Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add tbsCertList and signature interfaces to CRLs #2489

Merged
merged 2 commits into from
Nov 19, 2015
Merged

add tbsCertList and signature interfaces to CRLs #2489

merged 2 commits into from
Nov 19, 2015

Conversation

etrauschke
Copy link
Contributor

This is basically an extension of #2387 for CRLs.
Let me know if you want me to break this up but it seems fairly small.

@etrauschke etrauschke mentioned this pull request Nov 19, 2015
Closed
@codecov-io
Copy link

Current coverage is 99.98%

Merging #2489 into master will not affect coverage as of b3daaaf

@@            master   #2489   diff @@
======================================
  Files          123     123       
  Stmts        12788   12805    +17
  Branches      1402    1403     +1
  Methods          0       0       
======================================
+ Hit          12786   12803    +17
  Partial          2       2       
  Missed           0       0

Review entire Coverage Diff as of b3daaaf

Powered by Codecov. Updated on successful CI builds.

reaperhulk
reaperhulk reviewed Nov 19, 2015
View reviewed changes
src/_cffi_src/openssl/x509.py
@@ -65,6 +65,7 @@
typedef struct {
X509_CRL_INFO *crl;
X509_ALGOR *sig_alg;
ASN1_BIT_STRING *signature;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this should block, but we'll need to alter this for 1.1.0 using the new function X509_CRL_get0_signature. I'll deal with that in the 1.1.0 WIP PR though.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't realize that. Thanks for taking care of it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, OpenSSL 1.1.0 is opaquing almost every struct. In most cases there are already accessors available, but for this (and the tbs payload) we'll have to define some functions since cffi won't know what the struct looks like.

reaperhulk added a commit that referenced this pull request Nov 19, 2015
@reaperhulk
Merge pull request #2489 from etrauschke/crl_verify
cc1962d 
add tbsCertList and signature interfaces to CRLs
@reaperhulk reaperhulk merged commit cc1962d into pyca:master Nov 19, 2015
@etrauschke etrauschke deleted the crl_verify branch November 19, 2015 21:17
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 3, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@etrauschke @codecov-io @reaperhulk