From richard at INDIGO3.NET Sun Mar 2 18:28:52 2008 From: richard at INDIGO3.NET (Richard Smith) Date: Sun, 2 Mar 2008 18:28:52 +0100 Subject: [PYTHON-CRYPTO] OpenSSL Netscape SPKI Message-ID: <47CAE3D4.6040002@indigo3.net> Hi, I've been digging through archives and source, but can't find any of the Netscape SPKAC stuff. The reason I'm asking, is that I am currently using pyOpenSSL which is horrendous to use... It's not been updated since forever, but usefully has a NetscapeSPKI class. Is there a way I can load SPKAC requests into M2Crypto so that I can create certs from keys created by Netscape/Mozilla based browsers? -- Richard From heikki at OSAFOUNDATION.ORG Mon Mar 3 20:38:04 2008 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Mon, 3 Mar 2008 11:38:04 -0800 Subject: [PYTHON-CRYPTO] OpenSSL Netscape SPKI In-Reply-To: <47CAE3D4.6040002@indigo3.net> References: <47CAE3D4.6040002@indigo3.net> Message-ID: <47CC539C.30504@osafoundation.org> Richard Smith wrote: > The reason I'm asking, is that I am currently using pyOpenSSL which is > horrendous to use... It's not been updated since forever, but usefully has a > NetscapeSPKI class. > > Is there a way I can load SPKAC requests into M2Crypto so that I can create > certs from keys created by Netscape/Mozilla based browsers? I don't know specifically, but if you can look at what pyOpenSSL does, I'd be happy to take a patch (or implement myself if not too large a feature) for M2Crypto. I also heard some Twisted developers (exarkun and bigdog) have started working on improving pyOpenSSL so you might want to check with them as well. Downloads here: http://buildbot.twistedmatrix.com/builds/ -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature URL: From richard at INDIGO3.NET Mon Mar 3 23:18:08 2008 From: richard at INDIGO3.NET (Richard Smith) Date: Mon, 3 Mar 2008 23:18:08 +0100 Subject: [PYTHON-CRYPTO] OpenSSL Netscape SPKI In-Reply-To: <47CC539C.30504@osafoundation.org> References: <47CAE3D4.6040002@indigo3.net> <47CC539C.30504@osafoundation.org> Message-ID: <47CC7920.7050806@indigo3.net> Heikki Toivonen wrote: > I don't know specifically, but if you can look at what pyOpenSSL does, > I'd be happy to take a patch (or implement myself if not too large a > feature) for M2Crypto. I'll take a look at what pyOpenSSL does then :) > I also heard some Twisted developers (exarkun and bigdog) have started > working on improving pyOpenSSL so you might want to check with them as > well. Downloads here: http://buildbot.twistedmatrix.com/builds/ I'm not a fan of the twisted crew... They tend to overcomplicate things a little... But I'll take a look, thanks. -- Richard From P.J.Kershaw at RL.AC.UK Wed Mar 12 17:43:58 2008 From: P.J.Kershaw at RL.AC.UK (Kershaw, PJ (Philip)) Date: Wed, 12 Mar 2008 16:43:58 -0000 Subject: [PYTHON-CRYPTO] Problems with M2Crypto and an Axis2 Rampart test Cert. Message-ID: Hi all, I've been testing against a Java Axis2 Rampart web service and have run into a problem parsing a test certificate. I've cut and pasted the encoded cert string into a test script to illustrate: #!/usr/bin/env python from M2Crypto import X509 import base64 axisRampartCertStr = 'MIICTDCCAbUCBEbJZMQwDQYJKoZIhvcNAQEEBQAwbDELMAkGA1UEBhMCTEsxEDAOBgNVBAgTB1dlc3Rlcm4xEDAOBgNVBAcTB0NvbG9tYm8xDzANBgNVBAoTBkFwYWNoZTEQMA4GA1UECxMHUmFtcGFydDEWMBQGA1UEAxMNU2FtcGxlIENsaWVudDAgFw0wNzA4MjAwOTU0MTJaGA8yMDYyMDUyMzA5NTQxMlowbDELMAkGA1UEBhMCTEsxEDAOBgNVBAgTB1dlc3Rlcm4xEDAOBgNVBAcTB0NvbG9tYm8xDzANBgNVBAoTBkFwYWNoZTEQMA4GA1UECxMHUmFtcGFydDEWMBQGA1UEAxMNU2FtcGxlIENsaWVudDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAhjQp2NJRUrAEsPYIlg26m34O16E6WkyBWMbkSvy/FJQoNg2HSOtqF/DHmej7qqJCDtiHtdZqCTOo28cpyB3XJ0g6y23ADTy1v7qUjYieF4Bn3p9QFtyznUmKyZ6hK4CjGraYvcDgjRlnPkfeyVnNamkzJB7TVRaLkumRlxHgxm0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQBNLSbNEaGBj8GBoXWBndY3JFvblPvI2mDbtZsNiggGOCezyAufGe6RnR3s5DjR5YQqPcMiDtlskFQm4/SRN2Yh16E6l7LfsOhGQsPiPrDrci4T18pz1eDLSrtJiiBah1NdeISaD0kpoUiaNKiQiu16JCnxc8tGSw3nSPg44aLYmA==' axisRampartCert = X509.load_cert_string(base64.decodestring(axisRampartCertStr), format=X509.FORMAT_DER) print axisRampartCert.as_text() print "Not before time: %s" % axisRampartCert.get_not_before() print "Not after time: %s" % axisRampartCert.get_not_after() Everything looks OK with the as_text output but I get 'Bad time value' for the certificate's not after time. I also tried openssl on the command line and it looks OK: $ openssl x509 -inform DER -in rampart.crt -enddate notAfter=May 23 09:54:12 2062 GMT -----BEGIN CERTIFICATE----- ... Any ideas what the problem might be? Cheers, Phil -------------- next part -------------- An HTML attachment was scrubbed... URL: From heikki at OSAFOUNDATION.ORG Thu Mar 13 04:09:50 2008 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Wed, 12 Mar 2008 20:09:50 -0700 Subject: [PYTHON-CRYPTO] Problems with M2Crypto and an Axis2 Rampart test Cert. In-Reply-To: References: Message-ID: <47D89AFE.1020800@osafoundation.org> Kershaw, PJ (Philip) wrote: > Everything looks OK with the as_text output but I get 'Bad time value' > for the certificate's not after time. I was able to reproduce this but no ideas what is going on yet. Next step would be to look at what exact functions the OpenSSL command line is using and compare that with M2Crypto... -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature URL: From shramov at MEXMAT.NET Fri Mar 14 12:19:46 2008 From: shramov at MEXMAT.NET (Pavel Shramov) Date: Fri, 14 Mar 2008 14:19:46 +0300 Subject: [PYTHON-CRYPTO] ENGINE_* functions Message-ID: <20080314111946.GA24006@grid.pp.ru> M2Crypto still lacks ENGINE_* functions and bug [1] seem to be abandoned so I've done another patch. It seem to be superset of one mentioned in [1] but without Context and init functions modifications. Pavel -- [1] https://bugzilla.osafoundation.org/show_bug.cgi?id=7585 -------------- next part -------------- A non-text attachment was scrubbed... Name: engine.patch Type: text/x-diff Size: 8580 bytes Desc: not available URL: