parent
182ee034ca
commit
712320d348
@ -0,0 +1,47 @@
|
||||
commit 2923dc0f475e0d1a7893c7ca264c95c75f8ba9dd
|
||||
Author: Bulat Gaifullin <gaifullinbf@gmail.com>
|
||||
Date: Sun Sep 21 22:36:48 2014 +0400
|
||||
|
||||
added parameter digest to select digest algorithm for CRL
|
||||
|
||||
diff --git a/OpenSSL/crypto.py b/OpenSSL/crypto.py
|
||||
index 313a30a..efa1d91 100644
|
||||
--- a/OpenSSL/crypto.py
|
||||
+++ b/OpenSSL/crypto.py
|
||||
@@ -1707,7 +1707,7 @@ class CRL(object):
|
||||
_raise_current_error()
|
||||
|
||||
|
||||
- def export(self, cert, key, type=FILETYPE_PEM, days=100):
|
||||
+ def export(self, cert, key, type=FILETYPE_PEM, days=100, digest="sha1"):
|
||||
"""
|
||||
export a CRL as a string
|
||||
|
||||
@@ -1721,6 +1721,7 @@ class CRL(object):
|
||||
|
||||
:param days: The number of days until the next update of this CRL.
|
||||
:type days: :py:data:`int`
|
||||
+ :param digest: The message digest to use
|
||||
|
||||
:return: :py:data:`str`
|
||||
"""
|
||||
@@ -1731,6 +1732,10 @@ class CRL(object):
|
||||
if not isinstance(type, int):
|
||||
raise TypeError("type must be an integer")
|
||||
|
||||
+ digest_obj = _lib.EVP_get_digestbyname(_byte_string(digest))
|
||||
+ if digest_obj == _ffi.NULL:
|
||||
+ raise ValueError("No such digest method")
|
||||
+
|
||||
bio = _lib.BIO_new(_lib.BIO_s_mem())
|
||||
if bio == _ffi.NULL:
|
||||
# TODO: This is untested.
|
||||
@@ -1750,7 +1755,7 @@ class CRL(object):
|
||||
|
||||
_lib.X509_CRL_set_issuer_name(self._crl, _lib.X509_get_subject_name(cert._x509))
|
||||
|
||||
- sign_result = _lib.X509_CRL_sign(self._crl, key._pkey, _lib.EVP_md5())
|
||||
+ sign_result = _lib.X509_CRL_sign(self._crl, key._pkey, digest_obj)
|
||||
if not sign_result:
|
||||
_raise_current_error()
|
||||
|
Loading…
Reference in new issue