Revision a8b3b09d lib/utils/x509.py
b/lib/utils/x509.py | ||
---|---|---|
319 | 319 |
|
320 | 320 |
return (cert, |
321 | 321 |
OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert)) |
322 |
|
|
323 |
|
|
324 |
def PrepareX509CertKeyCheck(cert, key): |
|
325 |
"""Get function for verifying certificate with a certain private key. |
|
326 |
|
|
327 |
@type key: OpenSSL.crypto.PKey |
|
328 |
@param key: Private key object |
|
329 |
@type cert: OpenSSL.crypto.X509 |
|
330 |
@param cert: X509 certificate object |
|
331 |
@rtype: callable |
|
332 |
@return: Callable doing the actual check; will raise C{OpenSSL.SSL.Error} if |
|
333 |
certificate is not signed by given private key |
|
334 |
|
|
335 |
""" |
|
336 |
ctx = OpenSSL.SSL.Context(OpenSSL.SSL.TLSv1_METHOD) |
|
337 |
ctx.use_certificate(cert) |
|
338 |
ctx.use_privatekey(key) |
|
339 |
|
|
340 |
return ctx.check_privatekey |
Also available in: Unified diff