int
ccn_keypair_from_rsa(int public_only, RSA *private_key_rsa,
PyObject **py_private_key_ccn, PyObject **py_public_key_ccn)
{
struct ccn_pkey *private_key = NULL, *public_key = NULL;
PyObject *py_private_key = NULL, *py_public_key = NULL;
unsigned int err;
int r;
RSA *public_key_rsa;
if (!public_only && py_private_key_ccn) {
private_key = (struct ccn_pkey *) EVP_PKEY_new();
JUMP_IF_NULL(private_key, openssl_error);
py_private_key = CCNObject_New(PKEY_PRIV, private_key);
JUMP_IF_NULL(py_private_key, error);
r = EVP_PKEY_set1_RSA((EVP_PKEY*) private_key, private_key_rsa);
JUMP_IF_NEG(r, openssl_error);
}
if (py_public_key_ccn) {
public_key = (struct ccn_pkey *) EVP_PKEY_new();
JUMP_IF_NULL(public_key, openssl_error);
py_public_key = CCNObject_New(PKEY_PUB, public_key);
JUMP_IF_NULL(py_public_key, error);
public_key_rsa = RSAPublicKey_dup(private_key_rsa);
JUMP_IF_NULL(public_key_rsa, openssl_error);
r = EVP_PKEY_set1_RSA((EVP_PKEY *) public_key, public_key_rsa);
RSA_free(public_key_rsa);
JUMP_IF_NULL(r, error);
}
if (py_private_key_ccn) {
*py_private_key_ccn = public_only ? (Py_INCREF(Py_None), Py_None) :
py_private_key;
}
if (py_public_key_ccn)
*py_public_key_ccn = py_public_key;
return 0;
openssl_error:
err = ERR_get_error();
PyErr_Format(g_PyExc_CCNKeyError, "Unable to generate keypair from the key:"
" %s", ERR_reason_error_string(err));
error:
if (!py_public_key && public_key)
ccn_pubkey_free(public_key);
Py_XDECREF(py_public_key);
if (!py_private_key && private_key)
ccn_pubkey_free(private_key);
Py_XDECREF(py_private_key);
return -1;
}
PyObject *
CCNObject_New_charbuf(enum _pyccn_capsules type,
struct ccn_charbuf **charbuf)
{
struct ccn_charbuf *p;
PyObject *py_o;
assert(type == CONTENT_OBJECT ||
type == EXCLUSION_FILTER ||
type == INTEREST ||
type == KEY_LOCATOR ||
type == NAME ||
type == SIGNATURE ||
type == SIGNED_INFO);
p = ccn_charbuf_create();
if (!p)
return PyErr_NoMemory();
py_o = CCNObject_New(type, p);
if (!py_o) {
ccn_charbuf_destroy(&p);
return NULL;
}
if (charbuf)
*charbuf = p;
return py_o;
}
PyObject *
_pyccn_privatekey_dup(const struct ccn_pkey *key)
{
RSA *private_key_rsa;
PyObject *py_private_key = NULL;
struct ccn_pkey *private_key;
unsigned int err;
int r;
private_key = (struct ccn_pkey *) EVP_PKEY_new();
JUMP_IF_NULL(private_key, openssl_error);
py_private_key = CCNObject_New(PKEY_PRIV, private_key);
if (!py_private_key) {
EVP_PKEY_free((EVP_PKEY *) private_key);
goto error;
}
private_key_rsa = EVP_PKEY_get1_RSA((EVP_PKEY *) key);
JUMP_IF_NULL(private_key_rsa, openssl_error);
r = EVP_PKEY_set1_RSA((EVP_PKEY*) private_key, private_key_rsa);
RSA_free(private_key_rsa);
JUMP_IF_NEG(r, openssl_error);
return py_private_key;
openssl_error:
err = ERR_get_error();
PyErr_Format(g_PyExc_CCNKeyError, "Unable to generate keypair from the key:"
" %s", ERR_reason_error_string(err));
error:
Py_XDECREF(py_private_key);
return NULL;
}
PyObject *
CCNObject_New_Closure(struct ccn_closure **closure)
{
struct ccn_closure *p;
PyObject *result;
p = calloc(1, sizeof(*p));
if (!p)
return PyErr_NoMemory();
result = CCNObject_New(CLOSURE, p);
if (!result) {
free(p);
return NULL;
}
if (closure)
*closure = p;
return result;
}
PyObject *
_pyccn_cmd_encode_ContentObject(PyObject *UNUSED(self), PyObject *args)
{
PyObject *py_content_object, *py_name, *py_content, *py_signed_info,
*py_key;
PyObject *py_o = NULL, *ret = NULL;
struct ccn_charbuf *name, *signed_info, *content_object = NULL;
struct ccn_pkey *private_key;
const char *digest_alg = NULL;
char *content;
Py_ssize_t content_len;
int r;
if (!PyArg_ParseTuple(args, "OOOOO", &py_content_object, &py_name,
&py_content, &py_signed_info, &py_key))
return NULL;
if (strcmp(py_content_object->ob_type->tp_name, "ContentObject")) {
PyErr_SetString(PyExc_TypeError, "Must pass a ContentObject as arg 1");
return NULL;
}
if (!CCNObject_IsValid(NAME, py_name)) {
PyErr_SetString(PyExc_TypeError, "Must pass a CCN Name as arg 2");
return NULL;
} else
name = CCNObject_Get(NAME, py_name);
if (py_content != Py_None && !PyBytes_Check(py_content)) {
PyErr_SetString(PyExc_TypeError, "Must pass a Bytes as arg 3");
return NULL;
} else if (py_content == Py_None) {
content = NULL;
content_len = 0;
} else {
r = PyBytes_AsStringAndSize(py_content, &content, &content_len);
if (r < 0)
return NULL;
}
if (!CCNObject_IsValid(SIGNED_INFO, py_signed_info)) {
PyErr_SetString(PyExc_TypeError, "Must pass a CCN SignedInfo as arg 4");
return NULL;
} else
signed_info = CCNObject_Get(SIGNED_INFO, py_signed_info);
if (strcmp(py_key->ob_type->tp_name, "Key")) {
PyErr_SetString(PyExc_TypeError, "Must pass a Key as arg 4");
return NULL;
}
// DigestAlgorithm
py_o = PyObject_GetAttrString(py_content_object, "digestAlgorithm");
if (py_o != Py_None) {
PyErr_SetString(PyExc_NotImplementedError, "non-default digest"
" algorithm not yet supported");
goto error;
}
Py_CLEAR(py_o);
// Key
private_key = Key_to_ccn_private(py_key);
// Note that we don't load this key into the keystore hashtable in the library
// because it makes this method require access to a ccn handle, and in fact,
// ccn_sign_content just uses what's in signedinfo (after an error check by
// chk_signing_params and then calls ccn_encode_ContentObject anyway
//
// Encode the content object
// Build the ContentObject here.
content_object = ccn_charbuf_create();
JUMP_IF_NULL_MEM(content_object, error);
r = ccn_encode_ContentObject(content_object, name, signed_info, content,
content_len, digest_alg, private_key);
debug("ccn_encode_ContentObject res=%d\n", r);
if (r < 0) {
ccn_charbuf_destroy(&content_object);
PyErr_SetString(g_PyExc_CCNError, "Unable to encode ContentObject");
goto error;
}
ret = CCNObject_New(CONTENT_OBJECT, content_object);
error:
Py_XDECREF(py_o);
return ret;
}