Mailing-List: contact commits-help@labs.apache.org; run by ezmlm
Precedence: bulk
Reply-To: labs@labs.apache.org
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r601354 - in /labs/badca: ./ BaDCA/CSRs.py
 openssl/csrmodule.c
 tests/CSRTestCase.py
Date: Wed, 05 Dec 2007 15:15:32 -0000
To: commits@labs.apache.org
From: dreid@apache.org
Message-Id: <20071205151532.CB4291A9832@eris.apache.org>

Author: dreid
Date: Wed Dec  5 07:15:31 2007
New Revision: 601354

URL: http://svn.apache.org/viewvc?rev=601354&view=rev
Log:
Start dealing with key issues for CSR's
Add tests for dealing with CSR keys


Modified:
    labs/badca/   (props changed)
    labs/badca/BaDCA/CSRs.py
    labs/badca/openssl/csrmodule.c
    labs/badca/tests/CSRTestCase.py

Propchange: labs/badca/
------------------------------------------------------------------------------
--- svn:ignore (original)
+++ svn:ignore Wed Dec  5 07:15:31 2007
@@ -1,4 +1,4 @@
 Makefile
 configure
 config.*
-
+*.cache

Modified: labs/badca/BaDCA/CSRs.py
URL: http://svn.apache.org/viewvc/labs/badca/BaDCA/CSRs.py?rev=601354&r1=601353&r2=601354&view=diff
==============================================================================
--- labs/badca/BaDCA/CSRs.py (original)
+++ labs/badca/BaDCA/CSRs.py Wed Dec  5 07:15:31 2007
@@ -15,15 +15,14 @@
     info = None
     csr = None
     sha1 = None
-    pKey = None
+    rKey = None
 
     def __init__(self, filename = None):
-        self.rKey = Keys.RSAKey()
         if filename is not None:
             csr = csr.fromFile(filename)
 
-    def getPrivateKey(self):
-        return self.pKey
+    def getKey(self):
+        return self.rKey
 
     def setPrivateKey(self, thekey):
         self.pKey = thekey
@@ -35,9 +34,17 @@
             self.Reset()
         self.csr = csr.fromFile(filename)
         if self.csr:
-            self.info = csr.parse(self.csr)
-            print str(self.info)
-            return 1
+            return self.processCSR()
+        return 0
+
+    def readFromMemory(self, txt):
+        if txt is None or txt == '':
+            return 0
+        if self.csr is not None:
+            self.Reset()
+        self.csr = csr.fromMemory(txt)
+        if self.csr:
+            return self.processCSR()
         return 0
 
     def getSubject(self, which):
@@ -114,8 +121,23 @@
             else:
                 print "No subject information found????"
 
+
+
     def Reset(self):
         info = None
         csr = None
         sha1 = None
+
+    def processCSR(self):
+        if self.csr is None:
+            return 0
+        # a CSR should contain a public key object
+        key = csr.getKey(self.csr)
+        if key is None:
+            return 0
+        self.rKey = Keys.RSAKey(public = key)
+        if self.rKey is None:
+            print "no key object..."
+            return 0
+        return 1
 

Modified: labs/badca/openssl/csrmodule.c
URL: http://svn.apache.org/viewvc/labs/badca/openssl/csrmodule.c?rev=601354&r1=601353&r2=601354&view=diff
==============================================================================
--- labs/badca/openssl/csrmodule.c (original)
+++ labs/badca/openssl/csrmodule.c Wed Dec  5 07:15:31 2007
@@ -11,6 +11,15 @@
     X509_REQ_free((X509_REQ *)ptr);
 }
 
+/* This fucntion is called when an RSA pointer is finally freed by
+ * Python. This is done via setting this as the 2nd argument in
+ * PyCObject_FromVoidPtr().
+ */
+static void delrsa(void *ptr)
+{
+    RSA_free((RSA *)ptr);
+}
+
 static X509_NAME *makeSubjectFromDict(PyObject *dict, unsigned long chtype)
 {
     X509_NAME *subj = X509_NAME_new();
@@ -68,8 +77,10 @@
 
     BIO_free_all(in);
 
-    if (!req)
+    if (!req) {
+        PyErr_SetString(PyExc_IOError, "Unable to get REQ object from file");
         return NULL;
+    }
     return PyCObject_FromVoidPtr(req, delcsr);
 }
 
@@ -84,7 +95,16 @@
     if (! PyArg_ParseTuple(args, "s#", &ptr, &len))
         return NULL;
 
+    if (len == 0) {
+        PyErr_SetString(PyExc_IOError, "Zero length string passed");
+        return NULL;
+    }
+
     in = BIO_new_mem_buf(ptr, len);
+    if (!in) {
+        PyErr_SetString(PyExc_MemoryError, "Unable to create a BIO object");
+        return NULL;
+    }
     /* We expect the CSR to be in PEM format, so try that first... */
     req=PEM_read_bio_X509_REQ(in, NULL, NULL, NULL);
     /* If that fails, see if it was in ASN1 format */
@@ -93,12 +113,43 @@
 
     BIO_free_all(in);
 
-    if (!req)
+    if (!req) {
+        PyErr_SetString(PyExc_IOError, "Unable to get REQ object from memory");
         return NULL;
+    }
     return PyCObject_FromVoidPtr(req, delcsr);
 }
 
 static PyObject *
+getPublicKey(PyObject *self, PyObject *args)
+{
+    void *tmp = NULL;
+    X509_REQ *req = NULL;
+    EVP_PKEY *pkey = NULL;
+    RSA *rsa = NULL;
+
+    if (! PyArg_ParseTuple(args, "O", &tmp))
+        return NULL;
+
+    req = (X509_REQ *)PyCObject_AsVoidPtr(tmp);
+    if (!req) {
+        PyErr_SetString(PyExc_TypeError, "Invalid X509_REQ object passed");
+        return NULL;
+    }
+
+    pkey = X509_REQ_get_pubkey(req);
+    if (pkey) {
+        if (pkey->type == EVP_PKEY_RSA) 
+            rsa = RSAPublicKey_dup(pkey->pkey.rsa);
+        EVP_PKEY_free(pkey);
+    }
+    if (rsa)        
+        return PyCObject_FromVoidPtr(rsa, delrsa);
+    PyErr_SetString(PyExc_ValueError, "Invalid CSR object");
+    return NULL;
+}
+
+static PyObject *
 parseRequest(PyObject *self, PyObject *args)
 {
     void *tmp = NULL;
@@ -122,7 +173,7 @@
 
     /* CSR version number */
     {
-        const char *neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":"";
+//        const char *neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":"";
         long l=0;
         int i;
         for(i=0; i<ri->version->length; i++) {
@@ -289,6 +340,7 @@
 static PyMethodDef CSRMethods[] = {
     { "fromFile", readCSRFromFile, METH_VARARGS, "Read a CSR from a file" },
     { "fromMemory", readCSRFromMemory, METH_VARARGS, "Read a CSR from a block of memory" },
+    { "getKey", getPublicKey, METH_VARARGS, "Get the X509_RSA public key object from the CSR" },
     { "parse", parseRequest, METH_VARARGS, "Parse a request into a python dict" },
     { "create", createRequest, METH_VARARGS, "Create a request from information supplied" },
     { "asString", getRequestAsString, METH_VARARGS, "Get request as string" },

Modified: labs/badca/tests/CSRTestCase.py
URL: http://svn.apache.org/viewvc/labs/badca/tests/CSRTestCase.py?rev=601354&r1=601353&r2=601354&view=diff
==============================================================================
--- labs/badca/tests/CSRTestCase.py (original)
+++ labs/badca/tests/CSRTestCase.py Wed Dec  5 07:15:31 2007
@@ -12,10 +12,28 @@
         else:
             self.Reset()
 
-    def testRead(self):
+    def test01Read(self):
+        """ Test reading of a CSR from a file """
         assert self.obj.readFromFile('tests/csr/test1.csr') == 1, \
                                                 "Failed to read the CSR"
 
+    def test02Read2(self):
+        """ Test reading of a CSR from a string """
+        f = open('tests/csr/test1.csr', 'r')
+        txt = f.read()
+        f.close()
+        assert self.obj.readFromMemory(txt) == 1, \
+                                     "Failed to parse the CSR in memory"
+
+    def test03Key(self):
+        """ Test key extraction from a CSR """
+        assert self.obj.readFromFile('tests/csr/test1.csr') == 1, \
+                                                "Failed to read the CSR"
+        key = self.obj.getKey()
+        assert key is not None, "Unable to get Key object from CSR"
+        assert key.hasPublic(), "No public key found"
+        assert key.hasPrivate() == 0, "Private key found when none should exist"
+        assert key.bits == 2048, "Incorrect strength key returned"
 
 if __name__ == "__main__":
     unittest.main()


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@labs.apache.org
For additional commands, e-mail: commits-help@labs.apache.org