1
2
3
4
5
6
7 """
8 Some useful functions.
9 """
10
11 import logging
12
13 from M2Crypto import BIO, X509
14
15
17 """
18 Exception raised if selected Keyring source is not valid. Ammitted values
19 are file, memory and pkcs11.
20 """
21 pass
22
23
25 """
26 Returns a BIO oject for OpenSSL from input memory buffer
27 """
28 return BIO.MemoryBuffer(data)
29
30
32 """
33 Returns a BIO object for OpenSSL from input file descriptor
34 """
35 return BIO.File(fd)
36
37
39 """
40 Returns a BIO object for OpenSSL from input file path
41 """
42 try:
43 fd = open(file_path, 'rb')
44 file_bio = BIO_from_file(fd)
45 except IOError, e:
46 logging.error('input file not found ' + str(e))
47 return file_bio
48
49
50 -def set_keyring(smime, private_key, cert, keyring_source):
51 """
52 Sets private key and certificate for input smime object based on keyring
53 source.
54
55 @type smime: M2Crypto.SMIME
56 @param smime: the smime object to update with key and certificate data
57 @type private_key: filepath or M2Crypto.BIO or M2Crypto.EVP.PKey
58 @param private_key: private key reference, could be from file, from memory
59 or from pkcs11 smartcard, based on keyring_soruce input parameter
60 @type cert: filepath or M2Crypto.BIO or M2Crypto.X509.X509
61 @param cert: certificate, could be from filepath, from memory or from
62 pkcs11 smartcard, based on keyring_soruce input parameter
63 @type keyring_source: str
64 @keyword keyring_source: the type of the source for input certificate, used
65 to recall the appropriate method for SMIME settings. Ammitted
66 values are: file, memory, pkcs11.
67 @rtype: boolean
68 @return: True if a valid keyring source, else False
69 @raise BadKeyringSource: the selected Keyring source is not valid. Ammitted
70 values are file, memory and pkcs11.
71 """
72 if keyring_source == 'file':
73 smime.load_key(private_key, cert)
74 return True
75 elif keyring_source == 'buffer':
76 smime.load_key_bio(private_key, cert)
77 return True
78 elif keyring_source == 'pkcs11':
79 smime.pkey = private_key
80 smime.x509 = cert
81 return True
82 else:
83 logging.error('unknown keyring source: ' + keyring_source +
84 '; possible values: file, memory, pkcs11')
85 raise BadKeyringSource('unknown keyring source: ' + keyring_source +
86 '; possible values: file, memory, pkcs11')
87
88
90 """
91 Sets certificate for input x509 object based on keyring source.
92
93 @type cert: filepath or M2Crypto.BIO or M2Crypto.X509.X509
94 @param cert: certificate, could be from filepath, from memory or from
95 pkcs11 smartcard, based on keyring_soruce input parameter
96 @type keyring_source: str
97 @keyword keyring_source: the type of the source for input certificate, used
98 to recall the appropriate method for X509 settings. Ammitted
99 values are: file, memory, pkcs11.
100 @rtype: M2Crypto.X509.X509 or None
101 @return: the new X509 certificate if a valid keyring source, else False
102 @raise BadKeyringSource: the selected Keyring source is not valid. Ammitted
103 values are file, memory and pkcs11.
104 """
105 if keyring_source == 'file':
106 x509 = X509.load_cert(cert)
107 return x509
108 elif keyring_source == 'buffer':
109 x509 = X509.load_cert_bio(cert)
110 return x509
111 elif keyring_source == 'pkcs11':
112 x509.cert = cert
113 return x509
114 else:
115 logging.error('unknown keyring source: ' + keyring_source +
116 '; possible values: file, memory, pkcs11')
117 raise BadKeyringSource('unknown keyring source: ' + keyring_source +
118 '; possible values: file, memory, pkcs11')
119