1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
/*
* Boost.Python module definition
* (C) 2009 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
#include <botan/oids.h>
#include <botan/pipe.h>
#include <botan/filters.h>
#include <botan/x509cert.h>
#include <botan/x509_crl.h>
#include <botan/x509stor.h>
using namespace Botan;
#include <boost/python.hpp>
namespace python = boost::python;
template<typename T>
class vector_to_list
{
public:
static PyObject* convert(const std::vector<T>& in)
{
python::list out;
typename std::vector<T>::const_iterator i = in.begin();
while(i != in.end())
{
out.append(*i);
++i;
}
return python::incref(out.ptr());
}
vector_to_list()
{
python::to_python_converter<std::vector<T>, vector_to_list<T> >();
}
};
template<typename T>
class memvec_to_hexstr
{
public:
static PyObject* convert(const T& in)
{
Pipe pipe(new Hex_Encoder);
pipe.process_msg(in);
std::string result = pipe.read_all_as_string();
return python::incref(python::str(result).ptr());
}
memvec_to_hexstr()
{
python::to_python_converter<T, memvec_to_hexstr<T> >();
}
};
BOOST_PYTHON_MEMBER_FUNCTION_OVERLOADS(add_cert_ols, add_cert, 1, 2)
BOOST_PYTHON_MEMBER_FUNCTION_OVERLOADS(validate_cert_ols, validate_cert, 1, 2)
void export_x509()
{
vector_to_list<std::string>();
vector_to_list<X509_Certificate>();
memvec_to_hexstr<std::vector<byte> >();
python::class_<X509_Certificate>
("X509_Certificate", python::init<std::string>())
.def(python::self == python::self)
.def(python::self != python::self)
.add_property("version", &X509_Certificate::x509_version)
.add_property("is_CA", &X509_Certificate::is_CA_cert)
.add_property("self_signed", &X509_Certificate::is_self_signed)
.add_property("pathlimit", &X509_Certificate::path_limit)
.add_property("as_pem", &X509_Object::PEM_encode)
.def("start_time", &X509_Certificate::start_time)
.def("end_time", &X509_Certificate::end_time)
.def("subject_info", &X509_Certificate::subject_info)
.def("issuer_info", &X509_Certificate::issuer_info)
.def("ex_constraints", &X509_Certificate::ex_constraints)
.def("policies", &X509_Certificate::policies)
.def("subject_key_id", &X509_Certificate::subject_key_id)
.def("authority_key_id", &X509_Certificate::authority_key_id);
python::class_<X509_CRL>
("X509_CRL", python::init<std::string>())
.add_property("as_pem", &X509_Object::PEM_encode);
python::enum_<X509_Code>("verify_result")
.value("verified", VERIFIED)
.value("unknown_x509_error", UNKNOWN_X509_ERROR)
.value("cannot_establish_trust", CANNOT_ESTABLISH_TRUST)
.value("cert_chain_too_long", CERT_CHAIN_TOO_LONG)
.value("signature_error", SIGNATURE_ERROR)
.value("policy_error", POLICY_ERROR)
.value("invalid_usage", INVALID_USAGE)
.value("cert_format_error", CERT_FORMAT_ERROR)
.value("cert_issuer_not_found", CERT_ISSUER_NOT_FOUND)
.value("cert_not_yet_valid", CERT_NOT_YET_VALID)
.value("cert_has_expired", CERT_HAS_EXPIRED)
.value("cert_is_revoked", CERT_IS_REVOKED)
.value("crl_format_error", CRL_FORMAT_ERROR)
.value("crl_issuer_not_found", CRL_ISSUER_NOT_FOUND)
.value("crl_not_yet_valid", CRL_NOT_YET_VALID)
.value("crl_has_expired", CRL_HAS_EXPIRED)
.value("ca_cert_cannot_sign", CA_CERT_CANNOT_SIGN)
.value("ca_cert_not_for_cert_issuer", CA_CERT_NOT_FOR_CERT_ISSUER)
.value("ca_cert_not_for_crl_issuer", CA_CERT_NOT_FOR_CRL_ISSUER);
python::enum_<X509_Store::Cert_Usage>("cert_usage")
.value("any", X509_Store::ANY)
.value("tls_server", X509_Store::TLS_SERVER)
.value("tls_client", X509_Store::TLS_CLIENT)
.value("code_signing", X509_Store::CODE_SIGNING)
.value("email_protection", X509_Store::EMAIL_PROTECTION)
.value("time_stamping", X509_Store::TIME_STAMPING)
.value("crl_signing", X509_Store::CRL_SIGNING);
{
python::scope in_class =
python::class_<X509_Store>("X509_Store")
.def("add_cert", &X509_Store::add_cert, add_cert_ols())
.def("validate", &X509_Store::validate_cert, validate_cert_ols())
.def("add_crl", &X509_Store::add_crl);
}
}
|