Skip to content

Instantly share code, notes, and snippets.

@alex

alex/foo.diff

Created May 3, 2015 03:43
Show Gist options
  • Save alex/7535d4ae5c2ab6697632 to your computer and use it in GitHub Desktop.
Save alex/7535d4ae5c2ab6697632 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
foo.diff
diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py
index dd2aba6..4f53f73 100644
--- a/src/cryptography/hazmat/backends/openssl/x509.py
+++ b/src/cryptography/hazmat/backends/openssl/x509.py
@@ -259,7 +259,9 @@ class _Certificate(object):
raise x509.DuplicateExtension(
"Duplicate {0} extension found".format(oid), oid
)
- elif oid == x509.OID_BASIC_CONSTRAINTS:
+
+ ext = self._backend._lib.X509V3_EXT_d2i(ext)
+ if oid == x509.OID_BASIC_CONSTRAINTS:
value = self._build_basic_constraints(ext)
elif oid == x509.OID_SUBJECT_KEY_IDENTIFIER:
value = self._build_subject_key_identifier(ext)
@@ -283,8 +285,7 @@ class _Certificate(object):
return x509.Extensions(extensions)
- def _build_basic_constraints(self, ext):
- bc_st = self._backend._lib.X509V3_EXT_d2i(ext)
+ def _build_basic_constraints(self, bc_st):
assert bc_st != self._backend._ffi.NULL
basic_constraints = self._backend._ffi.cast(
"BASIC_CONSTRAINTS *", bc_st
@@ -308,8 +309,7 @@ class _Certificate(object):
return x509.BasicConstraints(ca, path_length)
- def _build_subject_key_identifier(self, ext):
- asn1_string = self._backend._lib.X509V3_EXT_d2i(ext)
+ def _build_subject_key_identifier(self, asn1_string):
assert asn1_string != self._backend._ffi.NULL
asn1_string = self._backend._ffi.cast(
"ASN1_OCTET_STRING *", asn1_string
@@ -321,8 +321,7 @@ class _Certificate(object):
self._backend._ffi.buffer(asn1_string.data, asn1_string.length)[:]
)
- def _build_key_usage(self, ext):
- bit_string = self._backend._lib.X509V3_EXT_d2i(ext)
+ def _build_key_usage(self, bit_string):
assert bit_string != self._backend._ffi.NULL
bit_string = self._backend._ffi.cast("ASN1_BIT_STRING *", bit_string)
bit_string = self._backend._ffi.gc(
@@ -350,10 +349,8 @@ class _Certificate(object):
decipher_only
)
- def _build_subject_alt_name(self, ext):
- gns = self._backend._ffi.cast(
- "GENERAL_NAMES *", self._backend._lib.X509V3_EXT_d2i(ext)
- )
+ def _build_subject_alt_name(self, gns):
+ gns = self._backend._ffi.cast("GENERAL_NAMES *", gns)
assert gns != self._backend._ffi.NULL
gns = self._backend._ffi.gc(gns, self._backend._lib.GENERAL_NAMES_free)
num = self._backend._lib.sk_GENERAL_NAME_num(gns)
@@ -368,11 +365,8 @@ class _Certificate(object):
return x509.SubjectAlternativeName(general_names)
- def _build_extended_key_usage(self, ext):
- sk = self._backend._ffi.cast(
- "Cryptography_STACK_OF_ASN1_OBJECT *",
- self._backend._lib.X509V3_EXT_d2i(ext)
- )
+ def _build_extended_key_usage(self, sk):
+ sk = self._backend._ffi.cast("Cryptography_STACK_OF_ASN1_OBJECT *", sk)
assert sk != self._backend._ffi.NULL
sk = self._backend._ffi.gc(sk, self._backend._lib.sk_ASN1_OBJECT_free)
num = self._backend._lib.sk_ASN1_OBJECT_num(sk)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment