Pycrypto - active ??
Frank Millman
frank at chagford.com
Tue Mar 21 02:07:27 EST 2006
Paul Rubin wrote:
> "Frank Millman" <frank at chagford.com> writes:
> > > TLSLite is so far not really a complete SSL implementation by itself.
> > > It doesn't know how to properly check the signatures on certificate
> > > chains. It has to use an external module like m2crypto for that.
> >
> > When you say "It has to ...", do you mean that TLSLite will do this
> > automatically if m2crypto is installed, or is it up to me to call the
> > m2crypto functions to perform this check?
>
> I don't remember exactly; see the TLSLite docs. I have the vague
> memory that you have to specify what kind of checking you want, and if
> you say you want the cert chain checked, then TLSLite raises an
> exception if the external lib isn't there. But I'm not sure.
I seem to have hijacked this thread, which is supposed to be about
pycrypto. Sorry about that. I will stop after this one.
This is what the docs say -
<quote>
X509CertChain.validate(self,x509TrustList)
Check the validity of the certificate chain.
This checks that every certificate in the chain validates with the
subsequent one, until some certificate validates with (or is identical
to) one of the passed-in root certificates.
The cryptlib_py module must be installed in order to use this function.
</quote>
I may start looking into this. If I have more questions, I will start a
new thread.
Thanks for all the assistance.
Frank
More information about the Python-list
mailing list