1 files changed, 39 insertions, 1 deletions

diff --git a/misc/python/src/x509.cpp b/misc/python/src/x509.cpp
index f787949de..09226187e 100644
--- a/misc/python/src/x509.cpp
+++ b/misc/python/src/x509.cpp
@@ -6,8 +6,8 @@
 #include <botan/oids.h>
 #include <botan/pipe.h>
 #include <botan/filters.h>
-#include <botan/x509_key.h>
 #include <botan/x509cert.h>
+#include <botan/x509stor.h>
 using namespace Botan;
 
 #include <boost/python.hpp>
@@ -61,6 +61,9 @@ python::list get_ex_constraints(const X509_Certificate* cert)
    return vector_to_list(cert->ex_constraints());
    }
 
+BOOST_PYTHON_MEMBER_FUNCTION_OVERLOADS(add_cert_ols, add_cert, 1, 2)
+BOOST_PYTHON_MEMBER_FUNCTION_OVERLOADS(validate_cert_ols, validate_cert, 1, 2)
+
 void export_x509()
    {
    python::class_<X509_Certificate>
@@ -71,6 +74,7 @@ void export_x509()
       .add_property("is_CA", &X509_Certificate::is_CA_cert)
       .add_property("self_signed", &X509_Certificate::is_self_signed)
       .add_property("pathlimit", &X509_Certificate::path_limit)
+      .add_property("as_pem", &X509_Object::PEM_encode)
       .def("start_time", &X509_Certificate::start_time)
       .def("end_time", &X509_Certificate::end_time)
       .def("subject_info", get_subject_info)
@@ -79,4 +83,38 @@ void export_x509()
       .def("policies", get_policies)
       .def("subject_key_id", get_subject_keyid)
       .def("authority_key_id", get_auth_keyid);
+
+   python::enum_<X509_Code>("verify_result")
+      .value("verified", VERIFIED)
+      .value("unknown_x509_error", UNKNOWN_X509_ERROR)
+      .value("cannot_establish_trust", CANNOT_ESTABLISH_TRUST)
+      .value("cert_chain_too_long", CERT_CHAIN_TOO_LONG)
+      .value("signature_error", SIGNATURE_ERROR)
+      .value("policy_error", POLICY_ERROR)
+      .value("invalid_usage", INVALID_USAGE)
+      .value("cert_format_error", CERT_FORMAT_ERROR)
+      .value("cert_issuer_not_found", CERT_ISSUER_NOT_FOUND)
+      .value("cert_not_yet_valid", CERT_NOT_YET_VALID)
+      .value("cert_has_expired", CERT_HAS_EXPIRED)
+      .value("cert_is_revoked", CERT_IS_REVOKED)
+      .value("crl_format_error", CRL_FORMAT_ERROR)
+      .value("crl_issuer_not_found", CRL_ISSUER_NOT_FOUND)
+      .value("crl_not_yet_valid", CRL_NOT_YET_VALID)
+      .value("crl_has_expired", CRL_HAS_EXPIRED)
+      .value("ca_cert_cannot_sign", CA_CERT_CANNOT_SIGN)
+      .value("ca_cert_not_for_cert_issuer", CA_CERT_NOT_FOR_CERT_ISSUER)
+      .value("ca_cert_not_for_crl_issuer", CA_CERT_NOT_FOR_CRL_ISSUER);
+
+   python::enum_<X509_Store::Cert_Usage>("cert_usage")
+      .value("any", X509_Store::ANY)
+      .value("tls_server", X509_Store::TLS_SERVER)
+      .value("tls_client", X509_Store::TLS_CLIENT)
+      .value("code_signing", X509_Store::CODE_SIGNING)
+      .value("email", X509_Store::EMAIL_PROTECTION)
+      .value("timestamping", X509_Store::TIME_STAMPING)
+      .value("crl_signing", X509_Store::CRL_SIGNING);
+
+   python::class_<X509_Store>("X509_Store")
+      .def("add_cert", &X509_Store::add_cert, add_cert_ols())
+      .def("validate", &X509_Store::validate_cert, validate_cert_ols());
    }