[PYTHON-CRYPTO] Some patches for new features

Conrad Steenberg conrad at HEP.CALTECH.EDU
Tue Jan 18 20:34:11 CET 2005 

Hi

I've been maintaining some out of tree patches that may be of interest
for testing and eventual merging by others on the list. Compared to the
earlier set of patches I sent in December
(http://listserv.surfnet.nl/scripts/wa.exe?A2=ind0412&L=python-
crypto&F=&S=&P=1293), these enables the user to run a python-scripted
CA. This became agonizingly close with the 0.13 release, so I couldn't
resist doing the last 1% to get it done :-)

1. m2crypto-0.11.getkey.diff implements a way to get an RSA object from
an EVP_PKEY object.

Sample use:
user_cert=X509.load_cert(cert_file)
user_pub_key=user_cert.get_pubkey()
user_pub_rsa=RSA.RSA_pub(m2.rsa_from_pkey(user_pub_key))

Obviously it would be nice not to have to go to the low-level m2
interface. Maybe next time...

2. m2crypto-0.13.x509.diff
Verify an X509 object using the public key that signed it.
Implements m2.x509_set_serial_number to set the serial number of an X509
certificate.
Adds the ability to obtain a PEM-formatted version of the X509 cert.

Sample use (continuing from above):

signer_cert=X509.load_cert(signer_file)
m2.x509_verify(user_cert.x509, signer_cert.get_pubkey())
Returns 0 or 1 depending on verification status

3. m2crypto-0.13.asn1.diff
Implements m2.asn1_integer_set to set the value of an ASN integer
object. this is the opposite of m2.asn1_integer_get.

4. m2crypto-0.13.rsapem.diff
Adds the ability to obtain a PEM-encoded version of an RSA private key
as a string.
It also adds an alias RSA.save_pem() that saves the private key as a PEM
file. This is just for symmetry with the X509.save_pem() method.

Sample usage:

print user_priv_rsa.as_pem(ciper=None) # For no encryption
print user_priv_rsa.as_pem()           # default cipher='des_ede3_cbc'


The patches should be attached to this message, but can also be obtained
from http://cvs.sourceforge.net/viewcvs.py/clarens/openpkg/m2crypto/ as
soon as the SF public CVS catches up (usually 24 hours).

Cheers

Conrad


-------------- next part --------------
A non-text attachment was scrubbed...
Name: m2crypto-0.11.getkey.diff
Type: text/x-patch
Size: 732 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-crypto/attachments/20050118/432e8970/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: m2crypto-0.13.x509.diff
Type: text/x-patch
Size: 1666 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-crypto/attachments/20050118/432e8970/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: m2crypto-0.13.asn1.diff
Type: text/x-patch
Size: 590 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-crypto/attachments/20050118/432e8970/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: m2crypto-0.13.rsapem.diff
Type: text/x-patch
Size: 663 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-crypto/attachments/20050118/432e8970/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2531 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-crypto/attachments/20050118/432e8970/attachment-0004.bin>

More information about the python-crypto mailing list