" " <memberof>X509Crl</memberof>\n" @@ -2445,23 +2420,23 @@ static char x509_crl_object_get_issuer__doc__[] = static PyObject * x509_crl_object_get_issuer(x509_crl_object *self, PyObject *args) { - PyObject *result_list = NULL; - int format = SHORTNAME_FORMAT; + PyObject *result_list = NULL; + int format = SHORTNAME_FORMAT; - if (!PyArg_ParseTuple(args, "|i", &format)) - goto error; + if (!PyArg_ParseTuple(args, "|i", &format)) + goto error; - if ( !(result_list = X509_object_helper_get_name(self->crl->crl->issuer, format) ) ) - lose("failed to produce name list"); + if ((result_list = X509_object_helper_get_name(self->crl->crl->issuer, format)) == NULL) + lose("failed to produce name list"); - return result_list; + return result_list; -error: + error: - return NULL; + return NULL; } -static char x509_crl_object_set_issuer__doc__[] = +static char x509_crl_object_set_issuer__doc__[] = "<method>\n" " <header>\n" " <memberof>X509Crl</memberof>\n" @@ -2482,34 +2457,34 @@ static char x509_crl_object_set_issuer__doc__[] = static PyObject * x509_crl_object_set_issuer(x509_crl_object *self, PyObject *args) { - PyObject *name_sequence = NULL; - X509_NAME *name = NULL; + PyObject *name_sequence = NULL; + X509_NAME *name = NULL; - if (!PyArg_ParseTuple(args, "O", &name_sequence)) - goto error; + if (!PyArg_ParseTuple(args, "O", &name_sequence)) + goto error; - if ( !( PyTuple_Check( name_sequence ) || PyList_Check(name_sequence) ) ) - lose_type_error("Inapropriate type"); + if (!PyTuple_Check(name_sequence) && !PyList_Check(name_sequence)) + lose_type_error("Inapropriate type"); - if ( !(name = X509_NAME_new() ) ) - lose("could not allocate memory"); + if ((name = X509_NAME_new()) == NULL) + lose("could not allocate memory"); - if ( !X509_object_helper_set_name(name, name_sequence) ) - lose("unable to set new name"); + if (!X509_object_helper_set_name(name, name_sequence)) + lose("unable to set new name"); - if ( !X509_NAME_set(&self->crl->crl->issuer,name ) ) - lose("unable to set name"); + if (!X509_NAME_set(&self->crl->crl->issuer, name)) + lose("unable to set name"); - X509_NAME_free(name); + X509_NAME_free(name); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - if (name) - X509_NAME_free(name); + if (name) + X509_NAME_free(name); - return NULL; + return NULL; } static char x509_crl_object_set_this_update__doc__[] = @@ -2534,23 +2509,22 @@ static char x509_crl_object_set_this_update__doc__[] = static PyObject * x509_crl_object_set_this_update (x509_crl_object *self, PyObject *args) { - //int new_time = 0; - char *new_time = NULL; + char *new_time = NULL; - if (!PyArg_ParseTuple(args, "s", &new_time)) - goto error; + if (!PyArg_ParseTuple(args, "s", &new_time)) + goto error; - if ( !ASN1_UTCTIME_set_string(self->crl->crl->lastUpdate,new_time) ) - lose("could not set time"); + if (!ASN1_UTCTIME_set_string(self->crl->crl->lastUpdate, new_time)) + lose("could not set time"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } -static char x509_crl_object_get_this_update__doc__[] = +static char x509_crl_object_get_this_update__doc__[] = "<method>\n" " <header>\n" " <memberof>X509Crl</memberof>\n" @@ -2571,14 +2545,14 @@ static char x509_crl_object_get_this_update__doc__[] = static PyObject * x509_crl_object_get_this_update (x509_crl_object *self, PyObject *args) { - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - return Py_BuildValue("s", self->crl->crl->lastUpdate->data); + return Py_BuildValue("s", self->crl->crl->lastUpdate->data); -error: + error: - return NULL; + return NULL; } static char x509_crl_object_set_next_update__doc__[] = @@ -2603,28 +2577,25 @@ static char x509_crl_object_set_next_update__doc__[] = static PyObject * x509_crl_object_set_next_update (x509_crl_object *self, PyObject *args) { - //int new_time = 0; - char *new_time = NULL; - ASN1_UTCTIME *time = NULL; + char *new_time = NULL; + ASN1_UTCTIME *time = NULL; - if (!PyArg_ParseTuple(args, "s", &new_time)) - goto error; - - if (self->crl->crl->nextUpdate == NULL) - if ( !(time = ASN1_UTCTIME_new() ) ) - lose("could not allocate memory"); + if (!PyArg_ParseTuple(args, "s", &new_time)) + goto error; - self->crl->crl->nextUpdate = time; + if (self->crl->crl->nextUpdate == NULL && (time = ASN1_UTCTIME_new()) == NULL) + lose("could not allocate memory"); - if (!ASN1_UTCTIME_set_string(time, new_time) ) - lose("could not set next update"); + self->crl->crl->nextUpdate = time; + if (!ASN1_UTCTIME_set_string(time, new_time)) + lose("could not set next update"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static char x509_crl_object_get_next_update__doc__[] = @@ -2648,17 +2619,17 @@ static char x509_crl_object_get_next_update__doc__[] = static PyObject * x509_crl_object_get_next_update (x509_crl_object *self, PyObject *args) { - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - return Py_BuildValue("s", self->crl->crl->nextUpdate->data); + return Py_BuildValue("s", self->crl->crl->nextUpdate->data); -error: + error: - return NULL; + return NULL; } -static char x509_crl_object_set_revoked__doc__[] = +static char x509_crl_object_set_revoked__doc__[] = "<method>\n" " <header>\n" " <memberof>X509Crl</memberof>\n" @@ -2668,7 +2639,7 @@ static char x509_crl_object_set_revoked__doc__[] = " <body>\n" " <para>\n" " This method sets the sequence of revoked certificates in this CRL.\n" -" <parameter>revoked</parameter> should be a list or tuple of \n" +" <parameter>revoked</parameter> should be a list or tuple of\n" " <classname>X509Revoked</classname>.\n" " </para>\n" " <example>\n" @@ -2683,22 +2654,22 @@ static char x509_crl_object_set_revoked__doc__[] = "\n" " crl = POW.X509Crl()\n" "\n" -" name = [ ['C', 'GB'], ['ST', 'Hertfordshire'], \n" +" name = [ ['C', 'GB'], ['ST', 'Hertfordshire'],\n" " ['O','The House'], ['CN', 'Peter Shannon'] ]\n" "\n" -" t1 = POW.pkix.time2utc( time.time() ) \n" -" t2 = POW.pkix.time2utc( time.time() + 60*60*24*365) \n" -" crl.setIssuer( name )\n" +" t1 = POW.pkix.time2utc(time.time())\n" +" t2 = POW.pkix.time2utc(time.time() + 60*60*24*365)\n" +" crl.setIssuer(name)\n" " rev = [ POW.X509Revoked(3, t1),\n" " POW.X509Revoked(4, t1),\n" " POW.X509Revoked(5, t1) ]\n" "\n" -" crl.setRevoked( rev )\n" +" crl.setRevoked(rev)\n" " crl.setThisUpdate(t1)\n" " crl.setNextUpdate(t2)\n" " crl.sign(privateKey)\n" "\n" -" crlFile.write( crl.pemWrite() )\n" +" crlFile.write(crl.pemWrite())\n" "\n" " privateFile.close()\n" " publicFile.close()\n" @@ -2714,104 +2685,100 @@ static char x509_crl_object_set_revoked__doc__[] = static X509_REVOKED * X509_REVOKED_dup(X509_REVOKED *rev) { - return((X509_REVOKED *)ASN1_dup((i2d_of_void *) i2d_X509_REVOKED, - (d2i_of_void *) d2i_X509_REVOKED, - (char *) rev)); + return((X509_REVOKED *)ASN1_dup((i2d_of_void *) i2d_X509_REVOKED, + (d2i_of_void *) d2i_X509_REVOKED, + (char *) rev)); } static PyObject * x509_crl_object_set_revoked(x509_crl_object *self, PyObject *args) { - PyObject *revoked_sequence = NULL; - x509_revoked_object *revoked = NULL; - X509_REVOKED *tmp_revoked = NULL; - int i = 0,size = 0; + PyObject *revoked_sequence = NULL; + x509_revoked_object *revoked = NULL; + X509_REVOKED *tmp_revoked = NULL; + int i = 0,size = 0; - if (!PyArg_ParseTuple(args, "O", &revoked_sequence)) - goto error; + if (!PyArg_ParseTuple(args, "O", &revoked_sequence)) + goto error; - if ( !( PyTuple_Check( revoked_sequence ) || PyList_Check(revoked_sequence) ) ) - lose_type_error("inapropriate type"); + if (!PyTuple_Check(revoked_sequence) && !PyList_Check(revoked_sequence)) + lose_type_error("inapropriate type"); - size = PySequence_Size( revoked_sequence ); - for (i = 0; i < size; i++) - { - if ( !( revoked = (x509_revoked_object*)PySequence_GetItem( revoked_sequence, i ) ) ) - goto error; + size = PySequence_Size(revoked_sequence); + for (i = 0; i < size; i++) { + if ((revoked = (x509_revoked_object*) PySequence_GetItem(revoked_sequence, i)) == NULL) + goto error; - if ( !X_X509_revoked_Check( revoked ) ) - lose_type_error("inapropriate type"); + if (!X_X509_revoked_Check(revoked)) + lose_type_error("inapropriate type"); - if ( !(tmp_revoked = X509_REVOKED_dup( revoked->revoked ) ) ) - lose("could not allocate memory"); + if ((tmp_revoked = X509_REVOKED_dup(revoked->revoked)) == NULL) + lose("could not allocate memory"); - if (!X509_CRL_add0_revoked( self->crl, tmp_revoked ) ) - lose("could not add revokation to stack"); + if (!X509_CRL_add0_revoked(self->crl, tmp_revoked)) + lose("could not add revokation to stack"); - Py_DECREF(revoked); - revoked = NULL; - } + Py_DECREF(revoked); + revoked = NULL; + } - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - Py_XDECREF(revoked); + Py_XDECREF(revoked); - return NULL; + return NULL; } static PyObject * x509_crl_object_helper_get_revoked(STACK_OF(X509_REVOKED) *revoked) { - int no_entries = 0, inlist = 0, i = 0; - X509_REVOKED *revoke_tmp = NULL; - x509_revoked_object *revoke_obj = NULL; - PyObject *item = NULL, *result_list = NULL, *result_tuple = NULL; + int no_entries = 0, inlist = 0, i = 0; + X509_REVOKED *revoke_tmp = NULL; + x509_revoked_object *revoke_obj = NULL; + PyObject *item = NULL, *result_list = NULL, *result_tuple = NULL; + + no_entries = sk_X509_REVOKED_num(revoked); - no_entries = sk_X509_REVOKED_num( revoked ); + if ((result_list = PyList_New(0)) == NULL) + lose("could not allocate memory"); - if ( !(result_list = PyList_New(0) ) ) + for (i = 0; i < no_entries; i++) { + if ((revoke_obj = PyObject_New(x509_revoked_object, &x509_revokedtype)) == NULL) lose("could not allocate memory"); - for(i = 0; i < no_entries; i++) - { - if ( !(revoke_obj = PyObject_New( x509_revoked_object, &x509_revokedtype ) ) ) - lose("could not allocate memory"); + if ((revoke_tmp = sk_X509_REVOKED_value(revoked, i)) == NULL) + lose("could not get revocation"); - if ( !(revoke_tmp = sk_X509_REVOKED_value( revoked, i ) ) ) - lose("could not get revocation"); + revoke_obj->revoked = revoke_tmp; - revoke_obj->revoked = revoke_tmp; + if (PyList_Append(result_list, (PyObject*) revoke_obj) != 0) + goto error; - if ( PyList_Append( result_list, (PyObject*)revoke_obj ) != 0) - goto error; + revoke_obj = NULL; revoke_tmp = NULL; + } - revoke_obj = NULL; revoke_tmp = NULL; - } + result_tuple = PyList_AsTuple(result_list); + Py_DECREF(result_list); - result_tuple = PyList_AsTuple( result_list ); - Py_DECREF(result_list); - - return Py_BuildValue("O", result_tuple); + return Py_BuildValue("O", result_tuple); -error: + error: - if (result_list) - { - inlist = PyList_Size( result_list ); - for (i = 0; i < inlist; i++) - { - item = PyList_GetItem( result_list, i ); - Py_DECREF(item); - } - Py_DECREF(result_list); - } + if (result_list) { + inlist = PyList_Size(result_list); + for (i = 0; i < inlist; i++) { + item = PyList_GetItem(result_list, i); + Py_DECREF(item); + } + Py_DECREF(result_list); + } - return NULL; + return NULL; } -static char x509_crl_object_get_revoked__doc__[] = +static char x509_crl_object_get_revoked__doc__[] = "<method>\n" " <header>\n" " <memberof>X509Crl</memberof>\n" @@ -2830,10 +2797,10 @@ static char x509_crl_object_get_revoked__doc__[] = "\n" " publicKey = POW.pemRead(POW.RSA_PUBLIC_KEY, publicFile.read())\n" "\n" -" crl = POW.pemRead( POW.X509_CRL, crlFile.read() )\n" +" crl = POW.pemRead(POW.X509_CRL, crlFile.read())\n" "\n" " print crl.pprint()\n" -" if crl.verify( publicKey ):\n" +" if crl.verify(publicKey):\n" " print 'signature ok!'\n" " else:\n" " print 'signature not ok!'\n" @@ -2841,7 +2808,7 @@ static char x509_crl_object_get_revoked__doc__[] = " revocations = crl.getRevoked()\n" " for revoked in revocations:\n" " print 'serial number:', revoked.getSerial()\n" -" print 'date:', time.ctime( revoked.getDate()[0] )\n" +" print 'date:', time.ctime(revoked.getDate()[0])\n" "\n" " publicFile.close()\n" " crlFile.close()\n" @@ -2855,21 +2822,17 @@ static char x509_crl_object_get_revoked__doc__[] = static PyObject * x509_crl_object_get_revoked(x509_crl_object *self, PyObject *args) { - PyObject *revoked = NULL; - - if (!PyArg_ParseTuple(args, "")) - goto error; - - revoked = x509_crl_object_helper_get_revoked( X509_CRL_get_REVOKED(self->crl) ); + if (!PyArg_ParseTuple(args, "")) + goto error; - return revoked; + return x509_crl_object_helper_get_revoked(X509_CRL_get_REVOKED(self->crl)); -error: + error: - return NULL; + return NULL; } -static char X509_crl_object_add_extension__doc__[] = +static char X509_crl_object_add_extension__doc__[] = "<method>\n" " <header>\n" " <memberof>X509Crl</memberof>\n" @@ -2897,18 +2860,18 @@ static char X509_crl_object_add_extension__doc__[] = " oids = POW.pkix.OidData()\n" " o2i = oids.obj2oid\n" "\n" -" n1 = ('directoryName', ( (( o2i('countryName'), ('printableString', 'UK') ),), \n" -" (( o2i('stateOrProvinceName'), ('printableString', 'Herts') ),), \n" -" (( o2i('organizationName'), ('printableString', 'The House') ),),\n" -" (( o2i('commonName'), ('printableString', 'Shannon Works') ),) ) ) \n" +" n1 = ('directoryName', (((o2i('countryName'), ('printableString', 'UK')),),\n" +" ((o2i('stateOrProvinceName'), ('printableString', 'Herts')),),\n" +" ((o2i('organizationName'), ('printableString', 'The House')),),\n" +" ((o2i('commonName'), ('printableString', 'Shannon Works')),)))\n" "\n" " n2 = ('rfc822Name', 'peter_shannon@yahoo.com')\n" -" n3 = ('uri', 'http://www.p-s.org.uk') \n" -" n4 = ('iPAddress', (192,168,100,51)) \n" +" n3 = ('uri', 'http://www.p-s.org.uk')\n" +" n4 = ('iPAddress', (192,168,100,51))\n" "\n" " issuer = POW.pkix.IssuerAltName()\n" -" issuer.set([n1,n2,n3,n4]) \n" -" crl.addExtension( 'issuerAltName', 0, issuer.toString() )\n" +" issuer.set([n1,n2,n3,n4])\n" +" crl.addExtension('issuerAltName', 0, issuer.toString())\n" " </programlisting>\n" " </example>\n" " </body>\n" @@ -2918,42 +2881,42 @@ static char X509_crl_object_add_extension__doc__[] = static PyObject * X509_crl_object_add_extension(x509_crl_object *self, PyObject *args) { - int critical = 0, nid = 0, len = 0; - char *name = NULL; - unsigned char *buf = NULL; - ASN1_OCTET_STRING *octetString = NULL; - X509_EXTENSION *extn = NULL; + int critical = 0, nid = 0, len = 0; + char *name = NULL; + unsigned char *buf = NULL; + ASN1_OCTET_STRING *octetString = NULL; + X509_EXTENSION *extn = NULL; - if (!PyArg_ParseTuple(args, "sis#", &name, &critical, &buf, &len)) - goto error; + if (!PyArg_ParseTuple(args, "sis#", &name, &critical, &buf, &len)) + goto error; - if ( !(octetString = M_ASN1_OCTET_STRING_new() ) ) - lose("could not allocate memory"); + if ((octetString = M_ASN1_OCTET_STRING_new()) == NULL) + lose("could not allocate memory"); + + if (!ASN1_OCTET_STRING_set(octetString, buf, len)) + lose("could not set ASN1 Octect string"); - if ( !ASN1_OCTET_STRING_set(octetString, buf, len) ) - lose("could not set ASN1 Octect string"); + if ((nid = OBJ_txt2nid(name)) == NID_undef) + lose("extension has unknown object identifier"); - if ( NID_undef == (nid = OBJ_txt2nid(name) ) ) - lose("extension has unknown object identifier"); + if ((extn = X509_EXTENSION_create_by_NID(NULL, nid, critical, octetString)) == NULL) + lose("unable to create ASN1 X509 Extension object"); - if ( !( extn = X509_EXTENSION_create_by_NID(NULL, nid, critical, octetString) ) ) - lose("unable to create ASN1 X509 Extension object"); + if (!self->crl->crl->extensions && + (self->crl->crl->extensions = sk_X509_EXTENSION_new_null()) == NULL) + lose("unable to allocate memory"); - if (!self->crl->crl->extensions) - if ( !(self->crl->crl->extensions = sk_X509_EXTENSION_new_null() ) ) - lose("unable to allocate memory"); + if (!sk_X509_EXTENSION_push(self->crl->crl->extensions, extn)) + lose("unable to add extension"); - if ( !sk_X509_EXTENSION_push(self->crl->crl->extensions, extn) ) - lose("unable to add extension"); + return Py_BuildValue(""); - return Py_BuildValue(""); + error: -error: + if (extn) + X509_EXTENSION_free(extn); - if(extn) - X509_EXTENSION_free(extn); - - return NULL; + return NULL; } static char X509_crl_object_clear_extensions__doc__[] = @@ -2974,20 +2937,19 @@ static char X509_crl_object_clear_extensions__doc__[] = static PyObject * X509_crl_object_clear_extensions(x509_crl_object *self, PyObject *args) { - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - if (self->crl->crl->extensions) - { - sk_X509_EXTENSION_free(self->crl->crl->extensions); - self->crl->crl->extensions = NULL; - } + if (self->crl->crl->extensions) { + sk_X509_EXTENSION_free(self->crl->crl->extensions); + self->crl->crl->extensions = NULL; + } - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static char X509_crl_object_count_extensions__doc__[] = @@ -3008,21 +2970,19 @@ static char X509_crl_object_count_extensions__doc__[] = static PyObject * X509_crl_object_count_extensions(x509_crl_object *self, PyObject *args) { - int num = 0; - if (!PyArg_ParseTuple(args, "")) - goto error; + int num = 0; + + if (!PyArg_ParseTuple(args, "")) + goto error; + + if (self->crl->crl->extensions) + num = sk_X509_EXTENSION_num(self->crl->crl->extensions); - if (self->crl->crl->extensions) - { - num = sk_X509_EXTENSION_num(self->crl->crl->extensions); - return Py_BuildValue("i", num); - } - else - return Py_BuildValue("i", 0); + return Py_BuildValue("i", num); -error: + error: - return NULL; + return NULL; } static char X509_crl_object_get_extension__doc__[] = @@ -3044,40 +3004,38 @@ static char X509_crl_object_get_extension__doc__[] = static PyObject * X509_crl_object_get_extension(x509_crl_object *self, PyObject *args) { - int num = 0, index = 0, ext_nid = 0; - char const *ext_ln = NULL; - char unknown_ext [] = "unknown"; - X509_EXTENSION *ext; - if (!PyArg_ParseTuple(args, "i", &index)) - goto error; + int num = 0, index = 0, ext_nid = 0; + char const *ext_ln = NULL; + char unknown_ext [] = "unknown"; + X509_EXTENSION *ext; + + if (!PyArg_ParseTuple(args, "i", &index)) + goto error; + + if (self->crl->crl->extensions) + num = sk_X509_EXTENSION_num(self->crl->crl->extensions); - if (self->crl->crl->extensions) - { - num = sk_X509_EXTENSION_num(self->crl->crl->extensions); - } - else - num = 0; - if (index >= num) - lose("certificate does not have that many extensions"); + if (index >= num) + lose("certificate does not have that many extensions"); - if ( !(ext = sk_X509_EXTENSION_value(self->crl->crl->extensions, index) ) ) - lose("could not get extension"); + if ((ext = sk_X509_EXTENSION_value(self->crl->crl->extensions, index)) == NULL) + lose("could not get extension"); - if ( NID_undef == (ext_nid = OBJ_obj2nid(ext->object) ) ) - lose("extension has unknown object identifier"); + if ((ext_nid = OBJ_obj2nid(ext->object)) == NID_undef) + lose("extension has unknown object identifier"); - if ( NULL == (ext_ln = OBJ_nid2sn(ext_nid) ) ) - ext_ln = unknown_ext; + if ((ext_ln = OBJ_nid2sn(ext_nid)) == NULL) + ext_ln = unknown_ext; - return Py_BuildValue("sis#", ext_ln, ext->critical, ext->value->data, ext->value->length ); + return Py_BuildValue("sis#", ext_ln, ext->critical, ext->value->data, ext->value->length); -error: + error: - return NULL; + return NULL; } -static char x509_crl_object_sign__doc__[] = +static char x509_crl_object_sign__doc__[] = "<method>\n" " <header>\n" " <memberof>X509Crl</memberof>\n" @@ -3089,8 +3047,8 @@ static char x509_crl_object_sign__doc__[] = " <para>\n" " <parameter>key</parameter> should be an instance of\n" " <classname>Asymmetric</classname> and contain a private key.\n" -" <parameter>digest</parameter> indicates \n" -" which digest function should be used to compute the hash to be \n" +" <parameter>digest</parameter> indicates\n" +" which digest function should be used to compute the hash to be\n" " signed, it should be one of the following:\n" " </para>\n" " <simplelist>\n" @@ -3110,82 +3068,72 @@ static char x509_crl_object_sign__doc__[] = static PyObject * x509_crl_object_sign(x509_crl_object *self, PyObject *args) { - EVP_PKEY *pkey = NULL; - asymmetric_object *asym; - int digest = MD5_DIGEST; + EVP_PKEY *pkey = NULL; + asymmetric_object *asym; + int digest = MD5_DIGEST; - if (!PyArg_ParseTuple(args, "O!|i", &asymmetrictype, &asym, &digest)) - goto error; + if (!PyArg_ParseTuple(args, "O!|i", &asymmetrictype, &asym, &digest)) + goto error; - if ( !(pkey = EVP_PKEY_new() ) ) - lose("could not allocate memory"); + if ((pkey = EVP_PKEY_new()) == NULL) + lose("could not allocate memory"); - if (asym->key_type != RSA_PRIVATE_KEY) - lose("cannot use this type of key"); + if (asym->key_type != RSA_PRIVATE_KEY) + lose("cannot use this type of key"); - if ( !(EVP_PKEY_assign_RSA(pkey, asym->cipher) ) ) - lose("EVP_PKEY assignment error"); + if (!EVP_PKEY_assign_RSA(pkey, asym->cipher)) + lose("EVP_PKEY assignment error"); - switch (digest) - { - case MD5_DIGEST: - { - if (!X509_CRL_sign(self->crl, pkey, EVP_md5() ) ) - lose("could not sign certificate"); - break; - } - case MD2_DIGEST: - { - if (!X509_CRL_sign(self->crl, pkey, EVP_md2() ) ) - lose("could not sign certificate"); - break; - } - case SHA_DIGEST: - { - if (!X509_CRL_sign(self->crl, pkey, EVP_sha() ) ) - lose("could not sign certificate"); - break; - } - case SHA1_DIGEST: - { - if (!X509_CRL_sign(self->crl, pkey, EVP_sha1() ) ) - lose("could not sign certificate"); - break; - } - case RIPEMD160_DIGEST: - { - if (!X509_CRL_sign(self->crl, pkey, EVP_ripemd160() ) ) - lose("could not sign certificate"); - break; - } - case SHA256_DIGEST: - { - if (!X509_CRL_sign(self->crl, pkey, EVP_sha256() ) ) - lose("could not sign certificate"); - break; - } - case SHA384_DIGEST: - { - if (!X509_CRL_sign(self->crl, pkey, EVP_sha384() ) ) - lose("could not sign certificate"); - break; - } - case SHA512_DIGEST: - { - if (!X509_CRL_sign(self->crl, pkey, EVP_sha512() ) ) - lose("could not sign certificate"); - break; - } - } + switch (digest) { + case MD5_DIGEST: + if (!X509_CRL_sign(self->crl, pkey, EVP_md5())) + lose("could not sign CRL"); + break; + + case MD2_DIGEST: + if (!X509_CRL_sign(self->crl, pkey, EVP_md2())) + lose("could not sign CRL"); + break; + + case SHA_DIGEST: + if (!X509_CRL_sign(self->crl, pkey, EVP_sha())) + lose("could not sign CRL"); + break; + + case SHA1_DIGEST: + if (!X509_CRL_sign(self->crl, pkey, EVP_sha1())) + lose("could not sign CRL"); + break; + + case RIPEMD160_DIGEST: + if (!X509_CRL_sign(self->crl, pkey, EVP_ripemd160())) + lose("could not sign CRL"); + break; + + case SHA256_DIGEST: + if (!X509_CRL_sign(self->crl, pkey, EVP_sha256())) + lose("could not sign CRL"); + break; - return Py_BuildValue(""); + case SHA384_DIGEST: + if (!X509_CRL_sign(self->crl, pkey, EVP_sha384())) + lose("could not sign CRL"); + break; -error: + case SHA512_DIGEST: + if (!X509_CRL_sign(self->crl, pkey, EVP_sha512())) + lose("could not sign CRL"); + break; + } - if (pkey) - EVP_PKEY_free(pkey); + return Py_BuildValue(""); - return NULL; + error: + + if (pkey) + EVP_PKEY_free(pkey); + + return NULL; } @@ -3214,82 +3162,84 @@ static char x509_crl_object_verify__doc__[] = static PyObject * x509_crl_object_verify(x509_crl_object *self, PyObject *args) { - int result = 0; - EVP_PKEY *pkey = NULL; - asymmetric_object *asym; + int result = 0; + EVP_PKEY *pkey = NULL; + asymmetric_object *asym; - if (!PyArg_ParseTuple(args, "O!", &asymmetrictype, &asym)) - goto error; + if (!PyArg_ParseTuple(args, "O!", &asymmetrictype, &asym)) + goto error; - if ( !(pkey = EVP_PKEY_new() ) ) - lose("could not allocate memory"); + if ((pkey = EVP_PKEY_new()) == NULL) + lose("could not allocate memory"); - if ( !(EVP_PKEY_assign_RSA(pkey, asym->cipher) ) ) - lose("EVP_PKEY assignment error"); + if (!EVP_PKEY_assign_RSA(pkey, asym->cipher)) + lose("EVP_PKEY assignment error"); - result = X509_CRL_verify(self->crl,pkey); + result = X509_CRL_verify(self->crl,pkey); - return Py_BuildValue("i", result); + return Py_BuildValue("i", result); -error: + error: - if (pkey) - EVP_PKEY_free(pkey); + if (pkey) + EVP_PKEY_free(pkey); - return NULL; + return NULL; } static PyObject * x509_crl_object_write_helper(x509_crl_object *self, PyObject *args, int format) { - int len = 0, ret = 0; - char *buf = NULL; - BIO *out_bio = NULL; - PyObject *cert = NULL; - - if (!PyArg_ParseTuple(args, "")) - goto error; + int len = 0, ret = 0; + char *buf = NULL; + BIO *out_bio = NULL; + PyObject *cert = NULL; + + if (!PyArg_ParseTuple(args, "")) + goto error; - out_bio = BIO_new(BIO_s_mem()); + out_bio = BIO_new(BIO_s_mem()); - if (format == DER_FORMAT) - { - if (!i2d_X509_CRL_bio(out_bio, self->crl) ) - lose("unable to write certificate"); - } - else if (format == PEM_FORMAT) - { - if (!PEM_write_bio_X509_CRL(out_bio, self->crl) ) - lose("unable to write certificate"); - } - else - lose("internal error, unknown output format"); + switch (format) { - if ( !(len = BIO_ctrl_pending(out_bio) ) ) - lose("unable to get bytes stored in bio"); + case DER_FORMAT: + if (!i2d_X509_CRL_bio(out_bio, self->crl)) + lose("unable to write certificate"); + break; - if ( !(buf = malloc(len) ) ) - lose("unable to allocate memory"); + case PEM_FORMAT: + if (!PEM_write_bio_X509_CRL(out_bio, self->crl)) + lose("unable to write certificate"); - if ( (ret = BIO_read( out_bio, buf, len ) ) != len ) - lose("unable to write out cert"); + default: + lose("internal error, unknown output format"); + } - cert = Py_BuildValue("s#", buf, len); + if ((len = BIO_ctrl_pending(out_bio)) == 0) + lose("unable to get bytes stored in bio"); - BIO_free(out_bio); - free(buf); - return cert; - -error: + if ((buf = malloc(len)) == NULL) + lose("unable to allocate memory"); - if (out_bio) - BIO_free(out_bio); + if ((ret = BIO_read(out_bio, buf, len)) != len) + lose("unable to write out cert"); - if (buf) - free(buf); + cert = Py_BuildValue("s#", buf, len); - return NULL; + BIO_free(out_bio); + free(buf); + return cert; + + error: + + if (out_bio) + BIO_free(out_bio); + + if (buf) + free(buf); + + return NULL; } static char x509_crl_object_pem_write__doc__[] = @@ -3310,10 +3260,10 @@ static char x509_crl_object_pem_write__doc__[] = static PyObject * x509_crl_object_pem_write(x509_crl_object *self, PyObject *args) { - return x509_crl_object_write_helper(self, args, PEM_FORMAT); + return x509_crl_object_write_helper(self, args, PEM_FORMAT); } -static char x509_crl_object_der_write__doc__[] = +static char x509_crl_object_der_write__doc__[] = "<method>\n" " <header>\n" " <memberof>X509Crl</memberof>\n" @@ -3330,7 +3280,7 @@ static char x509_crl_object_der_write__doc__[] = static PyObject * x509_crl_object_der_write(x509_crl_object *self, PyObject *args) { - return x509_crl_object_write_helper(self, args, DER_FORMAT); + return x509_crl_object_write_helper(self, args, DER_FORMAT); } static char x509_crl_object_pprint__doc__[] = @@ -3351,81 +3301,81 @@ static char x509_crl_object_pprint__doc__[] = static PyObject * x509_crl_object_pprint(x509_crl_object *self, PyObject *args) { - int len = 0, ret = 0; - char *buf = NULL; - BIO *out_bio = NULL; - PyObject *crl = NULL; - - if (!PyArg_ParseTuple(args, "")) - goto error; + int len = 0, ret = 0; + char *buf = NULL; + BIO *out_bio = NULL; + PyObject *crl = NULL; + + if (!PyArg_ParseTuple(args, "")) + goto error; - out_bio = BIO_new(BIO_s_mem()); + out_bio = BIO_new(BIO_s_mem()); - if (!X509_CRL_print(out_bio, self->crl) ) - lose("unable to write crl"); + if (!X509_CRL_print(out_bio, self->crl)) + lose("unable to write crl"); - if ( !(len = BIO_ctrl_pending(out_bio) ) ) - lose("unable to get bytes stored in bio"); + if ((len = BIO_ctrl_pending(out_bio)) == 0) + lose("unable to get bytes stored in bio"); - if ( !(buf = malloc(len) ) ) - lose("unable to allocate memory"); + if ((buf = malloc(len)) == NULL) + lose("unable to allocate memory"); - if ( (ret = BIO_read( out_bio, buf, len ) ) != len ) - lose("unable to write out cert"); + if ((ret = BIO_read(out_bio, buf, len)) != len) + lose("unable to write out cert"); - crl = Py_BuildValue("s#", buf, len); + crl = Py_BuildValue("s#", buf, len); - BIO_free(out_bio); - free(buf); - return crl; - -error: + BIO_free(out_bio); + free(buf); + return crl; - if (out_bio) - BIO_free(out_bio); + error: - if (buf) - free(buf); + if (out_bio) + BIO_free(out_bio); - return NULL; + if (buf) + free(buf); + + return NULL; } static struct PyMethodDef x509_crl_object_methods[] = { - {"sign", (PyCFunction)x509_crl_object_sign, METH_VARARGS, NULL}, - {"verify", (PyCFunction)x509_crl_object_verify, METH_VARARGS, NULL}, - {"getVersion", (PyCFunction)x509_crl_object_get_version, METH_VARARGS, NULL}, - {"setVersion", (PyCFunction)x509_crl_object_set_version, METH_VARARGS, NULL}, - {"getIssuer", (PyCFunction)x509_crl_object_get_issuer, METH_VARARGS, NULL}, - {"setIssuer", (PyCFunction)x509_crl_object_set_issuer, METH_VARARGS, NULL}, - {"getThisUpdate", (PyCFunction)x509_crl_object_get_this_update, METH_VARARGS, NULL}, - {"setThisUpdate", (PyCFunction)x509_crl_object_set_this_update, METH_VARARGS, NULL}, - {"getNextUpdate", (PyCFunction)x509_crl_object_get_next_update, METH_VARARGS, NULL}, - {"setNextUpdate", (PyCFunction)x509_crl_object_set_next_update, METH_VARARGS, NULL}, - {"setRevoked", (PyCFunction)x509_crl_object_set_revoked, METH_VARARGS, NULL}, - {"getRevoked", (PyCFunction)x509_crl_object_get_revoked, METH_VARARGS, NULL}, - {"addExtension", (PyCFunction)X509_crl_object_add_extension, METH_VARARGS, NULL}, - {"clearExtensions",(PyCFunction)X509_crl_object_clear_extensions, METH_VARARGS, NULL}, - {"countExtensions",(PyCFunction)X509_crl_object_count_extensions, METH_VARARGS, NULL}, - {"getExtension", (PyCFunction)X509_crl_object_get_extension, METH_VARARGS, NULL}, - {"pemWrite", (PyCFunction)x509_crl_object_pem_write, METH_VARARGS, NULL}, - {"derWrite", (PyCFunction)x509_crl_object_der_write, METH_VARARGS, NULL}, - {"pprint", (PyCFunction)x509_crl_object_pprint, METH_VARARGS, NULL}, - - {NULL, NULL} /* sentinel */ + {"sign", (PyCFunction)x509_crl_object_sign, METH_VARARGS, NULL}, + {"verify", (PyCFunction)x509_crl_object_verify, METH_VARARGS, NULL}, + {"getVersion", (PyCFunction)x509_crl_object_get_version, METH_VARARGS, NULL}, + {"setVersion", (PyCFunction)x509_crl_object_set_version, METH_VARARGS, NULL}, + {"getIssuer", (PyCFunction)x509_crl_object_get_issuer, METH_VARARGS, NULL}, + {"setIssuer", (PyCFunction)x509_crl_object_set_issuer, METH_VARARGS, NULL}, + {"getThisUpdate", (PyCFunction)x509_crl_object_get_this_update, METH_VARARGS, NULL}, + {"setThisUpdate", (PyCFunction)x509_crl_object_set_this_update, METH_VARARGS, NULL}, + {"getNextUpdate", (PyCFunction)x509_crl_object_get_next_update, METH_VARARGS, NULL}, + {"setNextUpdate", (PyCFunction)x509_crl_object_set_next_update, METH_VARARGS, NULL}, + {"setRevoked", (PyCFunction)x509_crl_object_set_revoked, METH_VARARGS, NULL}, + {"getRevoked", (PyCFunction)x509_crl_object_get_revoked, METH_VARARGS, NULL}, + {"addExtension", (PyCFunction)X509_crl_object_add_extension, METH_VARARGS, NULL}, + {"clearExtensions", (PyCFunction)X509_crl_object_clear_extensions, METH_VARARGS, NULL}, + {"countExtensions", (PyCFunction)X509_crl_object_count_extensions, METH_VARARGS, NULL}, + {"getExtension", (PyCFunction)X509_crl_object_get_extension, METH_VARARGS, NULL}, + {"pemWrite", (PyCFunction)x509_crl_object_pem_write, METH_VARARGS, NULL}, + {"derWrite", (PyCFunction)x509_crl_object_der_write, METH_VARARGS, NULL}, + {"pprint", (PyCFunction)x509_crl_object_pprint, METH_VARARGS, NULL}, + + {NULL} /* sentinel */ }; static PyObject * x509_crl_object_getattr(x509_crl_object *self, char *name) { - return Py_FindMethod(x509_crl_object_methods, (PyObject *)self, name); + return Py_FindMethod(x509_crl_object_methods, (PyObject *)self, name); } static void x509_crl_object_dealloc(x509_crl_object *self, char *name) { - X509_CRL_free( self->crl ); - PyObject_Del(self); + X509_CRL_free(self->crl); + PyObject_Del(self); } static char x509_crltype__doc__[] = @@ -3471,19 +3421,19 @@ static PyTypeObject x509_crltype = { /*========== revoked Code ==========*/ x509_revoked_object* x509_revoked_object_new(void) { - x509_revoked_object *self = NULL; + x509_revoked_object *self = NULL; - if ( !(self = PyObject_New( x509_revoked_object, &x509_revokedtype ) ) ) - goto error; + if ((self = PyObject_New(x509_revoked_object, &x509_revokedtype)) == NULL) + goto error; - self->revoked = X509_REVOKED_new(); + self->revoked = X509_REVOKED_new(); - return self; + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } static char x509_revoked_object_set_serial__doc__[] = @@ -3506,22 +3456,22 @@ static char x509_revoked_object_set_serial__doc__[] = static PyObject * x509_revoked_object_set_serial(x509_revoked_object *self, PyObject *args) { - int serial = 0; + int serial = 0; - if (!PyArg_ParseTuple(args, "i", &serial)) - goto error; + if (!PyArg_ParseTuple(args, "i", &serial)) + goto error; - if (!ASN1_INTEGER_set( self->revoked->serialNumber, serial ) ) - lose("unable to set serial number"); + if (!ASN1_INTEGER_set(self->revoked->serialNumber, serial)) + lose("unable to set serial number"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } -static char x509_revoked_object_get_serial__doc__[] = +static char x509_revoked_object_get_serial__doc__[] = "<method>\n" " <header>\n" " <memberof>X509Revoked</memberof>\n" @@ -3539,19 +3489,19 @@ static char x509_revoked_object_get_serial__doc__[] = static PyObject * x509_revoked_object_get_serial(x509_revoked_object *self, PyObject *args) { - int serial = 0; + int serial = 0; - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - if ( (serial = ASN1_INTEGER_get( self->revoked->serialNumber ) ) == -1 ) - lose("unable to get serial number"); + if ((serial = ASN1_INTEGER_get(self->revoked->serialNumber)) == -1) + lose("unable to get serial number"); - return Py_BuildValue("i", serial); + return Py_BuildValue("i", serial); -error: + error: - return NULL; + return NULL; } static char x509_revoked_object_get_date__doc__[] = @@ -3575,14 +3525,14 @@ static char x509_revoked_object_get_date__doc__[] = static PyObject * x509_revoked_object_get_date(x509_revoked_object *self, PyObject *args) { - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - return Py_BuildValue("s", self->revoked->revocationDate->data); + return Py_BuildValue("s", self->revoked->revocationDate->data); -error: + error: - return NULL; + return NULL; } static char x509_revoked_object_set_date__doc__[] = @@ -3607,19 +3557,19 @@ static char x509_revoked_object_set_date__doc__[] = static PyObject * x509_revoked_object_set_date(x509_revoked_object *self, PyObject *args) { - char *time = NULL; + char *time = NULL; - if (!PyArg_ParseTuple(args, "s", &time)) - goto error; + if (!PyArg_ParseTuple(args, "s", &time)) + goto error; - if (!ASN1_UTCTIME_set_string( self->revoked->revocationDate, time )) - lose_type_error("could not set revocationDate"); + if (!ASN1_UTCTIME_set_string(self->revoked->revocationDate, time)) + lose_type_error("could not set revocationDate"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static char X509_revoked_object_add_extension__doc__[] = @@ -3648,8 +3598,8 @@ static char X509_revoked_object_add_extension__doc__[] = " <title><function>addExtension</function> method usage</title>\n" " <programlisting>\n" " reason = POW.pkix.CrlReason()\n" -" reason.set(1) \n" -" revocation.addExtension( 'CRLReason', 0, reason.toString() )\n" +" reason.set(1)\n" +" revocation.addExtension('CRLReason', 0, reason.toString())\n" " </programlisting>\n" " </example>\n" " </body>\n" @@ -3659,42 +3609,41 @@ static char X509_revoked_object_add_extension__doc__[] = static PyObject * X509_revoked_object_add_extension(x509_revoked_object *self, PyObject *args) { - int critical = 0, nid = 0, len = 0; - char *name = NULL; - unsigned char *buf = NULL; - ASN1_OCTET_STRING *octetString = NULL; - X509_EXTENSION *extn = NULL; + int critical = 0, nid = 0, len = 0; + char *name = NULL; + unsigned char *buf = NULL; + ASN1_OCTET_STRING *octetString = NULL; + X509_EXTENSION *extn = NULL; - if (!PyArg_ParseTuple(args, "sis#", &name, &critical, &buf, &len)) - goto error; + if (!PyArg_ParseTuple(args, "sis#", &name, &critical, &buf, &len)) + goto error; - if ( !(octetString = M_ASN1_OCTET_STRING_new() ) ) - lose("could not allocate memory"); + if ((octetString = M_ASN1_OCTET_STRING_new()) == NULL) + lose("could not allocate memory"); - if ( !ASN1_OCTET_STRING_set(octetString, buf, strlen((char *) buf)) ) - lose("could not set ASN1 Octect string"); + if (!ASN1_OCTET_STRING_set(octetString, buf, strlen((char *) buf))) + lose("could not set ASN1 Octect string"); - if ( NID_undef == (nid = OBJ_txt2nid(name) ) ) - lose("extension has unknown object identifier"); + if ((nid = OBJ_txt2nid(name)) == NID_undef) + lose("extension has unknown object identifier"); - if ( !( extn = X509_EXTENSION_create_by_NID(NULL, nid, critical, octetString) ) ) - lose("unable to create ASN1 X509 Extension object"); + if ((extn = X509_EXTENSION_create_by_NID(NULL, nid, critical, octetString)) == NULL) + lose("unable to create ASN1 X509 Extension object"); - if (!self->revoked->extensions) - if ( !(self->revoked->extensions = sk_X509_EXTENSION_new_null() ) ) - lose("unable to allocate memory"); + if (!self->revoked->extensions && (self->revoked->extensions = sk_X509_EXTENSION_new_null()) == NULL) + lose("unable to allocate memory"); - if ( !sk_X509_EXTENSION_push(self->revoked->extensions, extn) ) - lose("unable to add extension"); + if (!sk_X509_EXTENSION_push(self->revoked->extensions, extn)) + lose("unable to add extension"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - if(extn) - X509_EXTENSION_free(extn); - - return NULL; + if (extn) + X509_EXTENSION_free(extn); + + return NULL; } static char X509_revoked_object_clear_extensions__doc__[] = @@ -3715,23 +3664,22 @@ static char X509_revoked_object_clear_extensions__doc__[] = static PyObject * X509_revoked_object_clear_extensions(x509_revoked_object *self, PyObject *args) { - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - if (self->revoked->extensions) - { - sk_X509_EXTENSION_free(self->revoked->extensions); - self->revoked->extensions = NULL; - } + if (self->revoked->extensions) { + sk_X509_EXTENSION_free(self->revoked->extensions); + self->revoked->extensions = NULL; + } - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } -static char X509_revoked_object_count_extensions__doc__[] = +static char X509_revoked_object_count_extensions__doc__[] = "<method>\n" " <header>\n" " <memberof>X509Revoked</memberof>\n" @@ -3749,21 +3697,19 @@ static char X509_revoked_object_count_extensions__doc__[] = static PyObject * X509_revoked_object_count_extensions(x509_revoked_object *self, PyObject *args) { - int num = 0; - if (!PyArg_ParseTuple(args, "")) - goto error; + int num = 0; - if (self->revoked->extensions) - { - num = sk_X509_EXTENSION_num(self->revoked->extensions); - return Py_BuildValue("i", num); - } - else - return Py_BuildValue("i", 0); + if (!PyArg_ParseTuple(args, "")) + goto error; -error: + if (self->revoked->extensions) + num = sk_X509_EXTENSION_num(self->revoked->extensions); - return NULL; + return Py_BuildValue("i", num); + + error: + + return NULL; } static char X509_revoked_object_get_extension__doc__[] = @@ -3785,66 +3731,63 @@ static char X509_revoked_object_get_extension__doc__[] = static PyObject * X509_revoked_object_get_extension(x509_revoked_object *self, PyObject *args) { - int num = 0, index = 0, ext_nid = 0; - char const *ext_ln = NULL; - char unknown_ext [] = "unknown"; - X509_EXTENSION *ext; - if (!PyArg_ParseTuple(args, "i", &index)) - goto error; + int num = 0, index = 0, ext_nid = 0; + char const *ext_ln = NULL; + char unknown_ext [] = "unknown"; + X509_EXTENSION *ext; - if (self->revoked->extensions) - { - num = sk_X509_EXTENSION_num(self->revoked->extensions); - } - else - num = 0; + if (!PyArg_ParseTuple(args, "i", &index)) + goto error; - if (index >= num) - lose("certificate does not have that many extensions"); + if (self->revoked->extensions) + num = sk_X509_EXTENSION_num(self->revoked->extensions); - if ( !(ext = sk_X509_EXTENSION_value(self->revoked->extensions, index) ) ) - lose("could not get extension"); + if (index >= num) + lose("certificate does not have that many extensions"); - if ( NID_undef == (ext_nid = OBJ_obj2nid(ext->object) ) ) - lose("extension has unknown object identifier"); + if ((ext = sk_X509_EXTENSION_value(self->revoked->extensions, index)) == NULL) + lose("could not get extension"); - if ( NULL == (ext_ln = OBJ_nid2sn(ext_nid) ) ) - ext_ln = unknown_ext; + if ((ext_nid = OBJ_obj2nid(ext->object)) == NID_undef) + lose("extension has unknown object identifier"); - return Py_BuildValue("sis#", ext_ln, ext->critical, ext->value->data, ext->value->length ); + if ((ext_ln = OBJ_nid2sn(ext_nid)) == NULL) + ext_ln = unknown_ext; -error: + return Py_BuildValue("sis#", ext_ln, ext->critical, ext->value->data, ext->value->length); - return NULL; + error: + + return NULL; } static struct PyMethodDef x509_revoked_object_methods[] = { - {"getSerial", (PyCFunction)x509_revoked_object_get_serial, METH_VARARGS, NULL}, - {"setSerial", (PyCFunction)x509_revoked_object_set_serial, METH_VARARGS, NULL}, - {"getDate", (PyCFunction)x509_revoked_object_get_date, METH_VARARGS, NULL}, - {"setDate", (PyCFunction)x509_revoked_object_set_date, METH_VARARGS, NULL}, - {"addExtension", (PyCFunction)X509_revoked_object_add_extension, METH_VARARGS, NULL}, - {"clearExtensions",(PyCFunction)X509_revoked_object_clear_extensions, METH_VARARGS, NULL}, - {"countExtensions",(PyCFunction)X509_revoked_object_count_extensions, METH_VARARGS, NULL}, - {"getExtension", (PyCFunction)X509_revoked_object_get_extension, METH_VARARGS, NULL}, - - {NULL, NULL} /* sentinel */ + {"getSerial", (PyCFunction)x509_revoked_object_get_serial, METH_VARARGS, NULL}, + {"setSerial", (PyCFunction)x509_revoked_object_set_serial, METH_VARARGS, NULL}, + {"getDate", (PyCFunction)x509_revoked_object_get_date, METH_VARARGS, NULL}, + {"setDate", (PyCFunction)x509_revoked_object_set_date, METH_VARARGS, NULL}, + {"addExtension", (PyCFunction)X509_revoked_object_add_extension, METH_VARARGS, NULL}, + {"clearExtensions", (PyCFunction)X509_revoked_object_clear_extensions, METH_VARARGS, NULL}, + {"countExtensions", (PyCFunction)X509_revoked_object_count_extensions, METH_VARARGS, NULL}, + {"getExtension", (PyCFunction)X509_revoked_object_get_extension, METH_VARARGS, NULL}, + + {NULL} /* sentinel */ }; static PyObject * x509_revoked_object_getattr(x509_revoked_object *self, char *name) { - return Py_FindMethod(x509_revoked_object_methods, (PyObject *)self, name); + return Py_FindMethod(x509_revoked_object_methods, (PyObject *) self, name); } static void x509_revoked_object_dealloc(x509_revoked_object *self, char *name) { - X509_REVOKED_free( self->revoked ); - PyObject_Del(self); + X509_REVOKED_free(self->revoked); + PyObject_Del(self); } -static char x509_revokedtype__doc__[] = +static char x509_revokedtype__doc__[] = "<class>\n" " <header>\n" " <name>X509Revoked</name>\n" @@ -3891,7 +3834,7 @@ static PyTypeObject x509_revokedtype = { /*========== x509 revoked Code ==========*/ /*========== ssl Code ==========*/ -static char ssl_object_use_certificate__doc__[] = +static char ssl_object_use_certificate__doc__[] = "<method>\n" " <header>\n" " <memberof>Ssl</memberof>\n" @@ -3902,7 +3845,7 @@ static char ssl_object_use_certificate__doc__[] = " <para>\n" " The parameter <parameter>cert</parameter> must be an\n" " instance of the <classname>X590</classname> class and must be\n" -" called before <function>setFd</function>. \n" +" called before <function>setFd</function>.\n" " </para>\n" " </body>\n" "</method>\n" @@ -3911,55 +3854,55 @@ static char ssl_object_use_certificate__doc__[] = static PyObject * ssl_object_use_certificate(ssl_object *self, PyObject *args) { - x509_object *x509 = NULL; + x509_object *x509 = NULL; - if (!PyArg_ParseTuple(args, "O!", &x509type, &x509)) - goto error; + if (!PyArg_ParseTuple(args, "O!", &x509type, &x509)) + goto error; - if (self->ctxset) - lose("cannot be called after setFd()"); + if (self->ctxset) + lose("cannot be called after setFd()"); - if ( !SSL_CTX_use_certificate(self->ctx, x509->x509) ) - lose("could not use certificate"); + if (!SSL_CTX_use_certificate(self->ctx, x509->x509)) + lose("could not use certificate"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static PyObject * ssl_object_add_certificate(ssl_object *self, PyObject *args) { - x509_object *x509 = NULL; - X509 *x = NULL; + x509_object *x509 = NULL; + X509 *x = NULL; - if (!PyArg_ParseTuple(args, "O!", &x509type, &x509)) - goto error; + if (!PyArg_ParseTuple(args, "O!", &x509type, &x509)) + goto error; - if (self->ctxset) - lose("cannot be called after setFd()"); + if (self->ctxset) + lose("cannot be called after setFd()"); - if ( !(x = X509_dup(x509->x509)) ) - lose("could not duplicate X509 object"); + if ((x = X509_dup(x509->x509)) == NULL) + lose("could not duplicate X509 object"); - if ( !SSL_CTX_add_extra_chain_cert(self->ctx, x) ) - lose_openssl_error("could not add certificate"); + if (!SSL_CTX_add_extra_chain_cert(self->ctx, x)) + lose_openssl_error("could not add certificate"); - x = NULL; + x = NULL; - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - if (x) - X509_free(x); + if (x) + X509_free(x); - return NULL; + return NULL; } -static char ssl_object_use_key__doc__[] = +static char ssl_object_use_key__doc__[] = "<method>\n" " <header>\n" " <memberof>Ssl</memberof>\n" @@ -3970,7 +3913,7 @@ static char ssl_object_use_key__doc__[] = " <para>\n" " The parameter <parameter>key</parameter> must be an\n" " instance of the <classname>Asymmetric</classname> class and\n" -" must contain the private key. This function cannot be called \n" +" must contain the private key. This function cannot be called\n" " after <function>useKey</function>.\n" " </para>\n" " </body>\n" @@ -3980,38 +3923,38 @@ static char ssl_object_use_key__doc__[] = static PyObject * ssl_object_use_key(ssl_object *self, PyObject *args) { - asymmetric_object *asym = NULL; - EVP_PKEY *pkey = NULL; + asymmetric_object *asym = NULL; + EVP_PKEY *pkey = NULL; - if (!PyArg_ParseTuple(args, "O!", &asymmetrictype, &asym)) - goto error; + if (!PyArg_ParseTuple(args, "O!", &asymmetrictype, &asym)) + goto error; - if (self->ctxset) - lose("cannot be called after setFd()"); + if (self->ctxset) + lose("cannot be called after setFd()"); - if ( !(pkey = EVP_PKEY_new() ) ) - lose("could not allocate memory"); + if ((pkey = EVP_PKEY_new()) == NULL) + lose("could not allocate memory"); - if (asym->key_type != RSA_PRIVATE_KEY) - lose("cannot use this type of key"); + if (asym->key_type != RSA_PRIVATE_KEY) + lose("cannot use this type of key"); - if ( !EVP_PKEY_assign_RSA(pkey, asym->cipher) ) - lose("EVP_PKEY assignment error"); + if (!EVP_PKEY_assign_RSA(pkey, asym->cipher)) + lose("EVP_PKEY assignment error"); - if ( !SSL_CTX_use_PrivateKey(self->ctx, pkey) ) - lose("ctx key assignment error"); + if (!SSL_CTX_use_PrivateKey(self->ctx, pkey)) + lose("ctx key assignment error"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - if(pkey) - EVP_PKEY_free(pkey); + if(pkey) + EVP_PKEY_free(pkey); - return NULL; + return NULL; } -static char ssl_object_check_key__doc__[] = +static char ssl_object_check_key__doc__[] = "<method>\n" " <header>\n" " <memberof>Ssl</memberof>\n" @@ -4031,13 +3974,13 @@ static char ssl_object_check_key__doc__[] = static PyObject * ssl_object_check_key(ssl_object *self, PyObject *args) { - if ( SSL_CTX_check_private_key(self->ctx) ) - return Py_BuildValue("i", 1); - else - return Py_BuildValue("i", 0); + if (SSL_CTX_check_private_key(self->ctx)) + return Py_BuildValue("i", 1); + else + return Py_BuildValue("i", 0); } -static char ssl_object_set_fd__doc__[] = +static char ssl_object_set_fd__doc__[] = "<method>\n" " <header>\n" " <memberof>Ssl</memberof>\n" @@ -4059,29 +4002,29 @@ static char ssl_object_set_fd__doc__[] = static PyObject * ssl_object_set_fd(ssl_object *self, PyObject *args) { - int fd = 0, self_index = 0; - - if (!PyArg_ParseTuple(args, "i", &fd)) - goto error; + int fd = 0, self_index = 0; + + if (!PyArg_ParseTuple(args, "i", &fd)) + goto error; - if ( !(self->ssl = SSL_new( self->ctx ) ) ) - lose("unable to create ssl sturcture"); + if ((self->ssl = SSL_new(self->ctx)) == NULL) + lose("unable to create ssl sturcture"); - if ( !SSL_set_fd( self->ssl, fd ) ) - lose("unable to set file descriptor"); + if (!SSL_set_fd(self->ssl, fd)) + lose("unable to set file descriptor"); - if ( (self_index = SSL_get_ex_new_index(0, "self_index", NULL, NULL, NULL) ) != -1 ) - SSL_set_ex_data(self->ssl, self_index, self); - else - lose("unable to create ex data index"); + if ((self_index = SSL_get_ex_new_index(0, "self_index", NULL, NULL, NULL)) != -1) + SSL_set_ex_data(self->ssl, self_index, self); + else + lose("unable to create ex data index"); - self->ctxset = 1; + self->ctxset = 1; - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static char ssl_object_accept__doc__[] = @@ -4104,32 +4047,32 @@ static char ssl_object_accept__doc__[] = " <example>\n" " <title><function>accept</function> function usage</title>\n" " <programlisting>\n" -" keyFile = open( 'test/private.key', 'r' )\n" -" certFile = open( 'test/cacert.pem', 'r' )\n" +" keyFile = open('test/private.key', 'r')\n" +" certFile = open('test/cacert.pem', 'r')\n" "\n" -" rsa = POW.pemRead( POW.RSA_PRIVATE_KEY, keyFile.read(), 'pass' )\n" -" x509 = POW.pemRead( POW.X509_CERTIFICATE, certFile.read() )\n" +" rsa = POW.pemRead(POW.RSA_PRIVATE_KEY, keyFile.read(), 'pass')\n" +" x509 = POW.pemRead(POW.X509_CERTIFICATE, certFile.read())\n" "\n" " keyFile.close()\n" " certFile.close()\n" "\n" -" sl = POW.Ssl( POW.SSLV23_SERVER_METHOD )\n" -" sl.useCertificate( x509 )\n" -" sl.useKey( rsa )\n" +" sl = POW.Ssl(POW.SSLV23_SERVER_METHOD)\n" +" sl.useCertificate(x509)\n" +" sl.useKey(rsa)\n" "\n" -" s = socket.socket( socket.AF_INET, socket.SOCK_STREAM )\n" -" s.bind( ('localhost', 1111) )\n" +" s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n" +" s.bind(('localhost', 1111))\n" " s.listen(5)\n" " s2, addr = s.accept()\n" "\n" " s.close()\n" "\n" -" sl.setFd( s2.fileno() )\n" +" sl.setFd(s2.fileno())\n" " sl.accept()\n" " print sl.read(1024)\n" " sl.write('Message from server to client...')\n" "\n" -" s2.close() \n" +" s2.close()\n" " </programlisting>\n" " </example>\n" " </body>\n" @@ -4139,26 +4082,26 @@ static char ssl_object_accept__doc__[] = static PyObject * ssl_object_accept(ssl_object *self, PyObject *args) { - int ret = 0, err = 0; - - if (!PyArg_ParseTuple(args, "")) - goto error; + int ret = 0, err = 0; + + if (!PyArg_ParseTuple(args, "")) + goto error; - Py_BEGIN_ALLOW_THREADS - ret = SSL_accept( self->ssl ); - Py_END_ALLOW_THREADS + Py_BEGIN_ALLOW_THREADS; + ret = SSL_accept(self->ssl); + Py_END_ALLOW_THREADS; - if (ret <= 0) - lose_ssl_error(self, ret); + if (ret <= 0) + lose_ssl_error(self, ret); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } -static char ssl_object_connect__doc__[] = +static char ssl_object_connect__doc__[] = "<method>\n" " <header>\n" " <memberof>Ssl</memberof>\n" @@ -4177,11 +4120,11 @@ static char ssl_object_connect__doc__[] = " <example>\n" " <title><function>connect</function> function usage</title>\n" " <programlisting>\n" -" s = socket.socket( socket.AF_INET, socket.SOCK_STREAM )\n" +" s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n" " s.connect(('localhost', 1111))\n" "\n" -" sl = POW.Ssl( POW.SSLV23_CLIENT_METHOD )\n" -" sl.setFd( s.fileno() )\n" +" sl = POW.Ssl(POW.SSLV23_CLIENT_METHOD)\n" +" sl.setFd(s.fileno())\n" " sl.connect()\n" " sl.write('Message from client to server...')\n" " print sl.read(1024)\n" @@ -4194,23 +4137,23 @@ static char ssl_object_connect__doc__[] = static PyObject * ssl_object_connect(ssl_object *self, PyObject *args) { - int ret, err = 0; - - if (!PyArg_ParseTuple(args, "")) - goto error; + int ret, err = 0; - Py_BEGIN_ALLOW_THREADS - ret = SSL_connect( self->ssl ); - Py_END_ALLOW_THREADS + if (!PyArg_ParseTuple(args, "")) + goto error; - if (ret <= 0) - lose_ssl_error(self, ret); + Py_BEGIN_ALLOW_THREADS; + ret = SSL_connect(self->ssl); + Py_END_ALLOW_THREADS; - return Py_BuildValue(""); + if (ret <= 0) + lose_ssl_error(self, ret); -error: + return Py_BuildValue(""); - return NULL; + error: + + return NULL; } static char ssl_object_write__doc__[] = @@ -4234,24 +4177,24 @@ static char ssl_object_write__doc__[] = static PyObject * ssl_object_write(ssl_object *self, PyObject *args) { - char *msg; - int length = 0, ret = 0, err = 0; - - if (!PyArg_ParseTuple(args, "s#", &msg, &length)) - goto error; - - Py_BEGIN_ALLOW_THREADS - ret = SSL_write( self->ssl, msg, length ); - Py_END_ALLOW_THREADS + char *msg; + int length = 0, ret = 0, err = 0; + + if (!PyArg_ParseTuple(args, "s#", &msg, &length)) + goto error; - if (ret <= 0) - lose_ssl_error(self, ret); + Py_BEGIN_ALLOW_THREADS; + ret = SSL_write(self->ssl, msg, length); + Py_END_ALLOW_THREADS; - return Py_BuildValue("i", ret); + if (ret <= 0) + lose_ssl_error(self, ret); -error: + return Py_BuildValue("i", ret); - return NULL; + error: + + return NULL; } static char ssl_object_read__doc__[] = @@ -4275,34 +4218,34 @@ static char ssl_object_read__doc__[] = static PyObject * ssl_object_read(ssl_object *self, PyObject *args) { - PyObject *data; - char *msg = NULL; - int len = 1024, ret = 0, err = 0; - - if (!PyArg_ParseTuple(args, "|i", &len)) - goto error; + PyObject *data; + char *msg = NULL; + int len = 1024, ret = 0, err = 0; + + if (!PyArg_ParseTuple(args, "|i", &len)) + goto error; - if ( !(msg = malloc(len) ) ) - lose("unable to allocate memory"); + if ((msg = malloc(len)) == NULL) + lose("unable to allocate memory"); - Py_BEGIN_ALLOW_THREADS - ret = SSL_read( self->ssl, msg, len ); - Py_END_ALLOW_THREADS + Py_BEGIN_ALLOW_THREADS; + ret = SSL_read(self->ssl, msg, len); + Py_END_ALLOW_THREADS; - if (ret <= 0) - lose_ssl_error(self, ret); + if (ret <= 0) + lose_ssl_error(self, ret); - data = Py_BuildValue("s#", msg, ret); + data = Py_BuildValue("s#", msg, ret); - free(msg); - return data; + free(msg); + return data; -error: + error: - if (msg) - free(msg); + if (msg) + free(msg); - return NULL; + return NULL; } static char ssl_object_peer_certificate__doc__[] = @@ -4324,38 +4267,34 @@ static char ssl_object_peer_certificate__doc__[] = static PyObject * ssl_object_peer_certificate(ssl_object *self, PyObject *args) { - X509 *x509 = NULL; - x509_object *x509_obj = NULL; + X509 *x509 = NULL; + x509_object *x509_obj = NULL; - if (!PyArg_ParseTuple(args, "")) - goto error; - - if ( !(x509_obj = X509_object_new() ) ) - lose("could not create x509 object"); + if (!PyArg_ParseTuple(args, "")) + goto error; - x509 = SSL_get_peer_certificate( self->ssl ); + if ((x509_obj = X509_object_new()) == NULL) + lose("could not create x509 object"); - if (x509) - { - X509_free( x509_obj->x509 ); + x509 = SSL_get_peer_certificate(self->ssl); - if ( !(x509_obj->x509 = x509 ) ) - lose("could not create x509 object"); - return Py_BuildValue("O", x509_obj); - } - else - { - Py_XDECREF( x509_obj ); - return Py_BuildValue(""); - } + if (x509) { + X509_free(x509_obj->x509); + x509_obj->x509 = x509; + return Py_BuildValue("O", x509_obj); + } + else { + Py_XDECREF(x509_obj); + return Py_BuildValue(""); + } -error: + error: - if (x509) - X509_free(x509); + if (x509) + X509_free(x509); - Py_XDECREF( x509_obj ); - return NULL; + Py_XDECREF(x509_obj); + return NULL; } static char ssl_object_clear__doc__[] = @@ -4376,20 +4315,20 @@ static char ssl_object_clear__doc__[] = static PyObject * ssl_object_clear(ssl_object *self, PyObject *args) { - if (!PyArg_ParseTuple(args, "")) - goto error; - - if (!SSL_clear( self->ssl ) ) - lose("failed to clear ssl connection"); + if (!PyArg_ParseTuple(args, "")) + goto error; - return Py_BuildValue(""); + if (!SSL_clear(self->ssl)) + lose("failed to clear ssl connection"); -error: + return Py_BuildValue(""); - return NULL; + error: + + return NULL; } -static char ssl_object_shutdown__doc__[] = +static char ssl_object_shutdown__doc__[] = "<method>\n" " <header>\n" " <memberof>Ssl</memberof>\n" @@ -4397,12 +4336,12 @@ static char ssl_object_shutdown__doc__[] = " </header>\n" " <body>\n" " <para>\n" -" This method will issue a <constant>shutdown</constant> signal to it's peer. \n" +" This method will issue a <constant>shutdown</constant> signal to it's peer.\n" " If this connection's peer has already initiated a shutdown this call\n" " will succeed, otherwise it will raise and exception. In order to\n" " check the shutdown handshake was successful,\n" " <function>shutdown</function> must be called again. If no\n" -" exception is raised, the handshake is complete. \n" +" exception is raised, the handshake is complete.\n" " </para>\n" " <para>\n" " The odd\n" @@ -4420,21 +4359,21 @@ static char ssl_object_shutdown__doc__[] = static PyObject * ssl_object_shutdown(ssl_object *self, PyObject *args) { - int ret = 0, err = 0; + int ret = 0, err = 0; - if (!PyArg_ParseTuple(args, "")) - goto error; - - ret = SSL_shutdown(self->ssl); + if (!PyArg_ParseTuple(args, "")) + goto error; - if (ret <= 0) - lose_ssl_error(self, ret); + ret = SSL_shutdown(self->ssl); - return Py_BuildValue(""); + if (ret <= 0) + lose_ssl_error(self, ret); -error: + return Py_BuildValue(""); - return NULL; + error: + + return NULL; } static char ssl_object_get_shutdown__doc__[] = @@ -4464,18 +4403,18 @@ static char ssl_object_get_shutdown__doc__[] = static PyObject * ssl_object_get_shutdown(ssl_object *self, PyObject *args) { - int state = 0; + int state = 0; - if (!PyArg_ParseTuple(args, "")) - goto error; - - state = SSL_get_shutdown(self->ssl); + if (!PyArg_ParseTuple(args, "")) + goto error; - return Py_BuildValue("i", state); + state = SSL_get_shutdown(self->ssl); -error: + return Py_BuildValue("i", state); - return NULL; + error: + + return NULL; } static char ssl_object_get_ciphers__doc__[] = @@ -4488,7 +4427,7 @@ static char ssl_object_get_ciphers__doc__[] = " <para>\n" " This function returns a list of available ciphers ordered from\n" " most favored to least. This function must be called after\n" -" <function>setFd</function>. \n" +" <function>setFd</function>.\n" " </para>\n" " </body>\n" "</method>\n" @@ -4497,46 +4436,43 @@ static char ssl_object_get_ciphers__doc__[] = static PyObject * ssl_object_get_ciphers(ssl_object *self, PyObject *args) { - int inlist = 0, i = 0; - const char *cipher = NULL; - PyObject *list = NULL, *name = NULL; + int inlist = 0, i = 0; + const char *cipher = NULL; + PyObject *list = NULL, *name = NULL; + + if (!PyArg_ParseTuple(args, "")) + goto error; + + if (!self->ctxset) + lose("cannot be called before setFd()"); - if (!PyArg_ParseTuple(args, "")) + list = PyList_New(0); + + cipher = SSL_get_cipher_list(self->ssl, 0); + while (cipher) { + if ((name = PyString_FromString(cipher)) == NULL) + goto error; + if (PyList_Append(list, name) != 0) goto error; + cipher = SSL_get_cipher_list(self->ssl, ++i); + } + return Py_BuildValue("O", list); - if (!self->ctxset) - lose("cannot be called before setFd()"); - - list = PyList_New(0); - - cipher = SSL_get_cipher_list(self->ssl, 0); - while (cipher) - { - if ( !(name = PyString_FromString(cipher) ) ) - goto error; - if ( PyList_Append( list, name ) != 0) - goto error; - cipher = SSL_get_cipher_list(self->ssl, ++i); - } - return Py_BuildValue("O", list); - -error: - - if (list) - { - inlist = PyList_Size( list ); - for (i = 0; i < inlist; i++) - { - name = PyList_GetItem( list, i ); - Py_DECREF(name); - } - Py_DECREF(list); - } + error: - return NULL; + if (list) { + inlist = PyList_Size(list); + for (i = 0; i < inlist; i++) { + name = PyList_GetItem(list, i); + Py_DECREF(name); + } + Py_DECREF(list); + } + + return NULL; } -static char ssl_object_set_ciphers__doc__[] = +static char ssl_object_set_ciphers__doc__[] = "<method>\n" " <header>\n" " <memberof>Ssl</memberof>\n" @@ -4547,7 +4483,7 @@ static char ssl_object_set_ciphers__doc__[] = " <para>\n" " <function>setCiphers</function>\n" " can help protect against certain types of attacks which try to\n" -" coerce the server, client or both to negotiate a weak cipher. \n" +" coerce the server, client or both to negotiate a weak cipher.\n" " <parameter>ciphers</parameter> should be a list of strings, as\n" " produced by <function>getCiphers</function> and described in the\n" " OpenSSL man page ciphers. <function>setCiphers</function> should\n" @@ -4560,57 +4496,56 @@ static char ssl_object_set_ciphers__doc__[] = static PyObject * ssl_object_set_ciphers(ssl_object *self, PyObject *args) { - PyObject *ciphers = NULL; - PyObject *cipher = NULL; - int size = 0, cipherstrlen = 0, nextstrlen = 0, i = 0; - char *cipherstr = NULL; + PyObject *ciphers = NULL; + PyObject *cipher = NULL; + int size = 0, cipherstrlen = 0, nextstrlen = 0, i = 0; + char *cipherstr = NULL; - if (!PyArg_ParseTuple(args, "O", &ciphers)) - goto error; + if (!PyArg_ParseTuple(args, "O", &ciphers)) + goto error; - if ( !(PyList_Check(ciphers) || PyTuple_Check(ciphers)) ) - lose_type_error("inapropriate type"); + if (!PyList_Check(ciphers) && !PyTuple_Check(ciphers)) + lose_type_error("inapropriate type"); - if (!self->ctxset) - lose("cannot be called before setFd()"); + if (!self->ctxset) + lose("cannot be called before setFd()"); - cipherstr = malloc(8); //very bogus, realloc dosn't work with out some - //previously allocated memory! Really should. - memset(cipherstr, 0, 8); - size = PySequence_Size(ciphers); - for (i = 0; i < size; i++) - { - if ( !( cipher = PySequence_GetItem( ciphers, i ) ) ) - goto error; + cipherstr = malloc(8); // Very bogus, realloc() dosn't work without some + // previously allocated memory! Really should. + memset(cipherstr, 0, 8); + size = PySequence_Size(ciphers); + for (i = 0; i < size; i++) { + if ((cipher = PySequence_GetItem(ciphers, i)) == NULL) + goto error; - if ( !PyString_Check(cipher) ) - lose_type_error("inapropriate type"); + if (!PyString_Check(cipher)) + lose_type_error("inapropriate type"); - cipherstrlen = strlen(cipherstr); - nextstrlen = strlen( PyString_AsString(cipher) ); + cipherstrlen = strlen(cipherstr); + nextstrlen = strlen(PyString_AsString(cipher)); - if ( !(cipherstr = realloc( cipherstr, cipherstrlen + nextstrlen + 2)) ) - lose_type_error("could allocate memory"); + if ((cipherstr = realloc(cipherstr, cipherstrlen + nextstrlen + 2)) == NULL) + lose_type_error("could allocate memory"); - if (cipherstrlen) - strcat( cipherstr, ":\0" ); + if (cipherstrlen) + strcat(cipherstr, ":\0"); - strcat( cipherstr, PyString_AsString(cipher) ); - Py_DECREF(cipher); - cipher = NULL; - } - SSL_set_cipher_list( self->ssl, cipherstr ); - free(cipherstr); - return Py_BuildValue(""); + strcat(cipherstr, PyString_AsString(cipher)); + Py_DECREF(cipher); + cipher = NULL; + } + SSL_set_cipher_list(self->ssl, cipherstr); + free(cipherstr); + return Py_BuildValue(""); -error: + error: - if (cipherstr) - free(cipherstr); + if (cipherstr) + free(cipherstr); - Py_XDECREF(cipher); + Py_XDECREF(cipher); - return NULL; + return NULL; } static char ssl_object_get_cipher__doc__[] = @@ -4630,25 +4565,25 @@ static char ssl_object_get_cipher__doc__[] = static PyObject * ssl_object_get_cipher(ssl_object *self, PyObject *args) { - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - if (!self->ctxset) - lose("cannot be called before setFd()"); - - return Py_BuildValue("s", SSL_get_cipher( self->ssl )); + if (!self->ctxset) + lose("cannot be called before setFd()"); -error: + return Py_BuildValue("s", SSL_get_cipher(self->ssl)); - return NULL; + error: + + return NULL; } static int stub_callback(int preverify_ok, X509_STORE_CTX *ctx) { - return 1; + return 1; } -static char ssl_object_set_verify_mode__doc__[] = +static char ssl_object_set_verify_mode__doc__[] = "<method>\n" " <header>\n" " <memberof>Ssl</memberof>\n" @@ -4666,8 +4601,8 @@ static char ssl_object_set_verify_mode__doc__[] = " <member><constant>SSL_VERIFY_PEER</constant></member>\n" " </simplelist>\n" " <para>\n" -" See the OpenSSL man page <function>SSL_CTX_set_verify</function> \n" -" for details. This function must be called after <function>setfd</function> \n" +" See the OpenSSL man page <function>SSL_CTX_set_verify</function>\n" +" for details. This function must be called after <function>setfd</function>\n" " has been called.\n" " </para>\n" " </body>\n" @@ -4677,21 +4612,21 @@ static char ssl_object_set_verify_mode__doc__[] = static PyObject * ssl_object_set_verify_mode(ssl_object *self, PyObject *args) { - int mode = 0; + int mode = 0; - if (!PyArg_ParseTuple(args, "i", &mode)) - goto error; + if (!PyArg_ParseTuple(args, "i", &mode)) + goto error; - if (self->ctxset) - lose("cannot be called after setfd()"); + if (self->ctxset) + lose("cannot be called after setfd()"); - SSL_CTX_set_verify( self->ctx, mode, stub_callback ); + SSL_CTX_set_verify(self->ctx, mode, stub_callback); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static struct PyMethodDef ssl_object_methods[] = { @@ -4712,66 +4647,65 @@ static struct PyMethodDef ssl_object_methods[] = { {"setCiphers", (PyCFunction)ssl_object_set_ciphers, METH_VARARGS, NULL}, {"getCipher", (PyCFunction)ssl_object_get_cipher, METH_VARARGS, NULL}, {"setVerifyMode", (PyCFunction)ssl_object_set_verify_mode, METH_VARARGS, NULL}, - + {NULL, NULL} /* sentinel */ }; static ssl_object * newssl_object(int type) { - ssl_object *self; - const SSL_METHOD *method; + ssl_object *self; + const SSL_METHOD *method; - - if ( !(self = PyObject_NEW(ssl_object, &ssltype) ) ) - goto error; - self->ctxset = 0; - self->ssl = NULL; + if ((self = PyObject_NEW(ssl_object, &ssltype)) == NULL) + goto error; + + self->ctxset = 0; + self->ssl = NULL; + + switch(type) { + case SSLV2_SERVER_METHOD: method = SSLv2_server_method(); break; + case SSLV2_CLIENT_METHOD: method = SSLv2_client_method(); break; + case SSLV2_METHOD: method = SSLv2_method(); break; + case SSLV3_SERVER_METHOD: method = SSLv3_server_method(); break; + case SSLV3_CLIENT_METHOD: method = SSLv3_client_method(); break; + case SSLV3_METHOD: method = SSLv3_method(); break; + case TLSV1_SERVER_METHOD: method = TLSv1_server_method(); break; + case TLSV1_CLIENT_METHOD: method = TLSv1_client_method(); break; + case TLSV1_METHOD: method = TLSv1_method(); break; + case SSLV23_SERVER_METHOD: method = SSLv23_server_method(); break; + case SSLV23_CLIENT_METHOD: method = SSLv23_client_method(); break; + case SSLV23_METHOD: method = SSLv23_method(); break; - switch(type) - { - case SSLV2_SERVER_METHOD: method = SSLv2_server_method(); break; - case SSLV2_CLIENT_METHOD: method = SSLv2_client_method(); break; - case SSLV2_METHOD: method = SSLv2_method(); break; - case SSLV3_SERVER_METHOD: method = SSLv3_server_method(); break; - case SSLV3_CLIENT_METHOD: method = SSLv3_client_method(); break; - case SSLV3_METHOD: method = SSLv3_method(); break; - case TLSV1_SERVER_METHOD: method = TLSv1_server_method(); break; - case TLSV1_CLIENT_METHOD: method = TLSv1_client_method(); break; - case TLSV1_METHOD: method = TLSv1_method(); break; - case SSLV23_SERVER_METHOD: method = SSLv23_server_method(); break; - case SSLV23_CLIENT_METHOD: method = SSLv23_client_method(); break; - case SSLV23_METHOD: method = SSLv23_method(); break; - - default: - lose("unknown ctx method"); - - } + default: + lose("unknown ctx method"); - if ( !(self->ctx = SSL_CTX_new( method ) ) ) - lose("unable to create new ctx"); + } - return self; + if ((self->ctx = SSL_CTX_new(method)) == NULL) + lose("unable to create new ctx"); -error: + return self; - Py_XDECREF( self ); - return NULL; + error: + + Py_XDECREF(self); + return NULL; } static PyObject * ssl_object_getattr(ssl_object *self, char *name) { - return Py_FindMethod(ssl_object_methods, (PyObject *)self, name); + return Py_FindMethod(ssl_object_methods, (PyObject *)self, name); } static void ssl_object_dealloc(ssl_object *self) { - SSL_free( self->ssl ); - SSL_CTX_free( self->ctx ); - PyObject_Del(self); + SSL_free(self->ssl); + SSL_CTX_free(self->ctx); + PyObject_Del(self); } static char ssltype__doc__[] = @@ -4788,7 +4722,7 @@ static char ssltype__doc__[] = " original motivation for writing this library was to provide a\n" " security layer for network agents written in Python, for this\n" " application, good performance with multiple concurrent connections\n" -" is not an issue. \n" +" is not an issue.\n" " </para>\n" " </body>\n" "</class>\n" @@ -4824,108 +4758,105 @@ static PyTypeObject ssltype = { static asymmetric_object * asymmetric_object_new(int cipher_type, int key_size) { - asymmetric_object *self = NULL; + asymmetric_object *self = NULL; - self = PyObject_New( asymmetric_object, &asymmetrictype ); - if (self == NULL) - goto error; + self = PyObject_New(asymmetric_object, &asymmetrictype); + if (self == NULL) + goto error; - if (cipher_type != RSA_CIPHER) - lose("unsupported cipher"); + if (cipher_type != RSA_CIPHER) + lose("unsupported cipher"); - if ( !(self->cipher = RSA_generate_key(key_size,RSA_F4,NULL,NULL) ) ) - lose("could not generate key"); + if ((self->cipher = RSA_generate_key(key_size,RSA_F4,NULL,NULL)) == NULL) + lose("could not generate key"); - self->key_type = RSA_PRIVATE_KEY; - self->cipher_type = RSA_CIPHER; + self->key_type = RSA_PRIVATE_KEY; + self->cipher_type = RSA_CIPHER; - return self; + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } static asymmetric_object * asymmetric_object_pem_read(int key_type, BIO *in, char *pass) { - asymmetric_object *self = NULL; + asymmetric_object *self = NULL; - self = PyObject_New( asymmetric_object, &asymmetrictype ); - if (self == NULL) - goto error; + self = PyObject_New(asymmetric_object, &asymmetrictype); + if (self == NULL) + goto error; - switch (key_type) - { - case RSA_PUBLIC_KEY: - { - if( !(self->cipher = PEM_read_bio_RSA_PUBKEY( in, NULL, NULL, NULL ) ) ) - lose("could not load public key"); - self->key_type = RSA_PUBLIC_KEY; - self->cipher_type = RSA_CIPHER; - break; - } - case RSA_PRIVATE_KEY: - { - if( !(self->cipher = PEM_read_bio_RSAPrivateKey( in, NULL, NULL, pass) ) ) - lose("could not load private key"); - self->key_type = RSA_PRIVATE_KEY; - self->cipher_type = RSA_CIPHER; - break; - } - default: - lose("unknown key type"); - } + switch (key_type) { + + case RSA_PUBLIC_KEY: + if ((self->cipher = PEM_read_bio_RSA_PUBKEY(in, NULL, NULL, NULL)) == NULL) + lose("could not load public key"); + self->key_type = RSA_PUBLIC_KEY; + self->cipher_type = RSA_CIPHER; + break; - return self; + case RSA_PRIVATE_KEY: + if ((self->cipher = PEM_read_bio_RSAPrivateKey(in, NULL, NULL, pass)) == NULL) + lose("could not load private key"); + self->key_type = RSA_PRIVATE_KEY; + self->cipher_type = RSA_CIPHER; + break; -error: + default: + lose("unknown key type"); + } - Py_XDECREF(self); - return NULL; + return self; + + error: + + Py_XDECREF(self); + return NULL; } static asymmetric_object * asymmetric_object_der_read(int key_type, unsigned char *src, int len) { - asymmetric_object *self = NULL; - unsigned char *ptr = src; + asymmetric_object *self = NULL; + unsigned char *ptr = src; - self = PyObject_New( asymmetric_object, &asymmetrictype ); - if (self == NULL) - goto error; + self = PyObject_New(asymmetric_object, &asymmetrictype); + if (self == NULL) + goto error; - switch (key_type) - { - case RSA_PUBLIC_KEY: - { - if( !(self->cipher = d2i_RSA_PUBKEY( NULL, (const unsigned char **) &ptr, len ) ) ) - lose("could not load public key"); + switch (key_type) { + case RSA_PUBLIC_KEY: - self->key_type = RSA_PUBLIC_KEY; - self->cipher_type = RSA_CIPHER; - break; - } - case RSA_PRIVATE_KEY: - { - if( !(self->cipher = d2i_RSAPrivateKey( NULL, (const unsigned char **) &ptr, len ) ) ) - lose("could not load private key"); - - self->key_type = RSA_PRIVATE_KEY; - self->cipher_type = RSA_CIPHER; - break; - } - default: - lose("unknown key type"); - } + if ((self->cipher = d2i_RSA_PUBKEY(NULL, (const unsigned char **) &ptr, len)) == NULL) + lose("could not load public key"); + + self->key_type = RSA_PUBLIC_KEY; + self->cipher_type = RSA_CIPHER; + break; + + case RSA_PRIVATE_KEY: + + if ((self->cipher = d2i_RSAPrivateKey(NULL, (const unsigned char **) &ptr, len)) == NULL) + lose("could not load private key"); + + self->key_type = RSA_PRIVATE_KEY; + self->cipher_type = RSA_CIPHER; + break; - return self; + default: + lose("unknown key type"); + } -error: + return self; - Py_XDECREF(self); - return NULL; + error: + + Py_XDECREF(self); + return NULL; } static char asymmetric_object_pem_write__doc__[] = @@ -4958,82 +4889,76 @@ static char asymmetric_object_pem_write__doc__[] = static PyObject * asymmetric_object_pem_write(asymmetric_object *self, PyObject *args) { - int key_type = 0, cipher = 0, len = 0, ret = 0; - char *kstr = NULL, *buf = NULL; - BIO *out_bio = NULL; - PyObject *asymmetric = NULL; + int key_type = 0, cipher = 0, len = 0, ret = 0; + char *kstr = NULL, *buf = NULL; + BIO *out_bio = NULL; + PyObject *asymmetric = NULL; - if (!PyArg_ParseTuple(args, "|iis", &key_type, &cipher, &kstr)) - goto error; + if (!PyArg_ParseTuple(args, "|iis", &key_type, &cipher, &kstr)) + goto error; - if (key_type == 0) - key_type = self->key_type; - - if ( !(out_bio = BIO_new(BIO_s_mem()) ) ) - lose("unable to create new BIO"); - - if ( (kstr && !cipher) || (cipher && !kstr) ) - lose("cipher type and key string must both be supplied"); - - - switch( key_type ) - { - case RSA_PRIVATE_KEY: - { - if (kstr && cipher) - { - if (!PEM_write_bio_RSAPrivateKey(out_bio, self->cipher, evp_cipher_factory(cipher), NULL, 0, NULL, kstr) ) - lose("unable to write key"); - } - else - { - if (!PEM_write_bio_RSAPrivateKey(out_bio, self->cipher, NULL, NULL, 0, NULL, NULL) ) - lose("unable to write key"); - } - break; - } - case RSA_PUBLIC_KEY: - { - if (kstr && cipher) - lose("public keys should not encrypted"); - else - { - if (!PEM_write_bio_RSA_PUBKEY(out_bio, self->cipher) ) - lose("unable to write key"); - } - break; - } - default: - lose("unsupported key type"); - } + if (key_type == 0) + key_type = self->key_type; + + if ((out_bio = BIO_new(BIO_s_mem())) == NULL) + lose("unable to create new BIO"); + + if ((kstr && !cipher) || (cipher && !kstr)) + lose("cipher type and key string must both be supplied"); - if ( !(len = BIO_ctrl_pending(out_bio) ) ) - lose("unable to get number of bytes in bio"); + switch(key_type) { - if ( !(buf = malloc(len) ) ) - lose("unable to allocate memory"); + case RSA_PRIVATE_KEY: + if (kstr && cipher) { + if (!PEM_write_bio_RSAPrivateKey(out_bio, self->cipher, evp_cipher_factory(cipher), NULL, 0, NULL, kstr)) + lose("unable to write key"); + } + else { + if (!PEM_write_bio_RSAPrivateKey(out_bio, self->cipher, NULL, NULL, 0, NULL, NULL)) + lose("unable to write key"); + } + break; - if ( (ret = BIO_read( out_bio, buf, len ) ) != len ) - lose("unable to write out key"); + case RSA_PUBLIC_KEY: + if (kstr && cipher) + lose("public keys should not encrypted"); + else { + if (!PEM_write_bio_RSA_PUBKEY(out_bio, self->cipher)) + lose("unable to write key"); + } + break; - asymmetric = Py_BuildValue("s#", buf, len); + default: + lose("unsupported key type"); + } - BIO_free(out_bio); - free(buf); - return asymmetric; + if ((len = BIO_ctrl_pending(out_bio)) == 0) + lose("unable to get number of bytes in bio"); -error: + if ((buf = malloc(len)) == NULL) + lose("unable to allocate memory"); - if (out_bio); - BIO_free(out_bio); + if ((ret = BIO_read(out_bio, buf, len)) != len) + lose("unable to write out key"); - if (buf) - free(buf); + asymmetric = Py_BuildValue("s#", buf, len); - return NULL; + BIO_free(out_bio); + free(buf); + return asymmetric; + + error: + + if (out_bio); + BIO_free(out_bio); + + if (buf) + free(buf); + + return NULL; } -static char asymmetric_object_der_write__doc__[] = +static char asymmetric_object_der_write__doc__[] = "<method>" " <header>" " <memberof>Asymmetric</memberof>" @@ -5054,53 +4979,51 @@ static char asymmetric_object_der_write__doc__[] = static PyObject * asymmetric_object_der_write(asymmetric_object *self, PyObject *args) { - int len = 0, key_type = 0; - unsigned char *buf = NULL, *p = NULL; - PyObject *asymmetric = NULL; + int len = 0, key_type = 0; + unsigned char *buf = NULL, *p = NULL; + PyObject *asymmetric = NULL; - if (!PyArg_ParseTuple(args, "|i", &key_type)) - goto error; + if (!PyArg_ParseTuple(args, "|i", &key_type)) + goto error; - if (key_type == 0) - key_type = self->key_type; - - switch( key_type ) - { - case RSA_PRIVATE_KEY: - { - len = i2d_RSAPrivateKey(self->cipher, NULL); - if ( !(buf = malloc(len) ) ) - lose("could not allocate memory"); - p = buf; - if (!i2d_RSAPrivateKey(self->cipher, &buf) ) - lose("unable to write key"); - break; - } - case RSA_PUBLIC_KEY: - { - len = i2d_RSA_PUBKEY(self->cipher, NULL); - if ( !(buf = malloc(len) ) ) - lose("could not allocate memory"); - p = buf; - if (!i2d_RSA_PUBKEY(self->cipher, &buf) ) - lose("unable to write key"); - break; - } - default: - lose("unsupported key type"); - } + if (key_type == 0) + key_type = self->key_type; + + switch(key_type) { - asymmetric = Py_BuildValue("s#", p, len); + case RSA_PRIVATE_KEY: + len = i2d_RSAPrivateKey(self->cipher, NULL); + if ((buf = malloc(len)) == NULL) + lose("could not allocate memory"); + p = buf; + if (!i2d_RSAPrivateKey(self->cipher, &buf)) + lose("unable to write key"); + break; + + case RSA_PUBLIC_KEY: + len = i2d_RSA_PUBKEY(self->cipher, NULL); + if ((buf = malloc(len)) == NULL) + lose("could not allocate memory"); + p = buf; + if (!i2d_RSA_PUBKEY(self->cipher, &buf)) + lose("unable to write key"); + break; - free(p); - return asymmetric; + default: + lose("unsupported key type"); + } -error: + asymmetric = Py_BuildValue("s#", p, len); - if (p) - free(p); + free(p); + return asymmetric; - return NULL; + error: + + if (p) + free(p); + + return NULL; } static char asymmetric_object_public_encrypt__doc__[] = @@ -5124,42 +5047,36 @@ static char asymmetric_object_public_encrypt__doc__[] = static PyObject * asymmetric_object_public_encrypt(asymmetric_object *self, PyObject *args) { - unsigned char *plain_text = NULL, *cipher_text = NULL; - int len = 0, size = 0; - PyObject *obj = NULL; + unsigned char *plain_text = NULL, *cipher_text = NULL; + int len = 0, size = 0; + PyObject *obj = NULL; - switch( self->cipher_type ) - { - case RSA_CIPHER: - { - if (!PyArg_ParseTuple(args, "s#", &plain_text, &len)) - goto error; + if (self->cipher_type != RSA_CIPHER) + lose("unsupported cipher type"); - size = RSA_size(self->cipher); - if ( len > size ) - lose("plain text is too long"); + if (!PyArg_ParseTuple(args, "s#", &plain_text, &len)) + goto error; - if ( !(cipher_text = malloc( size + 16 ) ) ) - lose("could not allocate memory"); + size = RSA_size(self->cipher); + if (len > size) + lose("plain text is too long"); - if ( (len = RSA_public_encrypt( len, plain_text, cipher_text, self->cipher, RSA_PKCS1_PADDING ) ) < 0 ) - lose("could not encrypt plain text"); - break; - } - default: - lose("unsupported cipher type"); - } + if ((cipher_text = malloc(size + 16)) == NULL) + lose("could not allocate memory"); - obj = Py_BuildValue("s#", cipher_text, len); - free( cipher_text ); - return obj; + if ((len = RSA_public_encrypt(len, plain_text, cipher_text, self->cipher, RSA_PKCS1_PADDING)) < 0) + lose("could not encrypt plain text"); -error: + obj = Py_BuildValue("s#", cipher_text, len); + free(cipher_text); + return obj; - if (cipher_text) - free(cipher_text); + error: - return NULL; + if (cipher_text) + free(cipher_text); + + return NULL; } static char asymmetric_object_private_encrypt__doc__[] = @@ -5183,36 +5100,36 @@ static char asymmetric_object_private_encrypt__doc__[] = static PyObject * asymmetric_object_private_encrypt(asymmetric_object *self, PyObject *args) { - unsigned char *plain_text = NULL, *cipher_text = NULL; - int len = 0, size = 0; - PyObject *obj = NULL; + unsigned char *plain_text = NULL, *cipher_text = NULL; + int len = 0, size = 0; + PyObject *obj = NULL; - if ( !(self->key_type == RSA_PRIVATE_KEY) ) - lose("cannot perform private encryption with this key"); + if (self->key_type != RSA_PRIVATE_KEY) + lose("cannot perform private encryption with this key"); - if (!PyArg_ParseTuple(args, "s#", &plain_text, &len) ) - goto error; + if (!PyArg_ParseTuple(args, "s#", &plain_text, &len)) + goto error; - size = RSA_size(self->cipher); - if ( len > size ) - lose("plain text is too long"); + size = RSA_size(self->cipher); + if (len > size) + lose("plain text is too long"); - if ( !(cipher_text = malloc( size + 16 ) ) ) - lose("could not allocate memory"); + if ((cipher_text = malloc(size + 16)) == NULL) + lose("could not allocate memory"); - if ( (len = RSA_private_encrypt( len, plain_text, cipher_text, self->cipher, RSA_PKCS1_PADDING ) ) < 0 ) - lose("could not encrypt plain text"); + if ((len = RSA_private_encrypt(len, plain_text, cipher_text, self->cipher, RSA_PKCS1_PADDING)) < 0) + lose("could not encrypt plain text"); - obj = Py_BuildValue("s#", cipher_text, len); - free( cipher_text ); - return obj; + obj = Py_BuildValue("s#", cipher_text, len); + free(cipher_text); + return obj; -error: + error: - if (cipher_text) - free(cipher_text); + if (cipher_text) + free(cipher_text); - return NULL; + return NULL; } static char asymmetric_object_public_decrypt__doc__[] = @@ -5227,7 +5144,7 @@ static char asymmetric_object_public_decrypt__doc__[] = " This method is used to decrypt the\n" " <parameter>ciphertext</parameter> which has been encrypted\n" " using the corresponding private key and the\n" -" <function>privateEncrypt</function> function. \n" +" <function>privateEncrypt</function> function.\n" " </para>\n" " </body>\n" "</method>\n" @@ -5236,42 +5153,36 @@ static char asymmetric_object_public_decrypt__doc__[] = static PyObject * asymmetric_object_public_decrypt(asymmetric_object *self, PyObject *args) { - unsigned char *plain_text = NULL, *cipher_text = NULL; - int len = 0, size = 0; - PyObject *obj = NULL; - - switch( self->cipher_type ) - { - case RSA_CIPHER: - { - if (!PyArg_ParseTuple(args, "s#", &cipher_text, &len)) - goto error; - - size = RSA_size(self->cipher); - if ( len > size ) - lose("cipher text is too long"); - - if ( !(plain_text = malloc( size + 16 ) ) ) - lose("could not allocate memory"); - - if ( (len = RSA_public_decrypt( len, cipher_text, plain_text, self->cipher, RSA_PKCS1_PADDING ) ) < 0 ) - lose("could not decrypt cipher text"); - break; - } - default: - lose("unsupported cipher type"); - } + unsigned char *plain_text = NULL, *cipher_text = NULL; + int len = 0, size = 0; + PyObject *obj = NULL; + + if (self->cipher_type != RSA_CIPHER) + lose("unsupported cipher type"); + + if (!PyArg_ParseTuple(args, "s#", &cipher_text, &len)) + goto error; - obj = Py_BuildValue("s#", plain_text, len); - free( plain_text ); - return obj; + size = RSA_size(self->cipher); + if (len > size) + lose("cipher text is too long"); -error: + if ((plain_text = malloc(size + 16)) == NULL) + lose("could not allocate memory"); - if (plain_text) - free(plain_text); + if ((len = RSA_public_decrypt(len, cipher_text, plain_text, self->cipher, RSA_PKCS1_PADDING)) < 0) + lose("could not decrypt cipher text"); - return NULL; + obj = Py_BuildValue("s#", plain_text, len); + free(plain_text); + return obj; + + error: + + if (plain_text) + free(plain_text); + + return NULL; } static char asymmetric_object_private_decrypt__doc__[] = @@ -5285,7 +5196,7 @@ static char asymmetric_object_private_decrypt__doc__[] = " <para>\n" " This method is used to decrypt ciphertext which has been encrypted\n" " using the corresponding public key and the\n" -" <function>publicEncrypt</function> function. \n" +" <function>publicEncrypt</function> function.\n" " </para>\n" " </body>\n" "</method>\n" @@ -5294,38 +5205,38 @@ static char asymmetric_object_private_decrypt__doc__[] = static PyObject * asymmetric_object_private_decrypt(asymmetric_object *self, PyObject *args) { - unsigned char *plain_text = NULL, *cipher_text = NULL; - int len = 0, size = 0; - PyObject *obj = NULL; + unsigned char *plain_text = NULL, *cipher_text = NULL; + int len = 0, size = 0; + PyObject *obj = NULL; - if ( !(self->key_type == RSA_PRIVATE_KEY) ) - lose("cannot perform private decryption with this key"); + if (self->key_type != RSA_PRIVATE_KEY) + lose("cannot perform private decryption with this key"); - if (!PyArg_ParseTuple(args, "s#", &cipher_text, &len)) - goto error; + if (!PyArg_ParseTuple(args, "s#", &cipher_text, &len)) + goto error; - size = RSA_size(self->cipher); - if ( len > size ) - lose("cipher text is too long"); + size = RSA_size(self->cipher); + if (len > size) + lose("cipher text is too long"); - if ( !(plain_text = malloc( size + 16 ) ) ) - lose("could not allocate memory"); + if ((plain_text = malloc(size + 16)) == NULL) + lose("could not allocate memory"); - if ( (len = RSA_private_decrypt( len, cipher_text, plain_text, self->cipher, RSA_PKCS1_PADDING ) ) < 0 ) - lose("could not decrypt cipher text"); + if ((len = RSA_private_decrypt(len, cipher_text, plain_text, self->cipher, RSA_PKCS1_PADDING)) < 0) + lose("could not decrypt cipher text"); - obj = Py_BuildValue("s#", plain_text, len); - free( plain_text ); - return obj; + obj = Py_BuildValue("s#", plain_text, len); + free(plain_text); + return obj; -error: + error: - if (plain_text) - free(plain_text); - return NULL; + if (plain_text) + free(plain_text); + return NULL; } -static char asymmetric_object_sign__doc__[] = +static char asymmetric_object_sign__doc__[] = "<method>\n" " <header>\n" " <memberof>Asymmetric</memberof>\n" @@ -5335,11 +5246,11 @@ static char asymmetric_object_sign__doc__[] = " </header>\n" " <body>\n" " <para>\n" -" This method is used to produce a signed digest text. \n" +" This method is used to produce a signed digest text.\n" " This instance of\n" " <classname>Asymmetric</classname> should be a private key used for\n" " signing. The parameter\n" -" <parameter>digesttext</parameter> should be a digest of the \n" +" <parameter>digesttext</parameter> should be a digest of the\n" " data to protect against alteration and\n" " finally <parameter>digesttype</parameter> should be one of the\n" " following:\n" @@ -5356,7 +5267,7 @@ static char asymmetric_object_sign__doc__[] = " </simplelist>\n" " <para>\n" " If the procedure was successful, a string containing the signed\n" -" digest is returned. \n" +" digest is returned.\n" " </para>\n" " </body>\n" "</method>\n" @@ -5365,53 +5276,69 @@ static char asymmetric_object_sign__doc__[] = static PyObject * asymmetric_object_sign(asymmetric_object *self, PyObject *args) { - unsigned char *digest_text = NULL, *signed_text = NULL; - unsigned int digest_len = 0, digest_type = 0, digest_nid = 0, signed_len = 0; - PyObject *obj = NULL; - - if (!PyArg_ParseTuple(args, "s#i", &digest_text, &digest_len, &digest_type)) - goto error; - - if (self->key_type != RSA_PRIVATE_KEY) - lose("unsupported key type"); - - if ( !(signed_text = malloc( RSA_size(self->cipher) ) ) ) - lose("could not allocate memory"); - - switch(digest_type) - { - case MD2_DIGEST: - { digest_nid = NID_md2; digest_len = MD2_DIGEST_LENGTH; break; } - case MD5_DIGEST: - { digest_nid = NID_md5; digest_len = MD5_DIGEST_LENGTH; break; } - case SHA_DIGEST: - { digest_nid = NID_sha; digest_len = SHA_DIGEST_LENGTH; break; } - case SHA1_DIGEST: - { digest_nid = NID_sha1; digest_len = SHA_DIGEST_LENGTH; break; } - case RIPEMD160_DIGEST: - { digest_nid = NID_ripemd160; digest_len = RIPEMD160_DIGEST_LENGTH; break; } - case SHA256_DIGEST: - { digest_nid = NID_sha256; digest_len = SHA256_DIGEST_LENGTH; break; } - case SHA384_DIGEST: - { digest_nid = NID_sha384; digest_len = SHA384_DIGEST_LENGTH; break; } - case SHA512_DIGEST: - { digest_nid = NID_sha512; digest_len = SHA512_DIGEST_LENGTH; break; } - default: - lose("unsupported digest"); - } - if ( !(RSA_sign( digest_nid, digest_text, digest_len, signed_text, &signed_len, self->cipher ) ) ) - lose("could not sign digest"); - - obj = Py_BuildValue("s#", signed_text, signed_len); - free(signed_text); - return obj; - -error: - - if (signed_text) - free(signed_text); - - return NULL; + unsigned char *digest_text = NULL, *signed_text = NULL; + unsigned int digest_len = 0, digest_type = 0, digest_nid = 0, signed_len = 0; + PyObject *obj = NULL; + + if (!PyArg_ParseTuple(args, "s#i", &digest_text, &digest_len, &digest_type)) + goto error; + + if (self->key_type != RSA_PRIVATE_KEY) + lose("unsupported key type"); + + if ((signed_text = malloc(RSA_size(self->cipher))) == NULL) + lose("could not allocate memory"); + + switch(digest_type) { + case MD2_DIGEST: + digest_nid = NID_md2; + digest_len = MD2_DIGEST_LENGTH; + break; + case MD5_DIGEST: + digest_nid = NID_md5; + digest_len = MD5_DIGEST_LENGTH; + break; + case SHA_DIGEST: + digest_nid = NID_sha; + digest_len = SHA_DIGEST_LENGTH; + break; + case SHA1_DIGEST: + digest_nid = NID_sha1; + digest_len = SHA_DIGEST_LENGTH; + break; + case RIPEMD160_DIGEST: + digest_nid = NID_ripemd160; + digest_len = RIPEMD160_DIGEST_LENGTH; + break; + case SHA256_DIGEST: + digest_nid = NID_sha256; + digest_len = SHA256_DIGEST_LENGTH; + break; + case SHA384_DIGEST: + digest_nid = NID_sha384; + digest_len = SHA384_DIGEST_LENGTH; + break; + case SHA512_DIGEST: + digest_nid = NID_sha512; + digest_len = SHA512_DIGEST_LENGTH; + break; + default: + lose("unsupported digest"); + } + + if (!RSA_sign(digest_nid, digest_text, digest_len, signed_text, &signed_len, self->cipher)) + lose("could not sign digest"); + + obj = Py_BuildValue("s#", signed_text, signed_len); + free(signed_text); + return obj; + + error: + + if (signed_text) + free(signed_text); + + return NULL; } static char asymmetric_object_verify__doc__[] = @@ -5425,36 +5352,36 @@ static char asymmetric_object_verify__doc__[] = " </header>\n" " <body>\n" " <para>\n" -" This method is used to verify a signed digest text. \n" +" This method is used to verify a signed digest text.\n" " </para>\n" " <example>\n" " <title><function>verify</function> method usage</title>\n" " <programlisting>\n" " plain_text = 'Hello World!'\n" " print '\tPlain text:', plain_text\n" -" digest = POW.Digest( POW.RIPEMD160_DIGEST )\n" -" digest.update( plain_text )\n" +" digest = POW.Digest(POW.RIPEMD160_DIGEST)\n" +" digest.update(plain_text)\n" " print '\tDigest text:', digest.digest()\n" "\n" " privateFile = open('test/private.key', 'r')\n" -" privateKey = POW.pemRead( POW.RSA_PRIVATE_KEY, privateFile.read(), 'pass' )\n" +" privateKey = POW.pemRead(POW.RSA_PRIVATE_KEY, privateFile.read(), 'pass')\n" " privateFile.close()\n" " signed_text = privateKey.sign(digest.digest(), POW.RIPEMD160_DIGEST)\n" " print '\tSigned text:', signed_text\n" "\n" -" digest2 = POW.Digest( POW.RIPEMD160_DIGEST )\n" -" digest2.update( plain_text )\n" +" digest2 = POW.Digest(POW.RIPEMD160_DIGEST)\n" +" digest2.update(plain_text)\n" " publicFile = open('test/public.key', 'r')\n" -" publicKey = POW.pemRead( POW.RSA_PUBLIC_KEY, publicFile.read() )\n" +" publicKey = POW.pemRead(POW.RSA_PUBLIC_KEY, publicFile.read())\n" " publicFile.close()\n" -" if publicKey.verify( signed_text, digest2.digest(), POW.RIPEMD160_DIGEST ):\n" +" if publicKey.verify(signed_text, digest2.digest(), POW.RIPEMD160_DIGEST):\n" " print 'Signing verified!'\n" " else:\n" " print 'Signing gone wrong!'\n" " </programlisting>\n" " </example>\n" " <para>\n" -" The parameter <parameter>signedtext</parameter> should be a \n" +" The parameter <parameter>signedtext</parameter> should be a\n" " signed digest text. This instance of\n" " <classname>Asymmetric</classname> should correspond to the private\n" " key used to sign the digest. The parameter\n" @@ -5480,76 +5407,90 @@ static char asymmetric_object_verify__doc__[] = " </body>\n" "</method>\n" ; + static PyObject * asymmetric_object_verify(asymmetric_object *self, PyObject *args) { - unsigned char *digest_text = NULL, *signed_text = NULL; - int digest_len = 0, digest_type = 0, digest_nid = 0, signed_len = 0, result = 0; - - if (!PyArg_ParseTuple(args, "s#s#i", &signed_text, &signed_len, &digest_text, &digest_len, &digest_type)) - goto error; - - switch(digest_type) - { - case MD2_DIGEST: - { digest_len = MD2_DIGEST_LENGTH; digest_nid = NID_md2; break; } - case MD5_DIGEST: - { digest_len = MD5_DIGEST_LENGTH; digest_nid = NID_md5; break; } - case SHA_DIGEST: - { digest_len = SHA_DIGEST_LENGTH; digest_nid = NID_sha; break; } - case SHA1_DIGEST: - { digest_len = SHA_DIGEST_LENGTH; digest_nid = NID_sha1; break; } - case RIPEMD160_DIGEST: - { digest_len = RIPEMD160_DIGEST_LENGTH; digest_nid = NID_ripemd160; break; } - case SHA256_DIGEST: - { digest_len = SHA256_DIGEST_LENGTH; digest_nid = NID_sha256; break; } - case SHA384_DIGEST: - { digest_len = SHA384_DIGEST_LENGTH; digest_nid = NID_sha384; break; } - case SHA512_DIGEST: - { digest_len = SHA512_DIGEST_LENGTH; digest_nid = NID_sha512; break; } - default: - lose("unsupported digest"); - } - result = RSA_verify( digest_nid, digest_text, digest_len, signed_text, signed_len, self->cipher ); - - return Py_BuildValue("i", result); - -error: - - return NULL; + unsigned char *digest_text = NULL, *signed_text = NULL; + int digest_len = 0, digest_type = 0, digest_nid = 0, signed_len = 0, result = 0; + + if (!PyArg_ParseTuple(args, "s#s#i", &signed_text, &signed_len, &digest_text, &digest_len, &digest_type)) + goto error; + + switch (digest_type) { + case MD2_DIGEST: + digest_len = MD2_DIGEST_LENGTH; + digest_nid = NID_md2; + break; + case MD5_DIGEST: + digest_len = MD5_DIGEST_LENGTH; + digest_nid = NID_md5; + break; + case SHA_DIGEST: + digest_len = SHA_DIGEST_LENGTH; + digest_nid = NID_sha; + break; + case SHA1_DIGEST: + digest_len = SHA_DIGEST_LENGTH; + digest_nid = NID_sha1; + break; + case RIPEMD160_DIGEST: + digest_len = RIPEMD160_DIGEST_LENGTH; + digest_nid = NID_ripemd160; + break; + case SHA256_DIGEST: + digest_len = SHA256_DIGEST_LENGTH; + digest_nid = NID_sha256; + break; + case SHA384_DIGEST: + digest_len = SHA384_DIGEST_LENGTH; + digest_nid = NID_sha384; + break; + case SHA512_DIGEST: + digest_len = SHA512_DIGEST_LENGTH; + digest_nid = NID_sha512; + break; + default: + lose("unsupported digest"); + } + + result = RSA_verify(digest_nid, digest_text, digest_len, signed_text, signed_len, self->cipher); + + return Py_BuildValue("i", result); + + error: + + return NULL; } static struct PyMethodDef asymmetric_object_methods[] = { - {"pemWrite", (PyCFunction)asymmetric_object_pem_write, METH_VARARGS, NULL}, - {"derWrite", (PyCFunction)asymmetric_object_der_write, METH_VARARGS, NULL}, - {"publicEncrypt", (PyCFunction)asymmetric_object_public_encrypt, METH_VARARGS, NULL}, - {"privateEncrypt",(PyCFunction)asymmetric_object_private_encrypt, METH_VARARGS, NULL}, - {"privateDecrypt",(PyCFunction)asymmetric_object_private_decrypt, METH_VARARGS, NULL}, - {"publicDecrypt", (PyCFunction)asymmetric_object_public_decrypt, METH_VARARGS, NULL}, - {"sign", (PyCFunction)asymmetric_object_sign, METH_VARARGS, NULL}, - {"verify", (PyCFunction)asymmetric_object_verify, METH_VARARGS, NULL}, - - {NULL, NULL} /* sentinel */ + {"pemWrite", (PyCFunction)asymmetric_object_pem_write, METH_VARARGS, NULL}, + {"derWrite", (PyCFunction)asymmetric_object_der_write, METH_VARARGS, NULL}, + {"publicEncrypt", (PyCFunction)asymmetric_object_public_encrypt, METH_VARARGS, NULL}, + {"privateEncrypt", (PyCFunction)asymmetric_object_private_encrypt, METH_VARARGS, NULL}, + {"privateDecrypt", (PyCFunction)asymmetric_object_private_decrypt, METH_VARARGS, NULL}, + {"publicDecrypt", (PyCFunction)asymmetric_object_public_decrypt, METH_VARARGS, NULL}, + {"sign", (PyCFunction)asymmetric_object_sign, METH_VARARGS, NULL}, + {"verify", (PyCFunction)asymmetric_object_verify, METH_VARARGS, NULL}, + + {NULL} /* sentinel */ }; static PyObject * asymmetric_object_getattr(asymmetric_object *self, char *name) { - return Py_FindMethod(asymmetric_object_methods, (PyObject *)self, name); + return Py_FindMethod(asymmetric_object_methods, (PyObject *)self, name); } static void asymmetric_object_dealloc(asymmetric_object *self, char *name) { - switch( self->cipher_type ) - { - case RSA_CIPHER: - { - RSA_free( self->cipher ); - break; - } - } - PyObject_Del(self); + switch(self->cipher_type) { + case RSA_CIPHER: + RSA_free(self->cipher); + break; + } + PyObject_Del(self); } static char asymmetrictype__doc__[] = @@ -5597,24 +5538,23 @@ static PyTypeObject asymmetrictype = { static symmetric_object * symmetric_object_new(int cipher_type) { - symmetric_object *self = NULL; + symmetric_object *self = NULL; - self = PyObject_New( symmetric_object, &symmetrictype ); - if (self == NULL) - goto error; + if ((self = PyObject_New(symmetric_object, &symmetrictype)) == NULL) + goto error; - self->cipher_type = cipher_type; - EVP_CIPHER_CTX_init( &self->cipher_ctx ); + self->cipher_type = cipher_type; + EVP_CIPHER_CTX_init(&self->cipher_ctx); - return self; + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } -static char symmetric_object_encrypt_init__doc__[] = +static char symmetric_object_encrypt_init__doc__[] = "<method>\n" " <header>\n" " <memberof>Symmetric</memberof>\n" @@ -5629,8 +5569,8 @@ static char symmetric_object_encrypt_init__doc__[] = " data. The second, the <parameter>initialvalue</parameter> serves\n" " a similar purpose the the salt supplied to the Unix\n" " <function>crypt</function> function.\n" -" The <parameter>initialvalue</parameter> is normally chosen at random and \n" -" often transmitted with the encrypted data, its purpose is to prevent \n" +" The <parameter>initialvalue</parameter> is normally chosen at random and\n" +" often transmitted with the encrypted data, its purpose is to prevent\n" " two identical plain texts resulting in two identical cipher texts.\n" " </para>\n" " </body>\n" @@ -5640,26 +5580,26 @@ static char symmetric_object_encrypt_init__doc__[] = static PyObject * symmetric_object_encrypt_init(symmetric_object *self, PyObject *args) { - unsigned char *key = NULL, *iv = NULL, nulliv [] = ""; - const EVP_CIPHER *cipher = NULL; + unsigned char *key = NULL, *iv = NULL, nulliv [] = ""; + const EVP_CIPHER *cipher = NULL; - if (!PyArg_ParseTuple(args, "s|s", &key, &iv)) - goto error; + if (!PyArg_ParseTuple(args, "s|s", &key, &iv)) + goto error; + + if (!iv) + iv = nulliv; - if (!iv) - iv = nulliv; + if ((cipher = evp_cipher_factory(self->cipher_type)) == NULL) + lose("unsupported cipher"); - if ( !(cipher = evp_cipher_factory( self->cipher_type ) ) ) - lose("unsupported cipher"); + if (!EVP_EncryptInit(&self->cipher_ctx, cipher, key, iv)) + lose("could not initialise cipher"); - if ( !EVP_EncryptInit( &self->cipher_ctx, cipher, key, iv ) ) - lose("could not initialise cipher"); - - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static char symmetric_object_decrypt_init__doc__[] = @@ -5674,7 +5614,7 @@ static char symmetric_object_decrypt_init__doc__[] = " <para>\n" " This method sets up the cipher object to start decrypting a stream\n" " of data. The first value must be the key used to encrypt the\n" -" data. The second parameter is the <parameter>initialvalue</parameter> \n" +" data. The second parameter is the <parameter>initialvalue</parameter>\n" " used to encrypt the data.\n" " </para>\n" " </body>\n" @@ -5684,26 +5624,26 @@ static char symmetric_object_decrypt_init__doc__[] = static PyObject * symmetric_object_decrypt_init(symmetric_object *self, PyObject *args) { - unsigned char *key = NULL, *iv = NULL, nulliv [] = ""; - const EVP_CIPHER *cipher = NULL; + unsigned char *key = NULL, *iv = NULL, nulliv [] = ""; + const EVP_CIPHER *cipher = NULL; - if (!PyArg_ParseTuple(args, "s|s", &key, &iv)) - goto error; + if (!PyArg_ParseTuple(args, "s|s", &key, &iv)) + goto error; + + if (!iv) + iv = nulliv; - if (!iv) - iv = nulliv; + if ((cipher = evp_cipher_factory(self->cipher_type)) == NULL) + lose("unsupported cipher"); - if ( !(cipher = evp_cipher_factory( self->cipher_type ) ) ) - lose("unsupported cipher"); + if (!EVP_DecryptInit(&self->cipher_ctx, cipher, key, iv)) + lose("could not initialise cipher"); - if ( !EVP_DecryptInit( &self->cipher_ctx, cipher, key, iv ) ) - lose("could not initialise cipher"); - - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static char symmetric_object_update__doc__[] = @@ -5726,31 +5666,31 @@ static char symmetric_object_update__doc__[] = static PyObject * symmetric_object_update(symmetric_object *self, PyObject *args) { - int inl = 0, outl = 0; - unsigned char *in = NULL, *out = NULL; - PyObject *py_out = NULL; + int inl = 0, outl = 0; + unsigned char *in = NULL, *out = NULL; + PyObject *py_out = NULL; - if (!PyArg_ParseTuple(args, "s#", &in, &inl)) - goto error; + if (!PyArg_ParseTuple(args, "s#", &in, &inl)) + goto error; - if ( !(out = malloc( inl + EVP_CIPHER_CTX_block_size( &self->cipher_ctx) ) ) ) - lose("could not allocate memory"); + if ((out = malloc(inl + EVP_CIPHER_CTX_block_size(&self->cipher_ctx))) == NULL) + lose("could not allocate memory"); - if ( !EVP_CipherUpdate( &self->cipher_ctx, out, &outl, in, inl ) ) - lose("could not update cipher"); + if (!EVP_CipherUpdate(&self->cipher_ctx, out, &outl, in, inl)) + lose("could not update cipher"); - if ( !(py_out = Py_BuildValue("s#", out, outl) ) ) - lose("could not allocate memory"); + if ((py_out = Py_BuildValue("s#", out, outl)) == NULL) + lose("could not allocate memory"); - free(out); - return py_out; + free(out); + return py_out; -error: + error: - if (out) - free(out); + if (out) + free(out); - return NULL; + return NULL; } static char symmetric_object_final__doc__[] = @@ -5765,7 +5705,7 @@ static char symmetric_object_final__doc__[] = " Most ciphers are block ciphers, that is they encrypt or decrypt a block of\n" " data at a time. Often the data being processed will not fill an\n" " entire block, this method processes these half-empty blocks. A\n" -" string is returned of a maximum length <parameter>size</parameter>. \n" +" string is returned of a maximum length <parameter>size</parameter>.\n" " </para>\n" " </body>\n" "</method>\n" @@ -5774,52 +5714,52 @@ static char symmetric_object_final__doc__[] = static PyObject * symmetric_object_final(symmetric_object *self, PyObject *args) { - int outl = 0, size = 1024; - unsigned char *out = NULL; - PyObject *py_out = NULL; + int outl = 0, size = 1024; + unsigned char *out = NULL; + PyObject *py_out = NULL; - if (!PyArg_ParseTuple(args, "|i", &size)) - goto error; + if (!PyArg_ParseTuple(args, "|i", &size)) + goto error; - if ( !(out = malloc( size + EVP_CIPHER_CTX_block_size( &self->cipher_ctx) ) ) ) - lose("could not allocate memory"); + if ((out = malloc(size + EVP_CIPHER_CTX_block_size(&self->cipher_ctx))) == NULL) + lose("could not allocate memory"); - if ( !EVP_CipherFinal( &self->cipher_ctx, out, &outl ) ) - lose("could not update cipher"); + if (!EVP_CipherFinal(&self->cipher_ctx, out, &outl)) + lose("could not update cipher"); - if ( !(py_out = Py_BuildValue("s#", out, outl) ) ) - lose("could not allocate memory"); + if ((py_out = Py_BuildValue("s#", out, outl)) == NULL) + lose("could not allocate memory"); - free(out); - return py_out; + free(out); + return py_out; -error: + error: - if (out) - free(out); + if (out) + free(out); - return NULL; + return NULL; } static struct PyMethodDef symmetric_object_methods[] = { - {"encryptInit", (PyCFunction)symmetric_object_encrypt_init, METH_VARARGS, NULL}, - {"decryptInit", (PyCFunction)symmetric_object_decrypt_init, METH_VARARGS, NULL}, - {"update", (PyCFunction)symmetric_object_update, METH_VARARGS, NULL}, - {"final", (PyCFunction)symmetric_object_final, METH_VARARGS, NULL}, - + {"encryptInit", (PyCFunction)symmetric_object_encrypt_init, METH_VARARGS, NULL}, + {"decryptInit", (PyCFunction)symmetric_object_decrypt_init, METH_VARARGS, NULL}, + {"update", (PyCFunction)symmetric_object_update, METH_VARARGS, NULL}, + {"final", (PyCFunction)symmetric_object_final, METH_VARARGS, NULL}, + {NULL, NULL} /* sentinel */ }; static PyObject * symmetric_object_getattr(symmetric_object *self, char *name) { - return Py_FindMethod(symmetric_object_methods, (PyObject *)self, name); + return Py_FindMethod(symmetric_object_methods, (PyObject *)self, name); } static void symmetric_object_dealloc(symmetric_object *self, char *name) { - PyObject_Del(self); + PyObject_Del(self); } static char symmetrictype__doc__[] = @@ -5842,18 +5782,18 @@ static char symmetrictype__doc__[] = " <title><classname>Symmetric</classname> class usage</title>\n" " <programlisting>\n" " passphrase = 'my silly passphrase'\n" -" md5 = POW.Digest( POW.MD5_DIGEST )\n" -" md5.update( passphrase )\n" +" md5 = POW.Digest(POW.MD5_DIGEST)\n" +" md5.update(passphrase)\n" " password = md5.digest()[:8]\n" "\n" " plaintext = 'cast test message'\n" -" cast = POW.Symmetric( POW.CAST5_CFB ) \n" -" cast.encryptInit( password )\n" +" cast = POW.Symmetric(POW.CAST5_CFB)\n" +" cast.encryptInit(password)\n" " ciphertext = cast.update(plaintext) + cast.final()\n" " print 'Cipher text:', ciphertext\n" "\n" -" cast.decryptInit( password )\n" -" out = cast.update( ciphertext ) + cast.final()\n" +" cast.decryptInit(password)\n" +" out = cast.update(ciphertext) + cast.final()\n" " print 'Deciphered text:', out\n" " </programlisting>\n" " </example>\n" @@ -5891,40 +5831,54 @@ static PyTypeObject symmetrictype = { static digest_object * digest_object_new(int digest_type) { - digest_object *self = NULL; - - self = PyObject_New( digest_object, &digesttype ); - if (self == NULL) - goto error; - - switch(digest_type) - { - case MD2_DIGEST: - { self->digest_type = MD2_DIGEST; EVP_DigestInit( &self->digest_ctx, EVP_md2() ); break; } - case MD5_DIGEST: - { self->digest_type = MD5_DIGEST; EVP_DigestInit( &self->digest_ctx, EVP_md5() ); break; } - case SHA_DIGEST: - { self->digest_type = SHA_DIGEST; EVP_DigestInit( &self->digest_ctx, EVP_sha() ); break; } - case SHA1_DIGEST: - { self->digest_type = SHA1_DIGEST; EVP_DigestInit( &self->digest_ctx, EVP_sha1() ); break; } - case RIPEMD160_DIGEST: - { self->digest_type = RIPEMD160_DIGEST; EVP_DigestInit( &self->digest_ctx, EVP_ripemd160() ); break; } - case SHA256_DIGEST: - { self->digest_type = SHA256_DIGEST; EVP_DigestInit( &self->digest_ctx, EVP_sha256() ); break; } - case SHA384_DIGEST: - { self->digest_type = SHA384_DIGEST; EVP_DigestInit( &self->digest_ctx, EVP_sha384() ); break; } - case SHA512_DIGEST: - { self->digest_type = SHA512_DIGEST; EVP_DigestInit( &self->digest_ctx, EVP_sha512() ); break; } - default: - lose("unsupported digest"); - } - - return self; - -error: - - Py_XDECREF(self); - return NULL; + digest_object *self = NULL; + + if ((self = PyObject_New(digest_object, &digesttype)) == NULL) + goto error; + + switch(digest_type) { + case MD2_DIGEST: + self->digest_type = MD2_DIGEST; + EVP_DigestInit(&self->digest_ctx, EVP_md2()); + break; + case MD5_DIGEST: + self->digest_type = MD5_DIGEST; + EVP_DigestInit(&self->digest_ctx, EVP_md5()); + break; + case SHA_DIGEST: + self->digest_type = SHA_DIGEST; + EVP_DigestInit(&self->digest_ctx, EVP_sha()); + break; + case SHA1_DIGEST: + self->digest_type = SHA1_DIGEST; + EVP_DigestInit(&self->digest_ctx, EVP_sha1()); + break; + case RIPEMD160_DIGEST: + self->digest_type = RIPEMD160_DIGEST; + EVP_DigestInit(&self->digest_ctx, EVP_ripemd160()); + break; + case SHA256_DIGEST: + self->digest_type = SHA256_DIGEST; + EVP_DigestInit(&self->digest_ctx, EVP_sha256()); + break; + case SHA384_DIGEST: + self->digest_type = SHA384_DIGEST; + EVP_DigestInit(&self->digest_ctx, EVP_sha384()); + break; + case SHA512_DIGEST: + self->digest_type = SHA512_DIGEST; + EVP_DigestInit(&self->digest_ctx, EVP_sha512()); + break; + default: + lose("unsupported digest"); + } + + return self; + + error: + + Py_XDECREF(self); + return NULL; } static char digest_object_update__doc__[] = @@ -5936,7 +5890,7 @@ static char digest_object_update__doc__[] = " </header>\n" " <body>\n" " <para>\n" -" This method updates the internal structures of the \n" +" This method updates the internal structures of the\n" " <classname>Digest</classname> object with <parameter>data</parameter>.\n" " <parameter>data</parameter> should be a string.\n" " </para>\n" @@ -5947,22 +5901,22 @@ static char digest_object_update__doc__[] = static PyObject * digest_object_update(digest_object *self, PyObject *args) { - char *data = NULL; - int len = 0; + char *data = NULL; + int len = 0; - if (!PyArg_ParseTuple(args, "s#", &data, &len)) - goto error; + if (!PyArg_ParseTuple(args, "s#", &data, &len)) + goto error; - EVP_DigestUpdate( &self->digest_ctx, data, len ); + EVP_DigestUpdate(&self->digest_ctx, data, len); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } -static char digest_object_copy__doc__[] = +static char digest_object_copy__doc__[] = "<method>\n" " <header>\n" " <memberof>Digest</memberof>\n" @@ -5980,24 +5934,24 @@ static char digest_object_copy__doc__[] = static PyObject * digest_object_copy(digest_object *self, PyObject *args) { - digest_object *new = NULL; + digest_object *new = NULL; - if ( !(new = PyObject_New( digest_object, &digesttype ) ) ) - lose("could not allocate memory"); + if ((new = PyObject_New(digest_object, &digesttype)) == NULL) + lose("could not allocate memory"); - new->digest_type = self->digest_type; - if (!EVP_MD_CTX_copy( &new->digest_ctx, &self->digest_ctx )) - lose("could not copy digest"); + new->digest_type = self->digest_type; + if (!EVP_MD_CTX_copy(&new->digest_ctx, &self->digest_ctx)) + lose("could not copy digest"); - return (PyObject*)new; + return (PyObject*)new; -error: + error: - Py_XDECREF(new); - return NULL; + Py_XDECREF(new); + return NULL; } -static char digest_object_digest__doc__[] = +static char digest_object_digest__doc__[] = "<method>\n" " <header>\n" " <memberof>Digest</memberof>\n" @@ -6017,55 +5971,55 @@ static char digest_object_digest__doc__[] = static PyObject * digest_object_digest(digest_object *self, PyObject *args) { - unsigned char digest_text[EVP_MAX_MD_SIZE]; - void *md_copy = NULL; - unsigned digest_len = 0; + unsigned char digest_text[EVP_MAX_MD_SIZE]; + void *md_copy = NULL; + unsigned digest_len = 0; - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - if ( !(md_copy = malloc( sizeof(EVP_MD_CTX) ) ) ) - lose("could not allocate memory"); + if ((md_copy = malloc(sizeof(EVP_MD_CTX))) == NULL) + lose("could not allocate memory"); - if (!EVP_MD_CTX_copy( md_copy, &self->digest_ctx )) - lose("could not copy digest"); + if (!EVP_MD_CTX_copy(md_copy, &self->digest_ctx)) + lose("could not copy digest"); - EVP_DigestFinal( md_copy, digest_text, &digest_len ); + EVP_DigestFinal(md_copy, digest_text, &digest_len); - free(md_copy); + free(md_copy); - return Py_BuildValue("s#", digest_text, digest_len); + return Py_BuildValue("s#", digest_text, digest_len); -error: + error: - if (md_copy) - free(md_copy); + if (md_copy) + free(md_copy); - return NULL; + return NULL; } static struct PyMethodDef digest_object_methods[] = { - {"update", (PyCFunction)digest_object_update, METH_VARARGS, NULL}, - {"digest", (PyCFunction)digest_object_digest, METH_VARARGS, NULL}, - {"copy", (PyCFunction)digest_object_copy, METH_VARARGS, NULL}, - - {NULL, NULL} /* sentinel */ + {"update", (PyCFunction)digest_object_update, METH_VARARGS, NULL}, + {"digest", (PyCFunction)digest_object_digest, METH_VARARGS, NULL}, + {"copy", (PyCFunction)digest_object_copy, METH_VARARGS, NULL}, + + {NULL} /* sentinel */ }; static PyObject * digest_object_getattr(digest_object *self, char *name) { - return Py_FindMethod(digest_object_methods, (PyObject *)self, name); + return Py_FindMethod(digest_object_methods, (PyObject *)self, name); } static void digest_object_dealloc(digest_object *self, char *name) { - EVP_MD_CTX_cleanup( &self->digest_ctx ); - PyObject_Del(self); + EVP_MD_CTX_cleanup(&self->digest_ctx); + PyObject_Del(self); } -static char digesttype__doc__[] = +static char digesttype__doc__[] = "<class>\n" " <header>\n" " <name>Digest</name>\n" @@ -6081,8 +6035,8 @@ static char digesttype__doc__[] = " <title><classname>digest</classname> class usage</title>\n" " <programlisting>\n" " plain_text = 'Hello World!'\n" -" sha1 = POW.Digest( POW.SHA1_DIGEST )\n" -" sha1.update( plain_text )\n" +" sha1 = POW.Digest(POW.SHA1_DIGEST)\n" +" sha1.update(plain_text)\n" " print '\tPlain text: Hello World! =>', sha1.digest()\n" " </programlisting>\n" " </example>\n" @@ -6120,43 +6074,49 @@ static PyTypeObject digesttype = { static hmac_object * hmac_object_new(int digest_type, char *key, int key_len) { - hmac_object *self = NULL; - const EVP_MD *md = NULL; - - self = PyObject_New( hmac_object, &hmactype ); - if (self == NULL) - goto error; - - switch(digest_type) - { - case MD2_DIGEST: - { md = EVP_md2(); break; } - case MD5_DIGEST: - { md = EVP_md5(); break; } - case SHA_DIGEST: - { md = EVP_sha(); break; } - case SHA1_DIGEST: - { md = EVP_sha1(); break; } - case RIPEMD160_DIGEST: - { md = EVP_ripemd160(); break; } - case SHA256_DIGEST: - { md = EVP_sha256(); break; } - case SHA384_DIGEST: - { md = EVP_sha384(); break; } - case SHA512_DIGEST: - { md = EVP_sha512(); break; } - default: - lose("unsupported digest"); - } - - HMAC_Init( &self->hmac_ctx, key, key_len, md ); - - return self; - -error: - - Py_XDECREF(self); - return NULL; + hmac_object *self = NULL; + const EVP_MD *md = NULL; + + if ((self = PyObject_New(hmac_object, &hmactype)) == NULL) + goto error; + + switch (digest_type) { + case MD2_DIGEST: + md = EVP_md2(); + break; + case MD5_DIGEST: + md = EVP_md5(); + break; + case SHA_DIGEST: + md = EVP_sha(); + break; + case SHA1_DIGEST: + md = EVP_sha1(); + break; + case RIPEMD160_DIGEST: + md = EVP_ripemd160(); + break; + case SHA256_DIGEST: + md = EVP_sha256(); + break; + case SHA384_DIGEST: + md = EVP_sha384(); + break; + case SHA512_DIGEST: + md = EVP_sha512(); + break; + default: + lose("unsupported digest"); + } + + HMAC_Init(&self->hmac_ctx, key, key_len, md); + + return self; + + error: + + Py_XDECREF(self); + return NULL; } static char hmac_object_update__doc__[] = @@ -6168,7 +6128,7 @@ static char hmac_object_update__doc__[] = " </header>\n" " <body>\n" " <para>\n" -" This method updates the internal structures of the \n" +" This method updates the internal structures of the\n" " <classname>Hmac</classname> object with <parameter>data</parameter>.\n" " <parameter>data</parameter> should be a string.\n" " </para>\n" @@ -6179,19 +6139,19 @@ static char hmac_object_update__doc__[] = static PyObject * hmac_object_update(hmac_object *self, PyObject *args) { - unsigned char *data = NULL; - int len = 0; + unsigned char *data = NULL; + int len = 0; - if (!PyArg_ParseTuple(args, "s#", &data, &len)) - goto error; + if (!PyArg_ParseTuple(args, "s#", &data, &len)) + goto error; - HMAC_Update( &self->hmac_ctx, data, len ); + HMAC_Update(&self->hmac_ctx, data, len); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static char hmac_object_copy__doc__[] = @@ -6212,19 +6172,19 @@ static char hmac_object_copy__doc__[] = static PyObject * hmac_object_copy(hmac_object *self, PyObject *args) { - hmac_object *new = NULL; + hmac_object *new = NULL; - if ( !(new = PyObject_New( hmac_object, &hmactype ) ) ) - lose("could not allocate memory"); + if ((new = PyObject_New(hmac_object, &hmactype)) == NULL) + lose("could not allocate memory"); - memcpy( &new->hmac_ctx, &self->hmac_ctx, sizeof(HMAC_CTX) ); + memcpy(&new->hmac_ctx, &self->hmac_ctx, sizeof(HMAC_CTX)); - return (PyObject*)new; + return (PyObject*) new; -error: + error: - Py_XDECREF(new); - return NULL; + Py_XDECREF(new); + return NULL; } static char hmac_object_mac__doc__[] = @@ -6247,52 +6207,52 @@ static char hmac_object_mac__doc__[] = static PyObject * hmac_object_mac(hmac_object *self, PyObject *args) { - unsigned char hmac_text[EVP_MAX_MD_SIZE]; - void *hmac_copy = NULL; - unsigned int hmac_len = 0; + unsigned char hmac_text[EVP_MAX_MD_SIZE]; + void *hmac_copy = NULL; + unsigned int hmac_len = 0; - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - if ( !(hmac_copy = malloc( sizeof(HMAC_CTX) ) ) ) - lose("could not allocate memory"); + if ((hmac_copy = malloc(sizeof(HMAC_CTX))) == NULL) + lose("could not allocate memory"); - memcpy( hmac_copy, &self->hmac_ctx, sizeof(HMAC_CTX) ); - HMAC_Final( hmac_copy, hmac_text, &hmac_len ); + memcpy(hmac_copy, &self->hmac_ctx, sizeof(HMAC_CTX)); + HMAC_Final(hmac_copy, hmac_text, &hmac_len); - free(hmac_copy); - return Py_BuildValue("s#", hmac_text, hmac_len); + free(hmac_copy); + return Py_BuildValue("s#", hmac_text, hmac_len); -error: + error: - if (hmac_copy) - free(hmac_copy); + if (hmac_copy) + free(hmac_copy); - return NULL; + return NULL; } static struct PyMethodDef hmac_object_methods[] = { - {"update", (PyCFunction)hmac_object_update, METH_VARARGS, NULL}, - {"mac", (PyCFunction)hmac_object_mac, METH_VARARGS, NULL}, - {"copy", (PyCFunction)hmac_object_copy, METH_VARARGS, NULL}, - + {"update", (PyCFunction)hmac_object_update, METH_VARARGS, NULL}, + {"mac", (PyCFunction)hmac_object_mac, METH_VARARGS, NULL}, + {"copy", (PyCFunction)hmac_object_copy, METH_VARARGS, NULL}, + {NULL, NULL} /* sentinel */ }; static PyObject * hmac_object_getattr(hmac_object *self, char *name) { - return Py_FindMethod(hmac_object_methods, (PyObject *)self, name); + return Py_FindMethod(hmac_object_methods, (PyObject *)self, name); } static void hmac_object_dealloc(hmac_object *self, char *name) { - PyObject_Del(self); + PyObject_Del(self); } -static char hmactype__doc__[] = +static char hmactype__doc__[] = "<class>\n" " <header>\n" " <name>Hmac</name>\n" @@ -6338,124 +6298,127 @@ static PyTypeObject hmactype = { static pkcs7_object * PKCS7_object_new(void) { - pkcs7_object *self; + pkcs7_object *self; - self = PyObject_New( pkcs7_object, &pkcs7type ); - if (self == NULL) - goto error; + if ((self = PyObject_New(pkcs7_object, &pkcs7type)) == NULL) + goto error; - self->pkcs7 = NULL; - return self; + self->pkcs7 = NULL; + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } static pkcs7_object * PKCS7_object_pem_read(BIO *in) { - pkcs7_object *self; + pkcs7_object *self; - if ( !(self = PyObject_New( pkcs7_object, &pkcs7type ) ) ) - goto error; + if ((self = PyObject_New(pkcs7_object, &pkcs7type)) == NULL) + goto error; - if( !(self->pkcs7 = PEM_read_bio_PKCS7( in, NULL, NULL, NULL ) ) ) - lose("could not load PEM encoded PKCS7 message"); + if((self->pkcs7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL)) == NULL) + lose("could not load PEM encoded PKCS7 message"); - return self; + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } static pkcs7_object * PKCS7_object_der_read(char *src, int len) { - pkcs7_object *self; - BIO *bio = NULL; + pkcs7_object *self; + BIO *bio = NULL; - if ( !(self = PyObject_New( pkcs7_object, &pkcs7type ) ) ) - goto error; + if ((self = PyObject_New(pkcs7_object, &pkcs7type)) == NULL) + goto error; - self->pkcs7 = PKCS7_new(); + self->pkcs7 = PKCS7_new(); - if ( !(bio = BIO_new_mem_buf(src, len) ) ) - goto error; + if ((bio = BIO_new_mem_buf(src, len)) == NULL) + goto error; - if( !(d2i_PKCS7_bio( bio, &self->pkcs7 ) ) ) - lose("could not load PEM encoded PKCS7 message"); + if(!d2i_PKCS7_bio(bio, &self->pkcs7)) + lose("could not load PEM encoded PKCS7 message"); - BIO_free(bio); + BIO_free(bio); - return self; + return self; -error: + error: - if (bio) - BIO_free(bio); + if (bio) + BIO_free(bio); - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } static PyObject * PKCS7_object_write_helper(pkcs7_object *self, PyObject *args, int format) { - int len = 0; - char *buf = NULL; - BIO *out_bio = NULL; - PyObject *cert = NULL; - - if (!PyArg_ParseTuple(args, "")) - return NULL; + int len = 0; + char *buf = NULL; + BIO *out_bio = NULL; + PyObject *cert = NULL; + + if (!PyArg_ParseTuple(args, "")) + return NULL; + + out_bio = BIO_new(BIO_s_mem()); + + switch (format) { + + case DER_FORMAT: + if (!i2d_PKCS7_bio(out_bio, self->pkcs7)) + lose("unable to write pkcs#7 message"); + break; - out_bio = BIO_new(BIO_s_mem()); + case PEM_FORMAT: + if (!PEM_write_bio_PKCS7(out_bio, self->pkcs7)) + lose("unable to write pkcs#7 message"); + break; - if (format == DER_FORMAT) - { - if (!i2d_PKCS7_bio(out_bio, self->pkcs7) ) - lose("unable to write certificate"); - } - else if (format == PEM_FORMAT) - { - if (!PEM_write_bio_PKCS7(out_bio, self->pkcs7) ) - lose("unable to write certificate"); - } - else - lose("internal error, unknown output format"); + default: + lose("internal error, unknown output format"); + } - if ( !(len = BIO_ctrl_pending(out_bio) ) ) - lose("unable to get bytes stored in bio"); - if ( !(buf = malloc(len) ) ) - lose("unable to allocate memory"); + if ((len = BIO_ctrl_pending(out_bio)) == 0) + lose("unable to get bytes stored in bio"); - if ( BIO_read( out_bio, buf, len ) != len ) - lose("unable to write out cert"); + if ((buf = malloc(len)) == NULL) + lose("unable to allocate memory"); - cert = Py_BuildValue("s#", buf, len); + if (BIO_read(out_bio, buf, len) != len) + lose("unable to write out cert"); - BIO_free(out_bio); - free(buf); - return cert; - -error: + cert = Py_BuildValue("s#", buf, len); - if (out_bio) - BIO_free(out_bio); + BIO_free(out_bio); + free(buf); + return cert; - if (buf) - free(buf); + error: - Py_XDECREF(cert); - return NULL; + if (out_bio) + BIO_free(out_bio); + + if (buf) + free(buf); + + Py_XDECREF(cert); + return NULL; } -static char PKCS7_object_pem_write__doc__[] = +static char PKCS7_object_pem_write__doc__[] = "<method>\n" " <header>\n" " <memberof>PKCS7</memberof>\n" @@ -6473,7 +6436,7 @@ static char PKCS7_object_pem_write__doc__[] = static PyObject * PKCS7_object_pem_write(pkcs7_object *self, PyObject *args) { - return PKCS7_object_write_helper(self, args, PEM_FORMAT); + return PKCS7_object_write_helper(self, args, PEM_FORMAT); } static char PKCS7_object_der_write__doc__[] = @@ -6494,10 +6457,10 @@ static char PKCS7_object_der_write__doc__[] = static PyObject * PKCS7_object_der_write(pkcs7_object *self, PyObject *args) { - return PKCS7_object_write_helper(self, args, DER_FORMAT); + return PKCS7_object_write_helper(self, args, DER_FORMAT); } -static char PKCS7_object_sign__doc__[] = +static char PKCS7_object_sign__doc__[] = "<method>\n" " <header>\n" " <memberof>PKCS7</memberof>\n" @@ -6519,74 +6482,74 @@ static char PKCS7_object_sign__doc__[] = static PyObject * PKCS7_object_sign(pkcs7_object *self, PyObject *args) { - asymmetric_object *signkey = NULL; - x509_object *signcert = NULL; - PyObject *x509_sequence = NULL; - STACK_OF(X509) *x509_stack = NULL; - EVP_PKEY *pkey = NULL; - char *buf = NULL; - int len, flags = PKCS7_BINARY | PKCS7_NOATTR; - BIO *bio = NULL; - PKCS7 *p7 = NULL; - PyObject *no_certs = Py_False; - - if (!PyArg_ParseTuple(args, "O!O!Os#|O!", - &x509type, &signcert, - &asymmetrictype, &signkey, - &x509_sequence, - &buf, &len, - &PyBool_Type, &no_certs)) - goto error; + asymmetric_object *signkey = NULL; + x509_object *signcert = NULL; + PyObject *x509_sequence = NULL; + STACK_OF(X509) *x509_stack = NULL; + EVP_PKEY *pkey = NULL; + char *buf = NULL; + int len, flags = PKCS7_BINARY | PKCS7_NOATTR; + BIO *bio = NULL; + PKCS7 *p7 = NULL; + PyObject *no_certs = Py_False; - if (signkey->key_type != RSA_PRIVATE_KEY) - lose("unsupported key type"); + if (!PyArg_ParseTuple(args, "O!O!Os#|O!", + &x509type, &signcert, + &asymmetrictype, &signkey, + &x509_sequence, + &buf, &len, + &PyBool_Type, &no_certs)) + goto error; - if ( !(x509_stack = x509_helper_sequence_to_stack(x509_sequence)) ) - goto error; + if (signkey->key_type != RSA_PRIVATE_KEY) + lose("unsupported key type"); - if ( !(pkey = EVP_PKEY_new() ) ) - lose("could not allocate memory"); + if ((x509_stack = x509_helper_sequence_to_stack(x509_sequence)) == NULL) + goto error; - if ( !(EVP_PKEY_assign_RSA(pkey, signkey->cipher) ) ) - lose("EVP_PKEY assignment error"); + if ((pkey = EVP_PKEY_new()) == NULL) + lose("could not allocate memory"); - if ( !(bio = BIO_new_mem_buf(buf, len))) - goto error; + if (!EVP_PKEY_assign_RSA(pkey, signkey->cipher)) + lose("EVP_PKEY assignment error"); - if ( no_certs == Py_True ) - flags |= PKCS7_NOCERTS; + if ((bio = BIO_new_mem_buf(buf, len)) == NULL) + goto error; - if ( !(p7 = PKCS7_sign(signcert->x509, pkey, x509_stack, bio, flags))) - lose_openssl_error("could not sign PKCS7 message"); + if (no_certs == Py_True) + flags |= PKCS7_NOCERTS; - if (self->pkcs7) - PKCS7_free(self->pkcs7); - self->pkcs7 = p7; - p7 = NULL; + if ((p7 = PKCS7_sign(signcert->x509, pkey, x509_stack, bio, flags)) == NULL) + lose_openssl_error("could not sign PKCS7 message"); - sk_X509_free(x509_stack); - BIO_free(bio); + if (self->pkcs7) + PKCS7_free(self->pkcs7); + self->pkcs7 = p7; + p7 = NULL; - return Py_BuildValue(""); + sk_X509_free(x509_stack); + BIO_free(bio); -error: + return Py_BuildValue(""); - if (p7) - PKCS7_free(p7); + error: - if (bio) - BIO_free(bio); + if (p7) + PKCS7_free(p7); - if (x509_stack) - sk_X509_free(x509_stack); + if (bio) + BIO_free(bio); - if (pkey) - EVP_PKEY_free(pkey); + if (x509_stack) + sk_X509_free(x509_stack); - return NULL; + if (pkey) + EVP_PKEY_free(pkey); + + return NULL; } -static char PKCS7_object_verify__doc__[] = +static char PKCS7_object_verify__doc__[] = "<method>\n" " <header>\n" " <memberof>PKCS7</memberof>\n" @@ -6607,79 +6570,79 @@ static char PKCS7_object_verify__doc__[] = static PyObject * PKCS7_object_verify(pkcs7_object *self, PyObject *args) { - x509_store_object *store = NULL; - PyObject *result = NULL, *certs_sequence = Py_None; - STACK_OF(X509) *certs_stack = NULL; - char *buf = NULL; - BIO *bio = NULL; - int len; + x509_store_object *store = NULL; + PyObject *result = NULL, *certs_sequence = Py_None; + STACK_OF(X509) *certs_stack = NULL; + char *buf = NULL; + BIO *bio = NULL; + int len; - if (!(bio = BIO_new(BIO_s_mem()))) - goto error; + if ((bio = BIO_new(BIO_s_mem())) == NULL) + goto error; - if (!PyArg_ParseTuple(args, "O!|O", &x509_storetype, &store, &certs_sequence)) - goto error; + if (!PyArg_ParseTuple(args, "O!|O", &x509_storetype, &store, &certs_sequence)) + goto error; - if (certs_sequence != Py_None && - !(certs_stack = x509_helper_sequence_to_stack(certs_sequence))) - goto error; + if (certs_sequence != Py_None && + (certs_stack = x509_helper_sequence_to_stack(certs_sequence)) == NULL) + goto error; - if (PKCS7_verify(self->pkcs7, certs_stack, store->store, NULL, bio, 0) <= 0) - lose_openssl_error("could not verify PKCS7 message"); + if (PKCS7_verify(self->pkcs7, certs_stack, store->store, NULL, bio, 0) <= 0) + lose_openssl_error("could not verify PKCS7 message"); - if (!(len = BIO_ctrl_pending(bio))) - lose("unable to get bytes stored in bio"); + if ((len = BIO_ctrl_pending(bio)) == 0) + lose("unable to get bytes stored in bio"); - if (!(buf = malloc(len) ) ) - lose("unable to allocate memory"); + if ((buf = malloc(len)) == NULL) + lose("unable to allocate memory"); - if (BIO_read( bio, buf, len ) != len) - lose("unable to write out PKCS7 content"); + if (BIO_read(bio, buf, len) != len) + lose("unable to write out PKCS7 content"); - result = Py_BuildValue("s#", buf, len); + result = Py_BuildValue("s#", buf, len); - if (certs_stack) - sk_X509_free(certs_stack); - BIO_free(bio); - free(buf); + if (certs_stack) + sk_X509_free(certs_stack); + BIO_free(bio); + free(buf); - return result; + return result; -error: + error: - if (certs_stack) - sk_X509_free(certs_stack); + if (certs_stack) + sk_X509_free(certs_stack); - if (bio) - BIO_free(bio); + if (bio) + BIO_free(bio); - if (buf) - free(buf); + if (buf) + free(buf); - return NULL; + return NULL; } static struct PyMethodDef PKCS7_object_methods[] = { - {"pemWrite", (PyCFunction)PKCS7_object_pem_write, METH_VARARGS, NULL}, - {"derWrite", (PyCFunction)PKCS7_object_der_write, METH_VARARGS, NULL}, - {"sign", (PyCFunction)PKCS7_object_sign, METH_VARARGS, NULL}, + {"pemWrite", (PyCFunction)PKCS7_object_pem_write, METH_VARARGS, NULL}, + {"derWrite", (PyCFunction)PKCS7_object_der_write, METH_VARARGS, NULL}, + {"sign", (PyCFunction)PKCS7_object_sign, METH_VARARGS, NULL}, {"verify", (PyCFunction)PKCS7_object_verify, METH_VARARGS, NULL}, - + {NULL, NULL} /* sentinel */ }; static PyObject * PKCS7_object_getattr(pkcs7_object *self, char *name) { - return Py_FindMethod(PKCS7_object_methods, (PyObject *)self, name); + return Py_FindMethod(PKCS7_object_methods, (PyObject *)self, name); } static void PKCS7_object_dealloc(pkcs7_object *self, char *name) { - PKCS7_free( self->pkcs7 ); - PyObject_Del(self); + PKCS7_free(self->pkcs7); + PyObject_Del(self); } static char pkcs7type__doc__[] = @@ -6725,124 +6688,126 @@ static PyTypeObject pkcs7type = { static cms_object * CMS_object_new(void) { - cms_object *self; + cms_object *self; - self = PyObject_New( cms_object, &cmstype ); - if (self == NULL) - goto error; + if ((self = PyObject_New(cms_object, &cmstype)) == NULL) + goto error; - self->cms = NULL; - return self; + self->cms = NULL; + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } static cms_object * CMS_object_pem_read(BIO *in) { - cms_object *self; + cms_object *self; - if ( !(self = PyObject_New( cms_object, &cmstype ) ) ) - goto error; + if ((self = PyObject_New(cms_object, &cmstype)) == NULL) + goto error; - if( !(self->cms = PEM_read_bio_CMS( in, NULL, NULL, NULL ) ) ) - lose("could not load PEM encoded CMS message"); + if ((self->cms = PEM_read_bio_CMS(in, NULL, NULL, NULL)) == NULL) + lose("could not load PEM encoded CMS message"); - return self; + return self; -error: + error: - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } static cms_object * CMS_object_der_read(char *src, int len) { - cms_object *self; - BIO *bio = NULL; + cms_object *self; + BIO *bio = NULL; - if ( !(self = PyObject_New( cms_object, &cmstype ) ) ) - goto error; + if ((self = PyObject_New(cms_object, &cmstype)) == NULL) + goto error; - self->cms = CMS_ContentInfo_new(); + self->cms = CMS_ContentInfo_new(); - if ( !(bio = BIO_new_mem_buf(src, len) ) ) - goto error; + if ((bio = BIO_new_mem_buf(src, len)) == NULL) + goto error; - if( !(d2i_CMS_bio( bio, &self->cms ) ) ) - lose("could not load DER encoded CMS message"); + if (!d2i_CMS_bio(bio, &self->cms)) + lose("could not load DER encoded CMS message"); - BIO_free(bio); + BIO_free(bio); - return self; + return self; -error: + error: - if (bio) - BIO_free(bio); + if (bio) + BIO_free(bio); - Py_XDECREF(self); - return NULL; + Py_XDECREF(self); + return NULL; } static PyObject * CMS_object_write_helper(cms_object *self, PyObject *args, int format) { - int len = 0; - char *buf = NULL; - BIO *out_bio = NULL; - PyObject *cert = NULL; - - if (!PyArg_ParseTuple(args, "")) - return NULL; + int len = 0; + char *buf = NULL; + BIO *out_bio = NULL; + PyObject *cert = NULL; + + if (!PyArg_ParseTuple(args, "")) + return NULL; + + out_bio = BIO_new(BIO_s_mem()); + + switch (format) { - out_bio = BIO_new(BIO_s_mem()); + case DER_FORMAT: + if (!i2d_CMS_bio(out_bio, self->cms)) + lose("unable to write certificate"); + break; - if (format == DER_FORMAT) - { - if (!i2d_CMS_bio(out_bio, self->cms) ) - lose("unable to write certificate"); - } - else if (format == PEM_FORMAT) - { - if (!PEM_write_bio_CMS(out_bio, self->cms) ) - lose("unable to write certificate"); - } - else - lose("internal error, unknown output format"); + case PEM_FORMAT: + if (!PEM_write_bio_CMS(out_bio, self->cms)) + lose("unable to write certificate"); + break; - if ( !(len = BIO_ctrl_pending(out_bio) ) ) - lose("unable to get bytes stored in bio"); + default: + lose("internal error, unknown output format"); + } - if ( !(buf = malloc(len) ) ) - lose("unable to allocate memory"); + if ((len = BIO_ctrl_pending(out_bio)) == 0) + lose("unable to get bytes stored in bio"); - if ( BIO_read( out_bio, buf, len ) != len ) - lose("unable to write out cert"); + if ((buf = malloc(len)) == NULL) + lose("unable to allocate memory"); - cert = Py_BuildValue("s#", buf, len); + if (BIO_read(out_bio, buf, len) != len) + lose("unable to write out cert"); - BIO_free(out_bio); - free(buf); - return cert; - -error: + cert = Py_BuildValue("s#", buf, len); - if (out_bio) - BIO_free(out_bio); + BIO_free(out_bio); + free(buf); + return cert; - if (buf) - free(buf); + error: - Py_XDECREF(cert); - return NULL; + if (out_bio) + BIO_free(out_bio); + + if (buf) + free(buf); + + Py_XDECREF(cert); + return NULL; } -static char CMS_object_pem_write__doc__[] = +static char CMS_object_pem_write__doc__[] = "<method>\n" " <header>\n" " <memberof>CMS</memberof>\n" @@ -6860,7 +6825,7 @@ static char CMS_object_pem_write__doc__[] = static PyObject * CMS_object_pem_write(cms_object *self, PyObject *args) { - return CMS_object_write_helper(self, args, PEM_FORMAT); + return CMS_object_write_helper(self, args, PEM_FORMAT); } static char CMS_object_der_write__doc__[] = @@ -6881,10 +6846,10 @@ static char CMS_object_der_write__doc__[] = static PyObject * CMS_object_der_write(cms_object *self, PyObject *args) { - return CMS_object_write_helper(self, args, DER_FORMAT); + return CMS_object_write_helper(self, args, DER_FORMAT); } -static char CMS_object_sign__doc__[] = +static char CMS_object_sign__doc__[] = "<method>\n" " <header>\n" " <memberof>CMS</memberof>\n" @@ -6911,146 +6876,146 @@ static char CMS_object_sign__doc__[] = static PyObject * CMS_object_sign(cms_object *self, PyObject *args) { - asymmetric_object *signkey = NULL; - x509_object *signcert = NULL; - x509_crl_object *crlobj = NULL; - PyObject *x509_sequence = Py_None, *crl_sequence = Py_None, *result = NULL; - STACK_OF(X509) *x509_stack = NULL; - EVP_PKEY *pkey = NULL; - char *buf = NULL, *oid = NULL; - int i, n, len; - unsigned flags = 0; - BIO *bio = NULL; - CMS_ContentInfo *cms = NULL; - ASN1_OBJECT *econtent_type = NULL; - - if (!PyArg_ParseTuple(args, "O!O!s#|OOsI", - &x509type, &signcert, - &asymmetrictype, &signkey, - &buf, &len, - &x509_sequence, - &crl_sequence, - &oid, - &flags)) - goto error; + asymmetric_object *signkey = NULL; + x509_object *signcert = NULL; + x509_crl_object *crlobj = NULL; + PyObject *x509_sequence = Py_None, *crl_sequence = Py_None, *result = NULL; + STACK_OF(X509) *x509_stack = NULL; + EVP_PKEY *pkey = NULL; + char *buf = NULL, *oid = NULL; + int i, n, len; + unsigned flags = 0; + BIO *bio = NULL; + CMS_ContentInfo *cms = NULL; + ASN1_OBJECT *econtent_type = NULL; - assert_no_unhandled_openssl_errors(); + if (!PyArg_ParseTuple(args, "O!O!s#|OOsI", + &x509type, &signcert, + &asymmetrictype, &signkey, + &buf, &len, + &x509_sequence, + &crl_sequence, + &oid, + &flags)) + goto error; - flags &= CMS_NOCERTS | CMS_NOATTR; - flags |= CMS_BINARY | CMS_NOSMIMECAP | CMS_PARTIAL | CMS_USE_KEYID; + assert_no_unhandled_openssl_errors(); - if (signkey->key_type != RSA_PRIVATE_KEY) - lose("unsupported key type"); + flags &= CMS_NOCERTS | CMS_NOATTR; + flags |= CMS_BINARY | CMS_NOSMIMECAP | CMS_PARTIAL | CMS_USE_KEYID; - if ( !(x509_stack = x509_helper_sequence_to_stack(x509_sequence)) ) - goto error; + if (signkey->key_type != RSA_PRIVATE_KEY) + lose("unsupported key type"); - assert_no_unhandled_openssl_errors(); + if ((x509_stack = x509_helper_sequence_to_stack(x509_sequence)) == NULL) + goto error; - if ( !(pkey = EVP_PKEY_new() ) ) - lose_openssl_error("could not allocate memory"); + assert_no_unhandled_openssl_errors(); - assert_no_unhandled_openssl_errors(); + if ((pkey = EVP_PKEY_new()) == NULL) + lose_openssl_error("could not allocate memory"); - if ( !(EVP_PKEY_assign_RSA(pkey, signkey->cipher) ) ) - lose_openssl_error("EVP_PKEY assignment error"); + assert_no_unhandled_openssl_errors(); - assert_no_unhandled_openssl_errors(); + if (!EVP_PKEY_assign_RSA(pkey, signkey->cipher)) + lose_openssl_error("EVP_PKEY assignment error"); - if ( !(bio = BIO_new_mem_buf(buf, len))) - goto error; + assert_no_unhandled_openssl_errors(); - assert_no_unhandled_openssl_errors(); + if ((bio = BIO_new_mem_buf(buf, len)) == NULL) + goto error; - if ( oid && (econtent_type = OBJ_txt2obj(oid, 0)) == NULL ) - lose_openssl_error("could not parse OID"); + assert_no_unhandled_openssl_errors(); - assert_no_unhandled_openssl_errors(); + if (oid && (econtent_type = OBJ_txt2obj(oid, 0)) == NULL) + lose_openssl_error("could not parse OID"); - if ( !(cms = CMS_sign(NULL, NULL, x509_stack, bio, flags))) - lose_openssl_error("could not create CMS message"); + assert_no_unhandled_openssl_errors(); - assert_no_unhandled_openssl_errors(); + if ((cms = CMS_sign(NULL, NULL, x509_stack, bio, flags)) == NULL) + lose_openssl_error("could not create CMS message"); - if (econtent_type) - CMS_set1_eContentType(cms, econtent_type); + assert_no_unhandled_openssl_errors(); - assert_no_unhandled_openssl_errors(); + if (econtent_type) + CMS_set1_eContentType(cms, econtent_type); - if ( !CMS_add1_signer(cms, signcert->x509, pkey, EVP_sha256(), flags)) - lose_openssl_error("could not sign CMS message"); + assert_no_unhandled_openssl_errors(); - pkey = NULL; /* CMS_add1_signer() now owns pkey */ + if (!CMS_add1_signer(cms, signcert->x509, pkey, EVP_sha256(), flags)) + lose_openssl_error("could not sign CMS message"); - assert_no_unhandled_openssl_errors(); + pkey = NULL; /* CMS_add1_signer() now owns pkey */ - if (crl_sequence != Py_None) { + assert_no_unhandled_openssl_errors(); - if (!PyTuple_Check(crl_sequence) && !PyList_Check(crl_sequence)) - lose_type_error("inapropriate type"); + if (crl_sequence != Py_None) { - n = PySequence_Size( crl_sequence ); + if (!PyTuple_Check(crl_sequence) && !PyList_Check(crl_sequence)) + lose_type_error("inapropriate type"); + + n = PySequence_Size(crl_sequence); - for (i = 0; i < n; i++) { + for (i = 0; i < n; i++) { - if ( !(crlobj = (x509_crl_object *) PySequence_GetItem(crl_sequence, i))) - goto error; + if ((crlobj = (x509_crl_object *) PySequence_GetItem(crl_sequence, i)) == NULL) + goto error; - if (!X_X509_crl_Check(crlobj)) - lose_type_error("inappropriate type"); + if (!X_X509_crl_Check(crlobj)) + lose_type_error("inappropriate type"); - if (!crlobj->crl) - lose("CRL object with null crl field!"); + if (!crlobj->crl) + lose("CRL object with null crl field!"); - if (!CMS_add1_crl(cms, crlobj->crl)) - lose_openssl_error("could not add CRL to CMS"); + if (!CMS_add1_crl(cms, crlobj->crl)) + lose_openssl_error("could not add CRL to CMS"); - assert_no_unhandled_openssl_errors(); + assert_no_unhandled_openssl_errors(); - Py_DECREF(crlobj); - crlobj = NULL; - } - } + Py_DECREF(crlobj); + crlobj = NULL; + } + } - if ( !CMS_final(cms, bio, NULL, flags)) - lose_openssl_error("could not finalize CMS signatures"); + if (!CMS_final(cms, bio, NULL, flags)) + lose_openssl_error("could not finalize CMS signatures"); - assert_no_unhandled_openssl_errors(); + assert_no_unhandled_openssl_errors(); - if (self->cms) - CMS_ContentInfo_free(self->cms); - self->cms = cms; - cms = NULL; + if (self->cms) + CMS_ContentInfo_free(self->cms); + self->cms = cms; + cms = NULL; - result = Py_BuildValue(""); + result = Py_BuildValue(""); -error: /* fall through */ + error: /* fall through */ - assert_no_unhandled_openssl_errors(); + assert_no_unhandled_openssl_errors(); - if (cms) - CMS_ContentInfo_free(cms); + if (cms) + CMS_ContentInfo_free(cms); - if (bio) - BIO_free(bio); + if (bio) + BIO_free(bio); - if (x509_stack) - sk_X509_free(x509_stack); + if (x509_stack) + sk_X509_free(x509_stack); - if (pkey) - EVP_PKEY_free(pkey); + if (pkey) + EVP_PKEY_free(pkey); - if (econtent_type) - ASN1_OBJECT_free(econtent_type); + if (econtent_type) + ASN1_OBJECT_free(econtent_type); - if (crlobj) { - Py_XDECREF(crlobj); - } + if (crlobj) { + Py_XDECREF(crlobj); + } - return result; + return result; } -static char CMS_object_verify__doc__[] = +static char CMS_object_verify__doc__[] = "<method>\n" " <header>\n" " <memberof>CMS</memberof>\n" @@ -7077,68 +7042,68 @@ static char CMS_object_verify__doc__[] = static PyObject * CMS_object_verify(cms_object *self, PyObject *args) { - x509_store_object *store = NULL; - PyObject *result = NULL, *certs_sequence = Py_None; - STACK_OF(X509) *certs_stack = NULL; - unsigned flags = 0; - char *buf = NULL; - BIO *bio = NULL; - int len; + x509_store_object *store = NULL; + PyObject *result = NULL, *certs_sequence = Py_None; + STACK_OF(X509) *certs_stack = NULL; + unsigned flags = 0; + char *buf = NULL; + BIO *bio = NULL; + int len; - if (!PyArg_ParseTuple(args, "O!|OI", &x509_storetype, &store, &certs_sequence, &flags)) - goto error; + if (!PyArg_ParseTuple(args, "O!|OI", &x509_storetype, &store, &certs_sequence, &flags)) + goto error; - if (!(bio = BIO_new(BIO_s_mem()))) - goto error; + if ((bio = BIO_new(BIO_s_mem())) == NULL) + goto error; - assert_no_unhandled_openssl_errors(); + assert_no_unhandled_openssl_errors(); - flags &= CMS_NOINTERN | CMS_NOCRL | CMS_NO_SIGNER_CERT_VERIFY | CMS_NO_ATTR_VERIFY | CMS_NO_CONTENT_VERIFY; + flags &= CMS_NOINTERN | CMS_NOCRL | CMS_NO_SIGNER_CERT_VERIFY | CMS_NO_ATTR_VERIFY | CMS_NO_CONTENT_VERIFY; - if (certs_sequence != Py_None && !(certs_stack = x509_helper_sequence_to_stack(certs_sequence))) - goto error; + if (certs_sequence != Py_None && (certs_stack = x509_helper_sequence_to_stack(certs_sequence)) == NULL) + goto error; - assert_no_unhandled_openssl_errors(); + assert_no_unhandled_openssl_errors(); - if (CMS_verify(self->cms, certs_stack, store->store, NULL, bio, flags) <= 0) - lose_openssl_error("could not verify CMS message"); + if (CMS_verify(self->cms, certs_stack, store->store, NULL, bio, flags) <= 0) + lose_openssl_error("could not verify CMS message"); - assert_no_unhandled_openssl_errors(); + assert_no_unhandled_openssl_errors(); - if (!(len = BIO_ctrl_pending(bio))) - lose("unable to get bytes stored in bio"); + if ((len = BIO_ctrl_pending(bio)) == 0) + lose("unable to get bytes stored in bio"); - assert_no_unhandled_openssl_errors(); + assert_no_unhandled_openssl_errors(); - if (!(buf = malloc(len) ) ) - lose("unable to allocate memory"); + if ((buf = malloc(len)) == NULL) + lose("unable to allocate memory"); - assert_no_unhandled_openssl_errors(); + assert_no_unhandled_openssl_errors(); - if (BIO_read( bio, buf, len ) != len) - lose("unable to write out CMS content"); + if (BIO_read(bio, buf, len) != len) + lose("unable to write out CMS content"); - assert_no_unhandled_openssl_errors(); + assert_no_unhandled_openssl_errors(); - result = Py_BuildValue("s#", buf, len); + result = Py_BuildValue("s#", buf, len); -error: /* fall through */ + error: /* fall through */ - assert_no_unhandled_openssl_errors(); + assert_no_unhandled_openssl_errors(); - if (certs_stack) - sk_X509_free(certs_stack); + if (certs_stack) + sk_X509_free(certs_stack); - if (bio) - BIO_free(bio); + if (bio) + BIO_free(bio); - if (buf) - free(buf); + if (buf) + free(buf); - return result; + return result; } -static char CMS_object_eContentType__doc__[] = +static char CMS_object_eContentType__doc__[] = "<method>\n" " <header>\n" " <memberof>CMS</memberof>\n" @@ -7155,25 +7120,25 @@ static char CMS_object_eContentType__doc__[] = static PyObject * CMS_object_eContentType(cms_object *self, PyObject *args) { - const ASN1_OBJECT *oid = NULL; - PyObject *result = NULL; - char buf[512]; + const ASN1_OBJECT *oid = NULL; + PyObject *result = NULL; + char buf[512]; - if (!PyArg_ParseTuple(args, "")) - return NULL; + if (!PyArg_ParseTuple(args, "")) + return NULL; - if ( !(oid = CMS_get0_eContentType(self->cms))) - lose_openssl_error("Could not extract eContentType from CMS message"); + if ((oid = CMS_get0_eContentType(self->cms)) == NULL) + lose_openssl_error("Could not extract eContentType from CMS message"); - OBJ_obj2txt(buf, sizeof(buf), oid, 1); + OBJ_obj2txt(buf, sizeof(buf), oid, 1); - result = Py_BuildValue("s", buf); + result = Py_BuildValue("s", buf); -error: + error: - assert_no_unhandled_openssl_errors(); + assert_no_unhandled_openssl_errors(); - return result; + return result; } static char CMS_object_pprint__doc__[] = @@ -7194,56 +7159,56 @@ static char CMS_object_pprint__doc__[] = static PyObject * CMS_object_pprint(cms_object *self, PyObject *args) { - int len = 0, ret = 0; - char *buf = NULL; - BIO *bio = NULL; - PyObject *result = NULL; - - if (!PyArg_ParseTuple(args, "")) - goto error; + int len = 0, ret = 0; + char *buf = NULL; + BIO *bio = NULL; + PyObject *result = NULL; + + if (!PyArg_ParseTuple(args, "")) + goto error; - bio = BIO_new(BIO_s_mem()); + bio = BIO_new(BIO_s_mem()); - if (!CMS_ContentInfo_print_ctx(bio, self->cms, 0, NULL) ) - lose("unable to pprint CMS"); + if (!CMS_ContentInfo_print_ctx(bio, self->cms, 0, NULL)) + lose("unable to pprint CMS"); - if ( !(len = BIO_ctrl_pending(bio) ) ) - lose("unable to get bytes stored in bio"); + if ((len = BIO_ctrl_pending(bio)) == 0) + lose("unable to get bytes stored in bio"); - if ( !(buf = malloc(len) ) ) - lose("unable to allocate memory"); + if ((buf = malloc(len)) == NULL) + lose("unable to allocate memory"); - if ( (ret = BIO_read( bio, buf, len ) ) != len ) - lose("unable to pprint CMS"); + if ((ret = BIO_read(bio, buf, len)) != len) + lose("unable to pprint CMS"); - result = Py_BuildValue("s#", buf, len); + result = Py_BuildValue("s#", buf, len); -error: /* fall through */ + error: /* fall through */ - assert_no_unhandled_openssl_errors(); + assert_no_unhandled_openssl_errors(); - if (bio) - BIO_free(bio); + if (bio) + BIO_free(bio); - if (buf) - free(buf); + if (buf) + free(buf); - return result; + return result; } static PyObject * cms_object_helper_get_cert(void *cert) { - x509_object *obj = PyObject_New(x509_object, &x509type); + x509_object *obj = PyObject_New(x509_object, &x509type); - if (obj) - obj->x509 = cert; + if (obj) + obj->x509 = cert; - return (PyObject *) obj; + return (PyObject *) obj; } -static char CMS_object_certs__doc__[] = +static char CMS_object_certs__doc__[] = "<method>\n" " <header>\n" " <memberof>CMS</memberof>\n" @@ -7260,40 +7225,40 @@ static char CMS_object_certs__doc__[] = static PyObject * CMS_object_certs(cms_object *self, PyObject *args) { - STACK_OF(X509) *certs = NULL; - PyObject *result = NULL; + STACK_OF(X509) *certs = NULL; + PyObject *result = NULL; - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - if ((certs = CMS_get1_certs(self->cms)) != NULL) - result = stack_to_tuple_helper(CHECKED_PTR_OF(STACK_OF(X509), certs), - cms_object_helper_get_cert); - else if (!ERR_peek_error()) - result = Py_BuildValue("()"); - else - lose_openssl_error("Could not extract certs from CMS message"); + if ((certs = CMS_get1_certs(self->cms)) != NULL) + result = stack_to_tuple_helper(CHECKED_PTR_OF(STACK_OF(X509), certs), + cms_object_helper_get_cert); + else if (!ERR_peek_error()) + result = Py_BuildValue("()"); + else + lose_openssl_error("Could not extract certs from CMS message"); -error: /* fall through */ + error: /* fall through */ - if (certs) - sk_X509_pop_free(certs, X509_free); + if (certs) + sk_X509_pop_free(certs, X509_free); - return result; + return result; } static PyObject * cms_object_helper_get_crl(void *crl) { - x509_crl_object *obj = PyObject_New(x509_crl_object, &x509_crltype); + x509_crl_object *obj = PyObject_New(x509_crl_object, &x509_crltype); - if (obj) - obj->crl = crl; + if (obj) + obj->crl = crl; - return (PyObject *) obj; + return (PyObject *) obj; } -static char CMS_object_crls__doc__[] = +static char CMS_object_crls__doc__[] = "<method>\n" " <header>\n" " <memberof>CMS</memberof>\n" @@ -7310,26 +7275,26 @@ static char CMS_object_crls__doc__[] = static PyObject * CMS_object_crls(cms_object *self, PyObject *args) { - STACK_OF(X509_CRL) *crls = NULL; - PyObject *result = NULL; + STACK_OF(X509_CRL) *crls = NULL; + PyObject *result = NULL; - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - if ((crls = CMS_get1_crls(self->cms)) != NULL) - result = stack_to_tuple_helper(CHECKED_PTR_OF(STACK_OF(X509_CRL), crls), - cms_object_helper_get_crl); - else if (!ERR_peek_error()) - result = Py_BuildValue("()"); - else - lose_openssl_error("Could not extract CRLs from CMS message"); + if ((crls = CMS_get1_crls(self->cms)) != NULL) + result = stack_to_tuple_helper(CHECKED_PTR_OF(STACK_OF(X509_CRL), crls), + cms_object_helper_get_crl); + else if (!ERR_peek_error()) + result = Py_BuildValue("()"); + else + lose_openssl_error("Could not extract CRLs from CMS message"); -error: /* fall through */ + error: /* fall through */ - if (crls) - sk_X509_CRL_pop_free(crls, X509_CRL_free); + if (crls) + sk_X509_CRL_pop_free(crls, X509_CRL_free); - return result; + return result; } static struct PyMethodDef CMS_object_methods[] = { @@ -7348,14 +7313,14 @@ static struct PyMethodDef CMS_object_methods[] = { static PyObject * CMS_object_getattr(cms_object *self, char *name) { - return Py_FindMethod(CMS_object_methods, (PyObject *)self, name); + return Py_FindMethod(CMS_object_methods, (PyObject *)self, name); } static void CMS_object_dealloc(cms_object *self, char *name) { - CMS_ContentInfo_free( self->cms ); - PyObject_Del(self); + CMS_ContentInfo_free(self->cms); + PyObject_Del(self); } static char cmstype__doc__[] = @@ -7398,7 +7363,7 @@ static PyTypeObject cmstype = { /*========== CMS Code ==========*/ /*========== module functions ==========*/ -static char pow_module_new_ssl__doc__[] = +static char pow_module_new_ssl__doc__[] = "<constructor>\n" " <header>\n" " <memberof>Ssl</memberof>\n" @@ -7433,23 +7398,23 @@ static char pow_module_new_ssl__doc__[] = static PyObject * pow_module_new_ssl (PyObject *self, PyObject *args) { - ssl_object *ssl = NULL; - int ctxtype = SSLV23_METHOD; + ssl_object *ssl = NULL; + int ctxtype = SSLV23_METHOD; - if (!PyArg_ParseTuple(args, "|i", &ctxtype)) - goto error; + if (!PyArg_ParseTuple(args, "|i", &ctxtype)) + goto error; - if ( !(ssl = newssl_object(ctxtype) ) ) - goto error; + if ((ssl = newssl_object(ctxtype)) == NULL) + goto error; - return (PyObject*)ssl; + return (PyObject*) ssl; -error: + error: - return NULL; + return NULL; } -static char pow_module_new_x509__doc__[] = +static char pow_module_new_x509__doc__[] = "<constructor>\n" " <header>\n" " <memberof>X509</memberof>\n" @@ -7457,8 +7422,8 @@ static char pow_module_new_x509__doc__[] = " <body>\n" " <para>\n" " This constructor creates a skeletal X509 certificate object.\n" -" It won't be any use at all until several structures \n" -" have been created using it's member functions. \n" +" It won't be any use at all until several structures\n" +" have been created using it's member functions.\n" " </para>\n" " </body>\n" "</constructor>\n" @@ -7467,22 +7432,22 @@ static char pow_module_new_x509__doc__[] = static PyObject * pow_module_new_x509 (PyObject *self, PyObject *args) { - x509_object *x509 = NULL; + x509_object *x509 = NULL; - if (!PyArg_ParseTuple(args, "")) - goto error; - - if ( !(x509 = X509_object_new() ) ) - lose("could not create new x509 object"); + if (!PyArg_ParseTuple(args, "")) + goto error; + + if ((x509 = X509_object_new()) == NULL) + lose("could not create new x509 object"); + + return (PyObject*)x509; - return (PyObject*)x509; - -error: + error: - return NULL; + return NULL; } -static char pow_module_new_asymmetric__doc__[] = +static char pow_module_new_asymmetric__doc__[] = "<constructor>\n" " <header>\n" " <memberof>Asymmetric</memberof>\n" @@ -7506,14 +7471,14 @@ static char pow_module_new_asymmetric__doc__[] = " publicFile = open('test/public.key', 'w')\n" "\n" " passphrase = 'my silly passphrase'\n" -" md5 = POW.Digest( POW.MD5_DIGEST )\n" -" md5.update( passphrase )\n" +" md5 = POW.Digest(POW.MD5_DIGEST)\n" +" md5.update(passphrase)\n" " password = md5.digest()\n" "\n" -" rsa = POW.Asymmetric( POW.RSA_CIPHER, 1024 )\n" -" privateFile.write( rsa.pemWrite( \n" -" POW.RSA_PRIVATE_KEY, POW.DES_EDE3_CFB, password ) )\n" -" publicFile.write( rsa.pemWrite( POW.RSA_PUBLIC_KEY ) )\n" +" rsa = POW.Asymmetric(POW.RSA_CIPHER, 1024)\n" +" privateFile.write(rsa.pemWrite(\n" +" POW.RSA_PRIVATE_KEY, POW.DES_EDE3_CFB, password))\n" +" publicFile.write(rsa.pemWrite(POW.RSA_PUBLIC_KEY))\n" "\n" " privateFile.close()\n" " publicFile.close()\n" @@ -7526,16 +7491,16 @@ static char pow_module_new_asymmetric__doc__[] = static PyObject * pow_module_new_asymmetric (PyObject *self, PyObject *args) { - int cipher_type = RSA_CIPHER, key_size = 1024; + int cipher_type = RSA_CIPHER, key_size = 1024; - if (!PyArg_ParseTuple(args, "|ii", &cipher_type, &key_size)) - goto error; + if (!PyArg_ParseTuple(args, "|ii", &cipher_type, &key_size)) + goto error; - return (PyObject*)asymmetric_object_new( cipher_type, key_size ); + return (PyObject*) asymmetric_object_new(cipher_type, key_size); -error: + error: - return NULL; + return NULL; } static char pow_module_new_digest__doc__[] = @@ -7548,7 +7513,7 @@ static char pow_module_new_digest__doc__[] = " <para>\n" " This constructor creates a new <classname>Digest</classname>\n" " object. The parameter <parameter>type</parameter> specifies what kind\n" -" of digest to create and should be one of the following: \n" +" of digest to create and should be one of the following:\n" " </para>\n" " <simplelist>\n" " <member><constant>MD2_DIGEST</constant></member>\n" @@ -7567,16 +7532,16 @@ static char pow_module_new_digest__doc__[] = static PyObject * pow_module_new_digest (PyObject *self, PyObject *args) { - int digest_type = 0; + int digest_type = 0; - if (!PyArg_ParseTuple(args, "i", &digest_type)) - goto error; + if (!PyArg_ParseTuple(args, "i", &digest_type)) + goto error; - return (PyObject*)digest_object_new( digest_type ); + return (PyObject*) digest_object_new(digest_type); -error: + error: - return NULL; + return NULL; } static char pow_module_new_hmac__doc__[] = @@ -7590,7 +7555,7 @@ static char pow_module_new_hmac__doc__[] = " <para>\n" " This constructor creates a new <classname>Hmac</classname>\n" " object. The parameter <parameter>key</parameter> should be a\n" -" string and <parameter>type</parameter> should be one of the following: \n" +" string and <parameter>type</parameter> should be one of the following:\n" " </para>\n" " <simplelist>\n" " <member><constant>MD2_DIGEST</constant></member>\n" @@ -7609,20 +7574,20 @@ static char pow_module_new_hmac__doc__[] = static PyObject * pow_module_new_hmac (PyObject *self, PyObject *args) { - int digest_type = 0, key_len = 0; - char *key = NULL; + int digest_type = 0, key_len = 0; + char *key = NULL; - if (!PyArg_ParseTuple(args, "is#", &digest_type, &key, &key_len)) - goto error; + if (!PyArg_ParseTuple(args, "is#", &digest_type, &key, &key_len)) + goto error; - return (PyObject*)hmac_object_new( digest_type, key, key_len ); + return (PyObject*) hmac_object_new(digest_type, key, key_len); -error: + error: - return NULL; + return NULL; } -static char pow_module_new_pkcs7__doc__[] = +static char pow_module_new_pkcs7__doc__[] = "<constructor>\n" " <header>\n" " <memberof>PKCS7</memberof>\n" @@ -7638,22 +7603,22 @@ static char pow_module_new_pkcs7__doc__[] = static PyObject * pow_module_new_pkcs7 (PyObject *self, PyObject *args) { - pkcs7_object *pkcs7 = NULL; + pkcs7_object *pkcs7 = NULL; - if (!PyArg_ParseTuple(args, "")) - goto error; - - if ( !(pkcs7 = PKCS7_object_new() ) ) - lose("could not create new PKCS7 object"); + if (!PyArg_ParseTuple(args, "")) + goto error; + + if ((pkcs7 = PKCS7_object_new()) == NULL) + lose("could not create new PKCS7 object"); + + return (PyObject*) pkcs7; - return (PyObject*)pkcs7; - -error: + error: - return NULL; + return NULL; } -static char pow_module_new_cms__doc__[] = +static char pow_module_new_cms__doc__[] = "<constructor>\n" " <header>\n" " <memberof>CMS</memberof>\n" @@ -7669,22 +7634,22 @@ static char pow_module_new_cms__doc__[] = static PyObject * pow_module_new_cms (PyObject *self, PyObject *args) { - cms_object *cms = NULL; + cms_object *cms = NULL; - if (!PyArg_ParseTuple(args, "")) - goto error; - - if ( !(cms = CMS_object_new() ) ) - lose("could not create new CMS object"); + if (!PyArg_ParseTuple(args, "")) + goto error; + + if ((cms = CMS_object_new()) == NULL) + lose("could not create new CMS object"); + + return (PyObject*)cms; - return (PyObject*)cms; - -error: + error: - return NULL; + return NULL; } -static char pow_module_pem_read__doc__[] = +static char pow_module_pem_read__doc__[] = "<modulefunction>\n" " <header>\n" " <name>pemRead</name>\n" @@ -7711,8 +7676,8 @@ static char pow_module_pem_read__doc__[] = " <classname>Asymmetric</classname> is being loaded. If the password\n" " is incorrect an exception will be raised, if no password is provided\n" " and the PEM file is encrypted the user will be prompted. If this is\n" -" not desirable, always supply a password. The object returned will be \n" -" and instance of <classname>Asymmetric</classname>, \n" +" not desirable, always supply a password. The object returned will be\n" +" and instance of <classname>Asymmetric</classname>,\n" " <classname>X509</classname>, <classname>X509Crl</classname>,\n" " <classname>PKCS7</classname>, or <classname>CMS</classname>.\n" " </para>\n" @@ -7723,52 +7688,54 @@ static char pow_module_pem_read__doc__[] = static PyObject * pow_module_pem_read (PyObject *self, PyObject *args) { - BIO *in = NULL; - PyObject *obj = NULL; - int object_type = 0, len = 0; - char *pass = NULL, *src = NULL; + BIO *in = NULL; + PyObject *obj = NULL; + int object_type = 0, len = 0; + char *pass = NULL, *src = NULL; - if (!PyArg_ParseTuple(args, "is#|s", &object_type, &src, &len, &pass)) - goto error; - - if ( !(in = BIO_new_mem_buf(src, -1) ) ) - lose("unable to create new BIO"); + if (!PyArg_ParseTuple(args, "is#|s", &object_type, &src, &len, &pass)) + goto error; - if ( !BIO_write( in, src, len ) ) - lose("unable to write to BIO"); + if ((in = BIO_new_mem_buf(src, -1)) == NULL) + lose("unable to create new BIO"); - switch(object_type) - { - case RSA_PRIVATE_KEY: - { obj = (PyObject*)asymmetric_object_pem_read( object_type, in, pass ); break; } - case RSA_PUBLIC_KEY: - { obj = (PyObject*)asymmetric_object_pem_read( object_type, in, pass ); break; } - case X509_CERTIFICATE: - { obj = (PyObject*)X509_object_pem_read( in ); break ; } - case X_X509_CRL: - { obj = (PyObject*)x509_crl_object_pem_read( in ); break ; } - case PKCS7_MESSAGE: - { obj = (PyObject*)PKCS7_object_pem_read( in ); break ; } - case CMS_MESSAGE: - { obj = (PyObject*)CMS_object_pem_read( in ); break ; } + if (!BIO_write(in, src, len)) + lose("unable to write to BIO"); - default: - lose("unknown pem encoding"); - } + switch(object_type) { + case RSA_PRIVATE_KEY: + obj = (PyObject*)asymmetric_object_pem_read(object_type, in, pass); + break; + case RSA_PUBLIC_KEY: + obj = (PyObject*)asymmetric_object_pem_read(object_type, in, pass); + break; + case X509_CERTIFICATE: + obj = (PyObject*)X509_object_pem_read(in); + break; + case X_X509_CRL: + obj = (PyObject*)x509_crl_object_pem_read(in); + break; + case PKCS7_MESSAGE: + obj = (PyObject*)PKCS7_object_pem_read(in); + break; + case CMS_MESSAGE: + obj = (PyObject*)CMS_object_pem_read(in); + break; + default: + lose("unknown pem encoding"); + } - BIO_free(in); + BIO_free(in); - if (obj) - return obj; + if (obj) + return obj; -error: + error: - return NULL; + return NULL; } - - static char pow_module_der_read__doc__[] = "<modulefunction>\n" " <header>\n" @@ -7791,7 +7758,7 @@ static char pow_module_der_read__doc__[] = " <member><constant>CMS_MESSAGE</constant></member>\n" " </simplelist>\n" " <para>\n" -" As with the PEM operations, the object returned will be and instance \n" +" As with the PEM operations, the object returned will be and instance\n" " of <classname>Asymmetric</classname>, <classname>X509</classname>,\n" " <classname>X509Crl</classname>, <classname>PKCS7</classname>,\n" " or <classname>CMS</classname>.\n" @@ -7803,38 +7770,42 @@ static char pow_module_der_read__doc__[] = static PyObject * pow_module_der_read (PyObject *self, PyObject *args) { - PyObject *obj = NULL; - int object_type = 0, len = 0; - unsigned char *src = NULL; - - if (!PyArg_ParseTuple(args, "is#", &object_type, &src, &len)) - goto error; - - switch(object_type) - { - case RSA_PRIVATE_KEY: - { obj = (PyObject*)asymmetric_object_der_read( object_type, src, len ); break; } - case RSA_PUBLIC_KEY: - { obj = (PyObject*)asymmetric_object_der_read( object_type, src, len ); break; } - case X509_CERTIFICATE: - { obj = (PyObject*)X509_object_der_read( src, len ); break ; } - case X_X509_CRL: - { obj = (PyObject*)x509_crl_object_der_read( src, len ); break ; } - case PKCS7_MESSAGE: - { obj = (PyObject*)PKCS7_object_der_read( (char *) src, len ); break ; } - case CMS_MESSAGE: - { obj = (PyObject*)CMS_object_der_read( (char *) src, len ); break ; } - - default: - lose("unknown der encoding"); - } - - if (obj) - return obj; - -error: - - return NULL; + PyObject *obj = NULL; + int object_type = 0, len = 0; + unsigned char *src = NULL; + + if (!PyArg_ParseTuple(args, "is#", &object_type, &src, &len)) + goto error; + + switch(object_type) { + case RSA_PRIVATE_KEY: + obj = (PyObject*) asymmetric_object_der_read(object_type, src, len); + break; + case RSA_PUBLIC_KEY: + obj = (PyObject*) asymmetric_object_der_read(object_type, src, len); + break; + case X509_CERTIFICATE: + obj = (PyObject*)X509_object_der_read(src, len); + break; + case X_X509_CRL: + obj = (PyObject*)x509_crl_object_der_read(src, len); + break; + case PKCS7_MESSAGE: + obj = (PyObject*)PKCS7_object_der_read((char *) src, len); + break; + case CMS_MESSAGE: + obj = (PyObject*)CMS_object_der_read((char *) src, len); + break; + default: + lose("unknown der encoding"); + } + + if (obj) + return obj; + + error: + + return NULL; } static char pow_module_new_x509_store__doc__[] = @@ -7856,14 +7827,14 @@ static char pow_module_new_x509_store__doc__[] = static PyObject * pow_module_new_x509_store (PyObject *self, PyObject *args) { - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - return (PyObject*)x509_store_object_new(); + return (PyObject *) x509_store_object_new(); -error: + error: - return NULL; + return NULL; } static char pow_module_new_symmetric__doc__[] = @@ -7876,14 +7847,14 @@ static char pow_module_new_symmetric__doc__[] = " <para>\n" " This constructor creates a new <classname>Symmetric</classname>\n" " object. The parameter <parameter>type</parameter> specifies which kind\n" -" of cipher to create. <constant>type</constant> should be one of the following: \n" +" of cipher to create. <constant>type</constant> should be one of the following:\n" " </para>\n" " <simplelist columns = \"2\">\n" -" <member><constant>DES_ECB</constant></member> \n" +" <member><constant>DES_ECB</constant></member>\n" " <member><constant>DES_EDE</constant></member>\n" -" <member><constant>DES_EDE3</constant></member> \n" -" <member><constant>DES_CFB</constant></member> \n" -" <member><constant>DES_EDE_CFB</constant></member> \n" +" <member><constant>DES_EDE3</constant></member>\n" +" <member><constant>DES_CFB</constant></member>\n" +" <member><constant>DES_EDE_CFB</constant></member>\n" " <member><constant>DES_EDE3_CFB</constant></member>\n" " <member><constant>DES_OFB</constant></member>\n" " <member><constant>DES_EDE_OFB</constant></member>\n" @@ -7929,19 +7900,19 @@ static char pow_module_new_symmetric__doc__[] = static PyObject * pow_module_new_symmetric (PyObject *self, PyObject *args) { - int cipher_type = 0; + int cipher_type = 0; - if (!PyArg_ParseTuple(args, "i", &cipher_type)) - goto error; + if (!PyArg_ParseTuple(args, "i", &cipher_type)) + goto error; - return (PyObject*)symmetric_object_new(cipher_type); + return (PyObject *) symmetric_object_new(cipher_type); -error: + error: - return NULL; + return NULL; } -static char pow_module_new_x509_crl__doc__[] = +static char pow_module_new_x509_crl__doc__[] = "<constructor>\n" " <header>\n" " <memberof>x509_crl</memberof>\n" @@ -7957,17 +7928,17 @@ static char pow_module_new_x509_crl__doc__[] = static PyObject * pow_module_new_x509_crl (PyObject *self, PyObject *args) { - if (!PyArg_ParseTuple(args, "")) - goto error; + if (!PyArg_ParseTuple(args, "")) + goto error; - return (PyObject*)x509_crl_object_new(); + return (PyObject *) x509_crl_object_new(); -error: + error: - return NULL; + return NULL; } -static char pow_module_new_x509_revoked__doc__[] = +static char pow_module_new_x509_revoked__doc__[] = "<constructor>\n" " <header>\n" " <memberof>X509Revoked</memberof>\n" @@ -7987,30 +7958,28 @@ static char pow_module_new_x509_revoked__doc__[] = static PyObject * pow_module_new_x509_revoked (PyObject *self, PyObject *args) { - int serial = -1; - char *date = NULL; - x509_revoked_object *revoke = NULL; + int serial = -1; + char *date = NULL; + x509_revoked_object *revoke = NULL; - if (!PyArg_ParseTuple(args, "|is", &serial, &date)) - goto error; + if (!PyArg_ParseTuple(args, "|is", &serial, &date)) + goto error; - revoke = x509_revoked_object_new(); - if (serial != -1) - if ( !ASN1_INTEGER_set( revoke->revoked->serialNumber, serial ) ) - lose("unable to set serial number"); + revoke = x509_revoked_object_new(); + if (serial != -1 && !ASN1_INTEGER_set(revoke->revoked->serialNumber, serial)) + lose("unable to set serial number"); - if (date != NULL) - if (!ASN1_UTCTIME_set_string( revoke->revoked->revocationDate, date )) - lose_type_error("could not set revocationDate"); + if (date != NULL && !ASN1_UTCTIME_set_string(revoke->revoked->revocationDate, date)) + lose_type_error("could not set revocationDate"); - return (PyObject*)revoke; + return (PyObject*) revoke; -error: + error: - return NULL; + return NULL; } -static char pow_module_add_object__doc__[] = +static char pow_module_add_object__doc__[] = "<modulefunction>\n" " <header>\n" " <name>addObject</name>\n" @@ -8033,22 +8002,22 @@ static char pow_module_add_object__doc__[] = static PyObject * pow_module_add_object(PyObject *self, PyObject *args) { - char *oid = NULL, *sn = NULL, *ln = NULL; - - if (!PyArg_ParseTuple(args, "sss", &oid, &sn, &ln)) - goto error; - - if (!OBJ_create(oid, sn, ln) ) - lose("unable to add object"); + char *oid = NULL, *sn = NULL, *ln = NULL; + + if (!PyArg_ParseTuple(args, "sss", &oid, &sn, &ln)) + goto error; + + if (!OBJ_create(oid, sn, ln)) + lose("unable to add object"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } -static char pow_module_get_error__doc__[] = +static char pow_module_get_error__doc__[] = "<modulefunction>\n" " <header>\n" " <name>getError</name>\n" @@ -8065,27 +8034,27 @@ static char pow_module_get_error__doc__[] = static PyObject * pow_module_get_error(PyObject *self, PyObject *args) { - unsigned long error; - char buf[256]; - - if (!PyArg_ParseTuple(args, "")) - goto error; - - error = ERR_get_error(); + unsigned long error; + char buf[256]; + + if (!PyArg_ParseTuple(args, "")) + goto error; + + error = ERR_get_error(); - if (!error) - Py_RETURN_NONE; + if (!error) + Py_RETURN_NONE; - ERR_error_string_n( error, buf, sizeof(buf) ); + ERR_error_string_n(error, buf, sizeof(buf)); - return Py_BuildValue("s", buf); + return Py_BuildValue("s", buf); -error: + error: - return NULL; + return NULL; } -static char pow_module_clear_error__doc__[] = +static char pow_module_clear_error__doc__[] = "<modulefunction>\n" " <header>\n" " <name>clearError</name>\n" @@ -8101,16 +8070,16 @@ static char pow_module_clear_error__doc__[] = static PyObject * pow_module_clear_error(PyObject *self, PyObject *args) { - if (!PyArg_ParseTuple(args, "")) - goto error; - - ERR_clear_error(); + if (!PyArg_ParseTuple(args, "")) + goto error; + + ERR_clear_error(); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static char pow_module_seed__doc__[] = @@ -8128,9 +8097,9 @@ static char pow_module_seed__doc__[] = " would provide protection from a targeted brute force attack.\n" " The <function>seed</function> and <function>add</function> are very\n" " similar, except the entropy of the data is assumed to be equal to\n" -" the length for <function>seed</function>. I final point to be aware \n" -" of, only systems which support /dev/urandom are automatically seeded. \n" -" If your system does not support /dev/urandom it is your responsibility \n" +" the length for <function>seed</function>. One final point to be aware\n" +" of, only systems which support /dev/urandom are automatically seeded.\n" +" If your system does not support /dev/urandom it is your responsibility\n" " to seed OpenSSL's PRNG.\n" " </para>\n" " </body>\n" @@ -8140,19 +8109,19 @@ static char pow_module_seed__doc__[] = static PyObject * pow_module_seed(PyObject *self, PyObject *args) { - char *in = NULL; - int inl = 0; + char *in = NULL; + int inl = 0; - if (!PyArg_ParseTuple(args, "s#", &in, &inl)) - goto error; - - RAND_seed( in, inl ); + if (!PyArg_ParseTuple(args, "s#", &in, &inl)) + goto error; - return Py_BuildValue(""); + RAND_seed(in, inl); -error: + return Py_BuildValue(""); - return NULL; + error: + + return NULL; } static char pow_module_add__doc__[] = @@ -8176,20 +8145,20 @@ static char pow_module_add__doc__[] = static PyObject * pow_module_add(PyObject *self, PyObject *args) { - char *in = NULL; - int inl = 0; - double entropy = 0; + char *in = NULL; + int inl = 0; + double entropy = 0; - if (!PyArg_ParseTuple(args, "s#d", &in, &inl, &entropy)) - goto error; - - RAND_add( in, inl, entropy ); + if (!PyArg_ParseTuple(args, "s#d", &in, &inl, &entropy)) + goto error; + + RAND_add(in, inl, entropy); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static char pow_module_write_random_file__doc__[] = @@ -8211,19 +8180,19 @@ static char pow_module_write_random_file__doc__[] = static PyObject * pow_module_write_random_file(PyObject *self, PyObject *args) { - char *file = NULL; + char *file = NULL; - if (!PyArg_ParseTuple(args, "s", &file)) - goto error; - - if ( RAND_write_file( file ) == -1 ) - lose("could not write random file"); + if (!PyArg_ParseTuple(args, "s", &file)) + goto error; + + if (RAND_write_file(file) == -1) + lose("could not write random file"); - return Py_BuildValue(""); + return Py_BuildValue(""); -error: + error: - return NULL; + return NULL; } static char pow_module_read_random_file__doc__[] = @@ -8247,221 +8216,221 @@ static char pow_module_read_random_file__doc__[] = static PyObject * pow_module_read_random_file(PyObject *self, PyObject *args) { - char *file = NULL; - int len = -1; + char *file = NULL; + int len = -1; - if (!PyArg_ParseTuple(args, "s|i", &file, &len)) - goto error; - - if (!RAND_load_file( file, len ) ) - lose("could not load random file"); + if (!PyArg_ParseTuple(args, "s|i", &file, &len)) + goto error; - return Py_BuildValue(""); + if (!RAND_load_file(file, len)) + lose("could not load random file"); -error: + return Py_BuildValue(""); - return NULL; + error: + + return NULL; } static PyObject * pow_module_docset(PyObject *self, PyObject *args) { - PyObject *docset; - - if (!PyArg_ParseTuple(args, "")) - goto error; - - docset = PyList_New(0); - - // module documentation - docset_helper_add( docset, pow_module__doc__ ); - - // constructors - docset_helper_add( docset, pow_module_new_symmetric__doc__ ); - docset_helper_add( docset, pow_module_new_asymmetric__doc__ ); - docset_helper_add( docset, pow_module_new_digest__doc__ ); - docset_helper_add( docset, pow_module_new_hmac__doc__ ); - docset_helper_add( docset, pow_module_new_ssl__doc__ ); - docset_helper_add( docset, pow_module_new_x509__doc__ ); - docset_helper_add( docset, pow_module_new_x509_store__doc__ ); - docset_helper_add( docset, pow_module_new_x509_crl__doc__ ); - docset_helper_add( docset, pow_module_new_x509_revoked__doc__ ); - docset_helper_add( docset, pow_module_new_pkcs7__doc__ ); - docset_helper_add( docset, pow_module_new_cms__doc__ ); - - // functions - docset_helper_add( docset, pow_module_pem_read__doc__ ); - docset_helper_add( docset, pow_module_der_read__doc__ ); - docset_helper_add( docset, pow_module_seed__doc__ ); - docset_helper_add( docset, pow_module_add__doc__ ); - docset_helper_add( docset, pow_module_read_random_file__doc__ ); - docset_helper_add( docset, pow_module_write_random_file__doc__ ); - docset_helper_add( docset, pow_module_get_error__doc__ ); - docset_helper_add( docset, pow_module_clear_error__doc__ ); - docset_helper_add( docset, pow_module_add_object__doc__ ); - - // ssl documentation - docset_helper_add( docset, ssltype__doc__ ); - docset_helper_add( docset, ssl_object_set_fd__doc__ ); - docset_helper_add( docset, ssl_object_accept__doc__ ); - docset_helper_add( docset, ssl_object_connect__doc__ ); - docset_helper_add( docset, ssl_object_write__doc__ ); - docset_helper_add( docset, ssl_object_read__doc__ ); - docset_helper_add( docset, ssl_object_peer_certificate__doc__ ); - docset_helper_add( docset, ssl_object_use_certificate__doc__ ); - docset_helper_add( docset, ssl_object_use_key__doc__ ); - docset_helper_add( docset, ssl_object_check_key__doc__ ); - docset_helper_add( docset, ssl_object_clear__doc__ ); - docset_helper_add( docset, ssl_object_shutdown__doc__ ); - docset_helper_add( docset, ssl_object_get_shutdown__doc__ ); - docset_helper_add( docset, ssl_object_get_ciphers__doc__ ); - docset_helper_add( docset, ssl_object_set_ciphers__doc__ ); - docset_helper_add( docset, ssl_object_get_cipher__doc__ ); - docset_helper_add( docset, ssl_object_set_verify_mode__doc__ ); - - // x509 documentation - docset_helper_add( docset, x509type__doc__ ); - docset_helper_add( docset, X509_object_pem_write__doc__ ); - docset_helper_add( docset, X509_object_der_write__doc__ ); - docset_helper_add( docset, X509_object_sign__doc__ ); - docset_helper_add( docset, X509_object_set_public_key__doc__ ); - docset_helper_add( docset, X509_object_get_version__doc__ ); - docset_helper_add( docset, X509_object_set_version__doc__ ); - docset_helper_add( docset, X509_object_get_serial__doc__ ); - docset_helper_add( docset, X509_object_set_serial__doc__ ); - docset_helper_add( docset, X509_object_get_issuer__doc__ ); - docset_helper_add( docset, X509_object_set_issuer__doc__ ); - docset_helper_add( docset, X509_object_get_subject__doc__ ); - docset_helper_add( docset, X509_object_set_subject__doc__ ); - docset_helper_add( docset, X509_object_get_not_before__doc__ ); - docset_helper_add( docset, X509_object_set_not_before__doc__ ); - docset_helper_add( docset, X509_object_get_not_after__doc__ ); - docset_helper_add( docset, X509_object_set_not_after__doc__ ); - docset_helper_add( docset, X509_object_add_extension__doc__ ); - docset_helper_add( docset, X509_object_clear_extensions__doc__ ); - docset_helper_add( docset, X509_object_count_extensions__doc__ ); - docset_helper_add( docset, X509_object_get_extension__doc__ ); - docset_helper_add( docset, x509_object_pprint__doc__ ); - - // x509_crl documentation - docset_helper_add( docset, x509_crltype__doc__ ); - docset_helper_add( docset, x509_crl_object_pem_write__doc__ ); - docset_helper_add( docset, x509_crl_object_der_write__doc__ ); - docset_helper_add( docset, x509_crl_object_get_version__doc__ ); - docset_helper_add( docset, x509_crl_object_set_version__doc__ ); - docset_helper_add( docset, x509_crl_object_get_issuer__doc__ ); - docset_helper_add( docset, x509_crl_object_set_issuer__doc__ ); - docset_helper_add( docset, x509_crl_object_get_this_update__doc__ ); - docset_helper_add( docset, x509_crl_object_set_this_update__doc__ ); - docset_helper_add( docset, x509_crl_object_get_next_update__doc__ ); - docset_helper_add( docset, x509_crl_object_set_next_update__doc__ ); - docset_helper_add( docset, x509_crl_object_get_revoked__doc__ ); - docset_helper_add( docset, x509_crl_object_set_revoked__doc__ ); - docset_helper_add( docset, x509_crl_object_verify__doc__ ); - docset_helper_add( docset, x509_crl_object_sign__doc__ ); - docset_helper_add( docset, X509_crl_object_add_extension__doc__ ); - docset_helper_add( docset, X509_crl_object_clear_extensions__doc__ ); - docset_helper_add( docset, X509_crl_object_count_extensions__doc__ ); - docset_helper_add( docset, X509_crl_object_get_extension__doc__ ); - docset_helper_add( docset, x509_crl_object_pprint__doc__ ); - - // x509_revoked documentation - docset_helper_add( docset, x509_revokedtype__doc__ ); - docset_helper_add( docset, x509_revoked_object_get_date__doc__ ); - docset_helper_add( docset, x509_revoked_object_set_date__doc__ ); - docset_helper_add( docset, x509_revoked_object_get_serial__doc__ ); - docset_helper_add( docset, x509_revoked_object_set_serial__doc__ ); - docset_helper_add( docset, X509_revoked_object_add_extension__doc__ ); - docset_helper_add( docset, X509_revoked_object_clear_extensions__doc__ ); - docset_helper_add( docset, X509_revoked_object_count_extensions__doc__ ); - docset_helper_add( docset, X509_revoked_object_get_extension__doc__ ); - - // x509_store documentation - docset_helper_add( docset, x509_storetype__doc__ ); - docset_helper_add( docset, x509_store_object_verify__doc__ ); - docset_helper_add( docset, x509_store_object_verify_chain__doc__ ); - docset_helper_add( docset, x509_store_object_verify_detailed__doc__ ); - docset_helper_add( docset, x509_store_object_add_trust__doc__ ); - docset_helper_add( docset, x509_store_object_add_crl__doc__ ); - - // digest documentation - docset_helper_add( docset, digesttype__doc__ ); - docset_helper_add( docset, digest_object_update__doc__ ); - docset_helper_add( docset, digest_object_copy__doc__ ); - docset_helper_add( docset, digest_object_digest__doc__ ); - - // hmac documentation - docset_helper_add( docset, hmactype__doc__ ); - docset_helper_add( docset, hmac_object_update__doc__ ); - docset_helper_add( docset, hmac_object_copy__doc__ ); - docset_helper_add( docset, hmac_object_mac__doc__ ); - - // pkcs7 documentation - docset_helper_add( docset, PKCS7_object_pem_write__doc__ ); - docset_helper_add( docset, PKCS7_object_der_write__doc__ ); - docset_helper_add( docset, PKCS7_object_sign__doc__ ); - docset_helper_add( docset, PKCS7_object_verify__doc__ ); - - // cms documentation - docset_helper_add( docset, CMS_object_pem_write__doc__ ); - docset_helper_add( docset, CMS_object_der_write__doc__ ); - docset_helper_add( docset, CMS_object_sign__doc__ ); - docset_helper_add( docset, CMS_object_verify__doc__ ); - docset_helper_add( docset, CMS_object_eContentType__doc__ ); - docset_helper_add( docset, CMS_object_pprint__doc__ ); - docset_helper_add( docset, CMS_object_certs__doc__ ); - docset_helper_add( docset, CMS_object_crls__doc__ ); - - // symmetric documentation - docset_helper_add( docset, symmetrictype__doc__ ); - docset_helper_add( docset, symmetric_object_encrypt_init__doc__ ); - docset_helper_add( docset, symmetric_object_decrypt_init__doc__ ); - docset_helper_add( docset, symmetric_object_update__doc__ ); - docset_helper_add( docset, symmetric_object_final__doc__ ); - - // asymmetric documentation - docset_helper_add( docset, asymmetrictype__doc__ ); - docset_helper_add( docset, asymmetric_object_pem_write__doc__ ); - docset_helper_add( docset, asymmetric_object_der_write__doc__ ); - docset_helper_add( docset, asymmetric_object_public_encrypt__doc__ ); - docset_helper_add( docset, asymmetric_object_public_decrypt__doc__ ); - docset_helper_add( docset, asymmetric_object_private_encrypt__doc__ ); - docset_helper_add( docset, asymmetric_object_private_decrypt__doc__ ); - docset_helper_add( docset, asymmetric_object_sign__doc__ ); - docset_helper_add( docset, asymmetric_object_verify__doc__ ); - - return Py_BuildValue("O", docset); - -error: - - return NULL; + PyObject *docset; + + if (!PyArg_ParseTuple(args, "")) + goto error; + + docset = PyList_New(0); + + // module documentation + docset_helper_add(docset, pow_module__doc__); + + // constructors + docset_helper_add(docset, pow_module_new_symmetric__doc__); + docset_helper_add(docset, pow_module_new_asymmetric__doc__); + docset_helper_add(docset, pow_module_new_digest__doc__); + docset_helper_add(docset, pow_module_new_hmac__doc__); + docset_helper_add(docset, pow_module_new_ssl__doc__); + docset_helper_add(docset, pow_module_new_x509__doc__); + docset_helper_add(docset, pow_module_new_x509_store__doc__); + docset_helper_add(docset, pow_module_new_x509_crl__doc__); + docset_helper_add(docset, pow_module_new_x509_revoked__doc__); + docset_helper_add(docset, pow_module_new_pkcs7__doc__); + docset_helper_add(docset, pow_module_new_cms__doc__); + + // functions + docset_helper_add(docset, pow_module_pem_read__doc__); + docset_helper_add(docset, pow_module_der_read__doc__); + docset_helper_add(docset, pow_module_seed__doc__); + docset_helper_add(docset, pow_module_add__doc__); + docset_helper_add(docset, pow_module_read_random_file__doc__); + docset_helper_add(docset, pow_module_write_random_file__doc__); + docset_helper_add(docset, pow_module_get_error__doc__); + docset_helper_add(docset, pow_module_clear_error__doc__); + docset_helper_add(docset, pow_module_add_object__doc__); + + // ssl documentation + docset_helper_add(docset, ssltype__doc__); + docset_helper_add(docset, ssl_object_set_fd__doc__); + docset_helper_add(docset, ssl_object_accept__doc__); + docset_helper_add(docset, ssl_object_connect__doc__); + docset_helper_add(docset, ssl_object_write__doc__); + docset_helper_add(docset, ssl_object_read__doc__); + docset_helper_add(docset, ssl_object_peer_certificate__doc__); + docset_helper_add(docset, ssl_object_use_certificate__doc__); + docset_helper_add(docset, ssl_object_use_key__doc__); + docset_helper_add(docset, ssl_object_check_key__doc__); + docset_helper_add(docset, ssl_object_clear__doc__); + docset_helper_add(docset, ssl_object_shutdown__doc__); + docset_helper_add(docset, ssl_object_get_shutdown__doc__); + docset_helper_add(docset, ssl_object_get_ciphers__doc__); + docset_helper_add(docset, ssl_object_set_ciphers__doc__); + docset_helper_add(docset, ssl_object_get_cipher__doc__); + docset_helper_add(docset, ssl_object_set_verify_mode__doc__); + + // x509 documentation + docset_helper_add(docset, x509type__doc__); + docset_helper_add(docset, X509_object_pem_write__doc__); + docset_helper_add(docset, X509_object_der_write__doc__); + docset_helper_add(docset, X509_object_sign__doc__); + docset_helper_add(docset, X509_object_set_public_key__doc__); + docset_helper_add(docset, X509_object_get_version__doc__); + docset_helper_add(docset, X509_object_set_version__doc__); + docset_helper_add(docset, X509_object_get_serial__doc__); + docset_helper_add(docset, X509_object_set_serial__doc__); + docset_helper_add(docset, X509_object_get_issuer__doc__); + docset_helper_add(docset, X509_object_set_issuer__doc__); + docset_helper_add(docset, X509_object_get_subject__doc__); + docset_helper_add(docset, X509_object_set_subject__doc__); + docset_helper_add(docset, X509_object_get_not_before__doc__); + docset_helper_add(docset, X509_object_set_not_before__doc__); + docset_helper_add(docset, X509_object_get_not_after__doc__); + docset_helper_add(docset, X509_object_set_not_after__doc__); + docset_helper_add(docset, X509_object_add_extension__doc__); + docset_helper_add(docset, X509_object_clear_extensions__doc__); + docset_helper_add(docset, X509_object_count_extensions__doc__); + docset_helper_add(docset, X509_object_get_extension__doc__); + docset_helper_add(docset, x509_object_pprint__doc__); + + // x509_crl documentation + docset_helper_add(docset, x509_crltype__doc__); + docset_helper_add(docset, x509_crl_object_pem_write__doc__); + docset_helper_add(docset, x509_crl_object_der_write__doc__); + docset_helper_add(docset, x509_crl_object_get_version__doc__); + docset_helper_add(docset, x509_crl_object_set_version__doc__); + docset_helper_add(docset, x509_crl_object_get_issuer__doc__); + docset_helper_add(docset, x509_crl_object_set_issuer__doc__); + docset_helper_add(docset, x509_crl_object_get_this_update__doc__); + docset_helper_add(docset, x509_crl_object_set_this_update__doc__); + docset_helper_add(docset, x509_crl_object_get_next_update__doc__); + docset_helper_add(docset, x509_crl_object_set_next_update__doc__); + docset_helper_add(docset, x509_crl_object_get_revoked__doc__); + docset_helper_add(docset, x509_crl_object_set_revoked__doc__); + docset_helper_add(docset, x509_crl_object_verify__doc__); + docset_helper_add(docset, x509_crl_object_sign__doc__); + docset_helper_add(docset, X509_crl_object_add_extension__doc__); + docset_helper_add(docset, X509_crl_object_clear_extensions__doc__); + docset_helper_add(docset, X509_crl_object_count_extensions__doc__); + docset_helper_add(docset, X509_crl_object_get_extension__doc__); + docset_helper_add(docset, x509_crl_object_pprint__doc__); + + // x509_revoked documentation + docset_helper_add(docset, x509_revokedtype__doc__); + docset_helper_add(docset, x509_revoked_object_get_date__doc__); + docset_helper_add(docset, x509_revoked_object_set_date__doc__); + docset_helper_add(docset, x509_revoked_object_get_serial__doc__); + docset_helper_add(docset, x509_revoked_object_set_serial__doc__); + docset_helper_add(docset, X509_revoked_object_add_extension__doc__); + docset_helper_add(docset, X509_revoked_object_clear_extensions__doc__); + docset_helper_add(docset, X509_revoked_object_count_extensions__doc__); + docset_helper_add(docset, X509_revoked_object_get_extension__doc__); + + // x509_store documentation + docset_helper_add(docset, x509_storetype__doc__); + docset_helper_add(docset, x509_store_object_verify__doc__); + docset_helper_add(docset, x509_store_object_verify_chain__doc__); + docset_helper_add(docset, x509_store_object_verify_detailed__doc__); + docset_helper_add(docset, x509_store_object_add_trust__doc__); + docset_helper_add(docset, x509_store_object_add_crl__doc__); + + // digest documentation + docset_helper_add(docset, digesttype__doc__); + docset_helper_add(docset, digest_object_update__doc__); + docset_helper_add(docset, digest_object_copy__doc__); + docset_helper_add(docset, digest_object_digest__doc__); + + // hmac documentation + docset_helper_add(docset, hmactype__doc__); + docset_helper_add(docset, hmac_object_update__doc__); + docset_helper_add(docset, hmac_object_copy__doc__); + docset_helper_add(docset, hmac_object_mac__doc__); + + // pkcs7 documentation + docset_helper_add(docset, PKCS7_object_pem_write__doc__); + docset_helper_add(docset, PKCS7_object_der_write__doc__); + docset_helper_add(docset, PKCS7_object_sign__doc__); + docset_helper_add(docset, PKCS7_object_verify__doc__); + + // cms documentation + docset_helper_add(docset, CMS_object_pem_write__doc__); + docset_helper_add(docset, CMS_object_der_write__doc__); + docset_helper_add(docset, CMS_object_sign__doc__); + docset_helper_add(docset, CMS_object_verify__doc__); + docset_helper_add(docset, CMS_object_eContentType__doc__); + docset_helper_add(docset, CMS_object_pprint__doc__); + docset_helper_add(docset, CMS_object_certs__doc__); + docset_helper_add(docset, CMS_object_crls__doc__); + + // symmetric documentation + docset_helper_add(docset, symmetrictype__doc__); + docset_helper_add(docset, symmetric_object_encrypt_init__doc__); + docset_helper_add(docset, symmetric_object_decrypt_init__doc__); + docset_helper_add(docset, symmetric_object_update__doc__); + docset_helper_add(docset, symmetric_object_final__doc__); + + // asymmetric documentation + docset_helper_add(docset, asymmetrictype__doc__); + docset_helper_add(docset, asymmetric_object_pem_write__doc__); + docset_helper_add(docset, asymmetric_object_der_write__doc__); + docset_helper_add(docset, asymmetric_object_public_encrypt__doc__); + docset_helper_add(docset, asymmetric_object_public_decrypt__doc__); + docset_helper_add(docset, asymmetric_object_private_encrypt__doc__); + docset_helper_add(docset, asymmetric_object_private_decrypt__doc__); + docset_helper_add(docset, asymmetric_object_sign__doc__); + docset_helper_add(docset, asymmetric_object_verify__doc__); + + return Py_BuildValue("O", docset); + + error: + + return NULL; } static struct PyMethodDef pow_module_methods[] = { - {"Ssl", (PyCFunction)pow_module_new_ssl, METH_VARARGS, NULL}, - {"X509", (PyCFunction)pow_module_new_x509, METH_VARARGS, NULL}, - {"pemRead", (PyCFunction)pow_module_pem_read, METH_VARARGS, NULL}, - {"derRead", (PyCFunction)pow_module_der_read, METH_VARARGS, NULL}, - {"Digest", (PyCFunction)pow_module_new_digest, METH_VARARGS, NULL}, - {"Hmac", (PyCFunction)pow_module_new_hmac, METH_VARARGS, NULL}, - {"PKCS7", (PyCFunction)pow_module_new_pkcs7, METH_VARARGS, NULL}, - {"CMS", (PyCFunction)pow_module_new_cms, METH_VARARGS, NULL}, - {"Asymmetric", (PyCFunction)pow_module_new_asymmetric, METH_VARARGS, NULL}, - {"Symmetric", (PyCFunction)pow_module_new_symmetric, METH_VARARGS, NULL}, - {"X509Store", (PyCFunction)pow_module_new_x509_store, METH_VARARGS, NULL}, - {"X509Crl", (PyCFunction)pow_module_new_x509_crl, METH_VARARGS, NULL}, - {"X509Revoked", (PyCFunction)pow_module_new_x509_revoked, METH_VARARGS, NULL}, - {"getError", (PyCFunction)pow_module_get_error, METH_VARARGS, NULL}, - {"clearError", (PyCFunction)pow_module_clear_error, METH_VARARGS, NULL}, - {"seed", (PyCFunction)pow_module_seed, METH_VARARGS, NULL}, - {"add", (PyCFunction)pow_module_add, METH_VARARGS, NULL}, - {"readRandomFile",(PyCFunction)pow_module_read_random_file, METH_VARARGS, NULL}, - {"writeRandomFile", (PyCFunction)pow_module_write_random_file, METH_VARARGS, NULL}, - {"addObject", (PyCFunction)pow_module_add_object, METH_VARARGS, NULL}, - - {"_docset", (PyCFunction)pow_module_docset, METH_VARARGS, NULL}, - - {NULL, (PyCFunction)NULL, 0, NULL} /* sentinel */ + {"Ssl", (PyCFunction)pow_module_new_ssl, METH_VARARGS, NULL}, + {"X509", (PyCFunction)pow_module_new_x509, METH_VARARGS, NULL}, + {"pemRead", (PyCFunction)pow_module_pem_read, METH_VARARGS, NULL}, + {"derRead", (PyCFunction)pow_module_der_read, METH_VARARGS, NULL}, + {"Digest", (PyCFunction)pow_module_new_digest, METH_VARARGS, NULL}, + {"Hmac", (PyCFunction)pow_module_new_hmac, METH_VARARGS, NULL}, + {"PKCS7", (PyCFunction)pow_module_new_pkcs7, METH_VARARGS, NULL}, + {"CMS", (PyCFunction)pow_module_new_cms, METH_VARARGS, NULL}, + {"Asymmetric", (PyCFunction)pow_module_new_asymmetric, METH_VARARGS, NULL}, + {"Symmetric", (PyCFunction)pow_module_new_symmetric, METH_VARARGS, NULL}, + {"X509Store", (PyCFunction)pow_module_new_x509_store, METH_VARARGS, NULL}, + {"X509Crl", (PyCFunction)pow_module_new_x509_crl, METH_VARARGS, NULL}, + {"X509Revoked", (PyCFunction)pow_module_new_x509_revoked, METH_VARARGS, NULL}, + {"getError", (PyCFunction)pow_module_get_error, METH_VARARGS, NULL}, + {"clearError", (PyCFunction)pow_module_clear_error, METH_VARARGS, NULL}, + {"seed", (PyCFunction)pow_module_seed, METH_VARARGS, NULL}, + {"add", (PyCFunction)pow_module_add, METH_VARARGS, NULL}, + {"readRandomFile", (PyCFunction)pow_module_read_random_file, METH_VARARGS, NULL}, + {"writeRandomFile", (PyCFunction)pow_module_write_random_file, METH_VARARGS, NULL}, + {"addObject", (PyCFunction)pow_module_add_object, METH_VARARGS, NULL}, + + {"_docset", (PyCFunction)pow_module_docset, METH_VARARGS, NULL}, + + {NULL} /* sentinel */ }; /*========== module functions ==========*/ @@ -8470,182 +8439,182 @@ static struct PyMethodDef pow_module_methods[] = { void init_POW(void) { - PyObject *m, *d; - - x509type.ob_type = &PyType_Type; - x509_storetype.ob_type = &PyType_Type; - x509_crltype.ob_type = &PyType_Type; - x509_revokedtype.ob_type = &PyType_Type; - ssltype.ob_type = &PyType_Type; - asymmetrictype.ob_type = &PyType_Type; - symmetrictype.ob_type = &PyType_Type; - digesttype.ob_type = &PyType_Type; - hmactype.ob_type = &PyType_Type; - pkcs7type.ob_type = &PyType_Type; - cmstype.ob_type = &PyType_Type; - - m = Py_InitModule3("_POW", pow_module_methods, pow_module__doc__); - - SSLErrorObject = PyErr_NewException("POW.SSLError", NULL, NULL); - PyModule_AddObject(m, "SSLError", SSLErrorObject); - - // constants for SSL_get_error() - PyModule_AddIntConstant(m, "SSL_ERROR_NONE", SSL_ERROR_NONE ); - PyModule_AddIntConstant(m, "SSL_ERROR_ZERO_RETURN", SSL_ERROR_ZERO_RETURN ); - PyModule_AddIntConstant(m, "SSL_ERROR_WANT_READ", SSL_ERROR_WANT_READ ); - PyModule_AddIntConstant(m, "SSL_ERROR_WANT_WRITE", SSL_ERROR_WANT_WRITE ); - PyModule_AddIntConstant(m, "SSL_ERROR_WANT_X509_LOOKUP",SSL_ERROR_WANT_X509_LOOKUP ); - PyModule_AddIntConstant(m, "SSL_ERROR_SYSCALL", SSL_ERROR_SYSCALL ); - PyModule_AddIntConstant(m, "SSL_ERROR_SSL", SSL_ERROR_SSL ); - PyModule_AddIntConstant(m, "SSL_ERROR_WANT_CONNECT", SSL_ERROR_WANT_CONNECT ); - PyModule_AddIntConstant(m, "SSL_ERROR_WANT_ACCEPT", SSL_ERROR_WANT_ACCEPT ); - - // constants for different types of connection methods - PyModule_AddIntConstant(m, "SSLV2_SERVER_METHOD", SSLV2_SERVER_METHOD ); - PyModule_AddIntConstant(m, "SSLV2_CLIENT_METHOD", SSLV2_CLIENT_METHOD ); - PyModule_AddIntConstant(m, "SSLV2_METHOD", SSLV2_METHOD ); - PyModule_AddIntConstant(m, "SSLV3_SERVER_METHOD", SSLV3_SERVER_METHOD ); - PyModule_AddIntConstant(m, "SSLV3_CLIENT_METHOD", SSLV3_CLIENT_METHOD ); - PyModule_AddIntConstant(m, "SSLV3_METHOD", SSLV3_METHOD ); - PyModule_AddIntConstant(m, "SSLV23_SERVER_METHOD", SSLV23_SERVER_METHOD ); - PyModule_AddIntConstant(m, "SSLV23_CLIENT_METHOD", SSLV23_CLIENT_METHOD ); - PyModule_AddIntConstant(m, "SSLV23_METHOD", SSLV23_METHOD ); - PyModule_AddIntConstant(m, "TLSV1_SERVER_METHOD", TLSV1_SERVER_METHOD ); - PyModule_AddIntConstant(m, "TLSV1_CLIENT_METHOD", TLSV1_CLIENT_METHOD ); - PyModule_AddIntConstant(m, "TLSV1_METHOD", TLSV1_METHOD ); - - PyModule_AddIntConstant(m, "SSL_NO_SHUTDOWN", 0 ); - PyModule_AddIntConstant(m, "SSL_SENT_SHUTDOWN", SSL_SENT_SHUTDOWN ); - PyModule_AddIntConstant(m, "SSL_RECIEVED_SHUTDOWN", SSL_RECEIVED_SHUTDOWN ); - - // ssl verification mode - PyModule_AddIntConstant(m, "SSL_VERIFY_NONE", SSL_VERIFY_NONE ); - PyModule_AddIntConstant(m, "SSL_VERIFY_PEER", SSL_VERIFY_PEER ); - - // object format types - PyModule_AddIntConstant(m, "LONGNAME_FORMAT", LONGNAME_FORMAT ); - PyModule_AddIntConstant(m, "SHORTNAME_FORMAT", SHORTNAME_FORMAT ); - - // PEM encoded types + PyObject *m, *d; + + x509type.ob_type = &PyType_Type; + x509_storetype.ob_type = &PyType_Type; + x509_crltype.ob_type = &PyType_Type; + x509_revokedtype.ob_type = &PyType_Type; + ssltype.ob_type = &PyType_Type; + asymmetrictype.ob_type = &PyType_Type; + symmetrictype.ob_type = &PyType_Type; + digesttype.ob_type = &PyType_Type; + hmactype.ob_type = &PyType_Type; + pkcs7type.ob_type = &PyType_Type; + cmstype.ob_type = &PyType_Type; + + m = Py_InitModule3("_POW", pow_module_methods, pow_module__doc__); + + SSLErrorObject = PyErr_NewException("POW.SSLError", NULL, NULL); + PyModule_AddObject(m, "SSLError", SSLErrorObject); + + // constants for SSL_get_error() + PyModule_AddIntConstant(m, "SSL_ERROR_NONE", SSL_ERROR_NONE); + PyModule_AddIntConstant(m, "SSL_ERROR_ZERO_RETURN", SSL_ERROR_ZERO_RETURN); + PyModule_AddIntConstant(m, "SSL_ERROR_WANT_READ", SSL_ERROR_WANT_READ); + PyModule_AddIntConstant(m, "SSL_ERROR_WANT_WRITE", SSL_ERROR_WANT_WRITE); + PyModule_AddIntConstant(m, "SSL_ERROR_WANT_X509_LOOKUP",SSL_ERROR_WANT_X509_LOOKUP); + PyModule_AddIntConstant(m, "SSL_ERROR_SYSCALL", SSL_ERROR_SYSCALL); + PyModule_AddIntConstant(m, "SSL_ERROR_SSL", SSL_ERROR_SSL); + PyModule_AddIntConstant(m, "SSL_ERROR_WANT_CONNECT", SSL_ERROR_WANT_CONNECT); + PyModule_AddIntConstant(m, "SSL_ERROR_WANT_ACCEPT", SSL_ERROR_WANT_ACCEPT); + + // constants for different types of connection methods + PyModule_AddIntConstant(m, "SSLV2_SERVER_METHOD", SSLV2_SERVER_METHOD); + PyModule_AddIntConstant(m, "SSLV2_CLIENT_METHOD", SSLV2_CLIENT_METHOD); + PyModule_AddIntConstant(m, "SSLV2_METHOD", SSLV2_METHOD); + PyModule_AddIntConstant(m, "SSLV3_SERVER_METHOD", SSLV3_SERVER_METHOD); + PyModule_AddIntConstant(m, "SSLV3_CLIENT_METHOD", SSLV3_CLIENT_METHOD); + PyModule_AddIntConstant(m, "SSLV3_METHOD", SSLV3_METHOD); + PyModule_AddIntConstant(m, "SSLV23_SERVER_METHOD", SSLV23_SERVER_METHOD); + PyModule_AddIntConstant(m, "SSLV23_CLIENT_METHOD", SSLV23_CLIENT_METHOD); + PyModule_AddIntConstant(m, "SSLV23_METHOD", SSLV23_METHOD); + PyModule_AddIntConstant(m, "TLSV1_SERVER_METHOD", TLSV1_SERVER_METHOD); + PyModule_AddIntConstant(m, "TLSV1_CLIENT_METHOD", TLSV1_CLIENT_METHOD); + PyModule_AddIntConstant(m, "TLSV1_METHOD", TLSV1_METHOD); + + PyModule_AddIntConstant(m, "SSL_NO_SHUTDOWN", 0); + PyModule_AddIntConstant(m, "SSL_SENT_SHUTDOWN", SSL_SENT_SHUTDOWN); + PyModule_AddIntConstant(m, "SSL_RECIEVED_SHUTDOWN", SSL_RECEIVED_SHUTDOWN); + + // ssl verification mode + PyModule_AddIntConstant(m, "SSL_VERIFY_NONE", SSL_VERIFY_NONE); + PyModule_AddIntConstant(m, "SSL_VERIFY_PEER", SSL_VERIFY_PEER); + + // object format types + PyModule_AddIntConstant(m, "LONGNAME_FORMAT", LONGNAME_FORMAT); + PyModule_AddIntConstant(m, "SHORTNAME_FORMAT", SHORTNAME_FORMAT); + + // PEM encoded types #ifndef OPENSSL_NO_RSA - PyModule_AddIntConstant(m, "RSA_PUBLIC_KEY", RSA_PUBLIC_KEY ); - PyModule_AddIntConstant(m, "RSA_PRIVATE_KEY", RSA_PRIVATE_KEY ); + PyModule_AddIntConstant(m, "RSA_PUBLIC_KEY", RSA_PUBLIC_KEY); + PyModule_AddIntConstant(m, "RSA_PRIVATE_KEY", RSA_PRIVATE_KEY); #endif #ifndef OPENSSL_NO_DSA - PyModule_AddIntConstant(m, "DSA_PUBLIC_KEY", DSA_PUBLIC_KEY ); - PyModule_AddIntConstant(m, "DSA_PRIVATE_KEY", DSA_PRIVATE_KEY ); + PyModule_AddIntConstant(m, "DSA_PUBLIC_KEY", DSA_PUBLIC_KEY); + PyModule_AddIntConstant(m, "DSA_PRIVATE_KEY", DSA_PRIVATE_KEY); #endif #ifndef OPENSSL_NO_DH - PyModule_AddIntConstant(m, "DH_PUBLIC_KEY", DH_PUBLIC_KEY ); - PyModule_AddIntConstant(m, "DH_PRIVATE_KEY", DH_PRIVATE_KEY ); + PyModule_AddIntConstant(m, "DH_PUBLIC_KEY", DH_PUBLIC_KEY); + PyModule_AddIntConstant(m, "DH_PRIVATE_KEY", DH_PRIVATE_KEY); #endif - PyModule_AddIntConstant(m, "X509_CERTIFICATE", X509_CERTIFICATE ); - PyModule_AddIntConstant(m, "X509_CRL", X_X509_CRL ); - PyModule_AddIntConstant(m, "PKCS7_MESSAGE", PKCS7_MESSAGE ); - PyModule_AddIntConstant(m, "CMS_MESSAGE", CMS_MESSAGE ); + PyModule_AddIntConstant(m, "X509_CERTIFICATE", X509_CERTIFICATE); + PyModule_AddIntConstant(m, "X509_CRL", X_X509_CRL); + PyModule_AddIntConstant(m, "PKCS7_MESSAGE", PKCS7_MESSAGE); + PyModule_AddIntConstant(m, "CMS_MESSAGE", CMS_MESSAGE); - // asymmetric ciphers + // asymmetric ciphers #ifndef OPENSSL_NO_RSA - PyModule_AddIntConstant(m, "RSA_CIPHER", RSA_CIPHER ); + PyModule_AddIntConstant(m, "RSA_CIPHER", RSA_CIPHER); #endif #ifndef OPENSSL_NO_DSA - PyModule_AddIntConstant(m, "DSA_CIPHER", DSA_CIPHER ); + PyModule_AddIntConstant(m, "DSA_CIPHER", DSA_CIPHER); #endif #ifndef OPENSSL_NO_DH - PyModule_AddIntConstant(m, "DH_CIPHER", DH_CIPHER ); + PyModule_AddIntConstant(m, "DH_CIPHER", DH_CIPHER); #endif - // symmetric ciphers + // symmetric ciphers #ifndef OPENSSL_NO_DES - PyModule_AddIntConstant(m, "DES_ECB", DES_ECB ); - PyModule_AddIntConstant(m, "DES_EDE", DES_EDE ); - PyModule_AddIntConstant(m, "DES_EDE3", DES_EDE3 ); - PyModule_AddIntConstant(m, "DES_CFB", DES_CFB ); - PyModule_AddIntConstant(m, "DES_EDE_CFB", DES_EDE_CFB ); - PyModule_AddIntConstant(m, "DES_EDE3_CFB", DES_EDE3_CFB ); - PyModule_AddIntConstant(m, "DES_OFB", DES_OFB ); - PyModule_AddIntConstant(m, "DES_EDE_OFB", DES_EDE_OFB ); - PyModule_AddIntConstant(m, "DES_EDE3_OFB", DES_EDE3_OFB ); - PyModule_AddIntConstant(m, "DES_CBC", DES_CBC ); - PyModule_AddIntConstant(m, "DES_EDE_CBC", DES_EDE_CBC ); - PyModule_AddIntConstant(m, "DES_EDE3_CBC", DES_EDE3_CBC ); - PyModule_AddIntConstant(m, "DESX_CBC", DESX_CBC ); + PyModule_AddIntConstant(m, "DES_ECB", DES_ECB); + PyModule_AddIntConstant(m, "DES_EDE", DES_EDE); + PyModule_AddIntConstant(m, "DES_EDE3", DES_EDE3); + PyModule_AddIntConstant(m, "DES_CFB", DES_CFB); + PyModule_AddIntConstant(m, "DES_EDE_CFB", DES_EDE_CFB); + PyModule_AddIntConstant(m, "DES_EDE3_CFB", DES_EDE3_CFB); + PyModule_AddIntConstant(m, "DES_OFB", DES_OFB); + PyModule_AddIntConstant(m, "DES_EDE_OFB", DES_EDE_OFB); + PyModule_AddIntConstant(m, "DES_EDE3_OFB", DES_EDE3_OFB); + PyModule_AddIntConstant(m, "DES_CBC", DES_CBC); + PyModule_AddIntConstant(m, "DES_EDE_CBC", DES_EDE_CBC); + PyModule_AddIntConstant(m, "DES_EDE3_CBC", DES_EDE3_CBC); + PyModule_AddIntConstant(m, "DESX_CBC", DESX_CBC); #endif #ifndef OPENSSL_NO_RC4 - PyModule_AddIntConstant(m, "RC4", RC4 ); - PyModule_AddIntConstant(m, "RC4_40", RC4_40 ); + PyModule_AddIntConstant(m, "RC4", RC4); + PyModule_AddIntConstant(m, "RC4_40", RC4_40); #endif #ifndef OPENSSL_NO_IDEA - PyModule_AddIntConstant(m, "IDEA_ECB", IDEA_ECB ); - PyModule_AddIntConstant(m, "IDEA_CFB", IDEA_CFB ); - PyModule_AddIntConstant(m, "IDEA_OFB", IDEA_OFB ); - PyModule_AddIntConstant(m, "IDEA_CBC", IDEA_CBC ); + PyModule_AddIntConstant(m, "IDEA_ECB", IDEA_ECB); + PyModule_AddIntConstant(m, "IDEA_CFB", IDEA_CFB); + PyModule_AddIntConstant(m, "IDEA_OFB", IDEA_OFB); + PyModule_AddIntConstant(m, "IDEA_CBC", IDEA_CBC); #endif #ifndef OPENSSL_NO_RC2 - PyModule_AddIntConstant(m, "RC2_ECB", RC2_ECB ); - PyModule_AddIntConstant(m, "RC2_CBC", RC2_CBC ); - PyModule_AddIntConstant(m, "RC2_40_CBC", RC2_40_CBC ); - PyModule_AddIntConstant(m, "RC2_CFB", RC2_CFB ); - PyModule_AddIntConstant(m, "RC2_OFB", RC2_OFB ); + PyModule_AddIntConstant(m, "RC2_ECB", RC2_ECB); + PyModule_AddIntConstant(m, "RC2_CBC", RC2_CBC); + PyModule_AddIntConstant(m, "RC2_40_CBC", RC2_40_CBC); + PyModule_AddIntConstant(m, "RC2_CFB", RC2_CFB); + PyModule_AddIntConstant(m, "RC2_OFB", RC2_OFB); #endif #ifndef OPENSSL_NO_BF - PyModule_AddIntConstant(m, "BF_ECB", BF_ECB ); - PyModule_AddIntConstant(m, "BF_CBC", BF_CBC ); - PyModule_AddIntConstant(m, "BF_CFB", BF_CFB ); - PyModule_AddIntConstant(m, "BF_OFB", BF_OFB ); + PyModule_AddIntConstant(m, "BF_ECB", BF_ECB); + PyModule_AddIntConstant(m, "BF_CBC", BF_CBC); + PyModule_AddIntConstant(m, "BF_CFB", BF_CFB); + PyModule_AddIntConstant(m, "BF_OFB", BF_OFB); #endif - PyModule_AddIntConstant(m, "CAST5_ECB", CAST5_ECB ); - PyModule_AddIntConstant(m, "CAST5_CBC", CAST5_CBC ); - PyModule_AddIntConstant(m, "CAST5_CFB", CAST5_CFB ); - PyModule_AddIntConstant(m, "CAST5_OFB", CAST5_OFB ); + PyModule_AddIntConstant(m, "CAST5_ECB", CAST5_ECB); + PyModule_AddIntConstant(m, "CAST5_CBC", CAST5_CBC); + PyModule_AddIntConstant(m, "CAST5_CFB", CAST5_CFB); + PyModule_AddIntConstant(m, "CAST5_OFB", CAST5_OFB); #ifndef OPENSSL_NO_RC5 - PyModule_AddIntConstant(m, "RC5_32_12_16_CBC", RC5_32_12_16_CBC ); - PyModule_AddIntConstant(m, "RC5_32_12_16_CFB", RC5_32_12_16_CFB ); - PyModule_AddIntConstant(m, "RC5_32_12_16_ECB", RC5_32_12_16_ECB ); - PyModule_AddIntConstant(m, "RC5_32_12_16_OFB", RC5_32_12_16_OFB ); + PyModule_AddIntConstant(m, "RC5_32_12_16_CBC", RC5_32_12_16_CBC); + PyModule_AddIntConstant(m, "RC5_32_12_16_CFB", RC5_32_12_16_CFB); + PyModule_AddIntConstant(m, "RC5_32_12_16_ECB", RC5_32_12_16_ECB); + PyModule_AddIntConstant(m, "RC5_32_12_16_OFB", RC5_32_12_16_OFB); #endif - // message digests - PyModule_AddIntConstant(m, "MD2_DIGEST", MD2_DIGEST ); - PyModule_AddIntConstant(m, "MD5_DIGEST", MD5_DIGEST ); - PyModule_AddIntConstant(m, "SHA_DIGEST", SHA_DIGEST ); - PyModule_AddIntConstant(m, "SHA1_DIGEST", SHA1_DIGEST ); - PyModule_AddIntConstant(m, "RIPEMD160_DIGEST", RIPEMD160_DIGEST ); - PyModule_AddIntConstant(m, "SHA256_DIGEST", SHA256_DIGEST ); - PyModule_AddIntConstant(m, "SHA384_DIGEST", SHA384_DIGEST ); - PyModule_AddIntConstant(m, "SHA512_DIGEST", SHA512_DIGEST ); - - // general name - PyModule_AddIntConstant(m, "GEN_OTHERNAME", GEN_OTHERNAME ); - PyModule_AddIntConstant(m, "GEN_EMAIL", GEN_EMAIL ); - PyModule_AddIntConstant(m, "GEN_DNS", GEN_DNS ); - PyModule_AddIntConstant(m, "GEN_X400", GEN_X400 ); - PyModule_AddIntConstant(m, "GEN_DIRNAME", GEN_DIRNAME ); - PyModule_AddIntConstant(m, "GEN_EDIPARTY", GEN_EDIPARTY ); - PyModule_AddIntConstant(m, "GEN_URI", GEN_URI ); - PyModule_AddIntConstant(m, "GEN_IPADD", GEN_IPADD ); - PyModule_AddIntConstant(m, "GEN_RID", GEN_RID ); - - // CMS flags - PyModule_AddIntConstant(m, "CMS_NOCERTS", CMS_NOCERTS ); - PyModule_AddIntConstant(m, "CMS_NOATTR", CMS_NOATTR ); - PyModule_AddIntConstant(m, "CMS_NOINTERN", CMS_NOINTERN ); - PyModule_AddIntConstant(m, "CMS_NOCRL", CMS_NOCRL ); - PyModule_AddIntConstant(m, "CMS_NO_SIGNER_CERT_VERIFY", CMS_NO_SIGNER_CERT_VERIFY ); - PyModule_AddIntConstant(m, "CMS_NO_ATTR_VERIFY", CMS_NO_ATTR_VERIFY ); - PyModule_AddIntConstant(m, "CMS_NO_CONTENT_VERIFY", CMS_NO_CONTENT_VERIFY ); - - // initialise library - SSL_library_init(); - OpenSSL_add_all_algorithms(); - OpenSSL_add_all_ciphers(); - OpenSSL_add_all_digests(); - - // load error strings - SSL_load_error_strings(); - - if (PyErr_Occurred()) - Py_FatalError("can't initialize module pow"); + // message digests + PyModule_AddIntConstant(m, "MD2_DIGEST", MD2_DIGEST); + PyModule_AddIntConstant(m, "MD5_DIGEST", MD5_DIGEST); + PyModule_AddIntConstant(m, "SHA_DIGEST", SHA_DIGEST); + PyModule_AddIntConstant(m, "SHA1_DIGEST", SHA1_DIGEST); + PyModule_AddIntConstant(m, "RIPEMD160_DIGEST", RIPEMD160_DIGEST); + PyModule_AddIntConstant(m, "SHA256_DIGEST", SHA256_DIGEST); + PyModule_AddIntConstant(m, "SHA384_DIGEST", SHA384_DIGEST); + PyModule_AddIntConstant(m, "SHA512_DIGEST", SHA512_DIGEST); + + // general name + PyModule_AddIntConstant(m, "GEN_OTHERNAME", GEN_OTHERNAME); + PyModule_AddIntConstant(m, "GEN_EMAIL", GEN_EMAIL); + PyModule_AddIntConstant(m, "GEN_DNS", GEN_DNS); + PyModule_AddIntConstant(m, "GEN_X400", GEN_X400); + PyModule_AddIntConstant(m, "GEN_DIRNAME", GEN_DIRNAME); + PyModule_AddIntConstant(m, "GEN_EDIPARTY", GEN_EDIPARTY); + PyModule_AddIntConstant(m, "GEN_URI", GEN_URI); + PyModule_AddIntConstant(m, "GEN_IPADD", GEN_IPADD); + PyModule_AddIntConstant(m, "GEN_RID", GEN_RID); + + // CMS flags + PyModule_AddIntConstant(m, "CMS_NOCERTS", CMS_NOCERTS); + PyModule_AddIntConstant(m, "CMS_NOATTR", CMS_NOATTR); + PyModule_AddIntConstant(m, "CMS_NOINTERN", CMS_NOINTERN); + PyModule_AddIntConstant(m, "CMS_NOCRL", CMS_NOCRL); + PyModule_AddIntConstant(m, "CMS_NO_SIGNER_CERT_VERIFY", CMS_NO_SIGNER_CERT_VERIFY); + PyModule_AddIntConstant(m, "CMS_NO_ATTR_VERIFY", CMS_NO_ATTR_VERIFY); + PyModule_AddIntConstant(m, "CMS_NO_CONTENT_VERIFY", CMS_NO_CONTENT_VERIFY); + + // initialise library + SSL_library_init(); + OpenSSL_add_all_algorithms(); + OpenSSL_add_all_ciphers(); + OpenSSL_add_all_digests(); + + // load error strings + SSL_load_error_strings(); + + if (PyErr_Occurred()) + Py_FatalError("can't initialize module pow"); } /*==========================================================================*/ |