[PYTHON-CRYPTO] patches for X509_EXTENSION and a few other things
Matt Rodriguez
MKRodriguez at LBL.GOV
Wed Nov 30 23:39:31 CET 2005
Heikki Toivonen wrote:
> Matt Rodriguez wrote:
>
>> I've done a little work with M2Crypto because I've been using it to
>> generate proxy certificates. Proxy Certificates need to have a proxy
>> certificate info extension for openssl to recognize them. Openssl
>> versions 0.9.8 and later have support for proxy certificates.
>>
>
> Do you have a link to some quick documentation what proxy certificates
> are (I think this is the first time I've heard the term)?
>
> I am pretty busy at the moment with Chandler 0.6 end-game, but I should
> have some time for M2Crypto soon.
>
>
Proxy certificates a described in RFC 3820.
http://www.ietf.org/rfc/rfc3820.txt?number=3820
You can find less terse documentation in the
doc/HOWTO/proxy_certificates.txt file
in the openssl-0.9.8 release.
>> 3. Changes to setup.py. I've mentioned this in previous posts. I added
>> an option so that one
>> could build M2Crypto against openssl that is installed in an arbitrary
>> location.
>>
>
> Thanks, I can use this for Chandler as well :) Been too lazy myself, and
> just patched hardcoded paths for my environment. Nice to get the right
> solution...
>
>
>> 4. I added a quick test to test_evp.py that tests the as_der method.
>>
>
>
This is the only new addition to the m2crypto API. There are existing
unittests for the
X509_Extension API, which still work after I've made the changes.
> Could you provide tests for all the new and changed APIs in unit tests?
> I created a new bug to track this work:
> https://bugzilla.osafoundation.org/show_bug.cgi?id=4782
>
> I'd appreciate if you could attach enhancements to the patch to the bug
> directly.
>
>
Sure thing.
Thanks,
Matt
> Thanks,
>
>
More information about the python-crypto
mailing list