2 Interface to OpenSSL object identifier database.
4 It is primarily intended to deal with OIDs which are compiled into the
5 database or defined in the openssl configuration files.
7 But see create() function.
9 OpenSSL maintains database of OIDs, which contain long and short
10 human-readable names, which correspond to Oid as well as canonical
11 dotted-decimal representation, and links it to small integer, named
12 numeric identifier or 'nid'. Most OpenSSL functions which deals with
13 ASN.1 structures such as certificates or cryptographic messages,
14 expect or return nids, but it is very bad idea to hardcode nids into
15 your app, because it can change after mere recompilation of OpenSSL
18 This module provides Oid object which represents entry to OpenSSL
21 from ctypescrypto import libcrypto, pyver,bintype,chartype,inttype
22 from ctypes import c_char_p, c_void_p, c_int, create_string_buffer
23 from ctypescrypto.exception import LibCryptoError
25 __all__ = ['Oid', 'create', 'cleanup']
29 Represents an OID (ASN.1 Object identifier).
32 It can be consturucted by textual
33 representation like Oid("commonName") or Oid("CN"),
34 dotted-decimal Oid("1.2.3.4") or using OpenSSL numeric
35 identifer (NID), which is typically returned or required by
36 OpenSSL API functions. If object is consturcted from textual
37 representation which is not present in the database, it fails
40 attribute nid - contains object nid.
43 def __init__(self, value):
45 Object constructor. Accepts string, integer, or another Oid
48 Integer should be OpenSSL numeric identifier (nid) as returned
49 by some libcrypto function or extracted from some libcrypto
52 if isinstance(value, chartype):
53 value = value.encode('ascii')
54 if isinstance(value, bintype):
55 self.nid = libcrypto.OBJ_txt2nid(value)
57 raise ValueError("Cannot find object %s in the database" %
59 elif isinstance(value, inttype):
60 short = libcrypto.OBJ_nid2sn(value)
62 raise ValueError("No such nid %d in the database" % value)
64 elif isinstance(value, Oid):
67 raise TypeError("Cannot convert this type to object identifier")
69 " Hash of object is equal to nid because Oids with same nid are same"
71 def __eq__ (self, other):
72 return self.nid == other.nid
74 """ Returns NID of object as hash value. Should make Oids with
75 identical NID compare equal and also let use Oids as
79 " Default string representation of Oid is dotted-decimal "
82 " Returns constructor call of Oid with dotted representation "
83 return "Oid('%s')" % (self.dotted())
86 " Returns short name if any "
87 return libcrypto.OBJ_nid2sn(self.nid)
89 " Returns long name if any "
90 return libcrypto.OBJ_nid2ln(self.nid)
93 " Returns short name if any "
94 return libcrypto.OBJ_nid2sn(self.nid).decode('utf-8')
96 " Returns long name if any "
97 return libcrypto.OBJ_nid2ln(self.nid).decode('utf-8')
100 " Returns dotted-decimal reperesentation "
101 obj = libcrypto.OBJ_nid2obj(self.nid)
102 buf = create_string_buffer(256)
103 libcrypto.OBJ_obj2txt(buf, 256, obj, 1)
107 return buf.value.decode('ascii')
111 Creates an OID object from the pointer to ASN1_OBJECT c structure.
112 This method intended for internal use for submodules which deal
113 with libcrypto ASN1 parsing functions, such as x509 or CMS
115 nid = libcrypto.OBJ_obj2nid(obj)
117 buf = create_string_buffer(80)
118 dotted_len = libcrypto.OBJ_obj2txt(buf, 80, obj, 1)
119 dotted = buf[:dotted_len]
120 oid = create(dotted, dotted, dotted)
125 def create(dotted, shortname, longname):
127 Creates new OID in the database
129 @param dotted - dotted-decimal representation of new OID
130 @param shortname - short name for new OID
131 @param longname - long name for new OID
133 @returns Oid object corresponding to new OID
135 This function should be used with exreme care. Whenever
136 possible, it is better to add new OIDs via OpenSSL configuration
139 Results of calling this function twice for same OIDor for
140 Oid alredy in database are undefined
144 dotted = dotted.encode('ascii')
145 shortname = shortname.encode('utf-8')
146 longname = longname.encode('utf-8')
147 nid = libcrypto.OBJ_create(dotted, shortname, longname)
149 raise LibCryptoError("Problem adding new OID to the database")
154 Removes all the objects, dynamically added by current
155 application from database.
157 Note that in OpenSSL 1.1.0 and above OBJ_cleanup really does nothing
159 if hasattr(libcrypto,"OBJ_cleanup"):
160 libcrypto.OBJ_cleanup()
162 libcrypto.OBJ_nid2sn.restype = c_char_p
163 libcrypto.OBJ_nid2ln.restype = c_char_p
164 libcrypto.OBJ_nid2obj.restype = c_void_p
165 libcrypto.OBJ_obj2nid.restype = c_int
166 libcrypto.OBJ_obj2txt.argtypes = (c_char_p, c_int, c_void_p, c_int)
167 libcrypto.OBJ_txt2nid.argtupes = (c_char_p, )
168 libcrypto.OBJ_obj2nid.argtupes = (c_void_p, )
169 libcrypto.OBJ_create.argtypes = (c_char_p, c_char_p, c_char_p)