Menu
▾
▴
Re: [pyOpenSSL] Arbitrary extension to X.509 certificate
|
From: <phi...@st...> - 2012-08-23 17:22:58
|
Hi Jean-Paul, It may be possible to get some of this work done. Can you provide some pointers + any preferences how you would want the relevant OpenSSL interfaces exposed through Python? Thanks, Phil ________________________________________ From: ex...@tw... [ex...@tw...] Sent: 23 August 2012 13:11 To: pyo...@li...; pyo...@li... Subject: Re: [pyOpenSSL] Arbitrary extension to X.509 certificate On 10:39 am, phi...@st... wrote: >Hi all, > >I'd like to find out if pyOpenSSL supports the addition of arbitrary >certificate extensions. I see here that you can add extensions: > >http://stackoverflow.com/questions/7279282/extract-the-value-of-a-x-509 >-certificate-custom-extension-using-pyopenssl As you discovered, only some extensions are supported. To support arbitrary extensions, more "APIs" from OpenSSL will need to be exposed. This is probably possible, and only a matter of someone doing the work. I'm copying pyo...@li... on this reply. Please prefer the Launchpad mailing list for future correspondence. Thanks. Jean-Paul >But if I try this I get: >>>>from OpenSSL import crypto >>>>ext = crypto.X509Extension('1.2.3.4', 0, 'myextension') >Traceback (most recent call last): > File "<stdin>", line 1, in <module> >OpenSSL.crypto.Error: [('X509 V3 routines', 'DO_EXT_NCONF', 'unknown >extension name'), ('X509 V3 routines', 'X509V3_EXT_nconf', 'error in >extension')] > >If it is not currently possible is there some means that the relevant >OpenSSL API calls needed could be exposed through pyOpenSSL? > >Thanks, >Phil ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ pyopenssl-list mailing list pyo...@li... https://lists.sourceforge.net/lists/listinfo/pyopenssl-list -- Scanned by iCritical. |
