Issue #17134: Add ssl.enum_cert_store() as interface to Windows' cert store.

author: Christian Heimes <christian@cheimes.de> 2013-06-09 17:03:31 (GMT)
committer: Christian Heimes <christian@cheimes.de> 2013-06-09 17:03:31 (GMT)
commit: 46bebee25f8cdbec6bbee04fdf9681edf0155c5b (patch)
tree: 1efc519de6a189022c18f84d46c234fa48bf55ff /Lib
parent: 142ec2c0149995c8d2299eaf6eccec9c69d6110b (diff)
download: cpython-46bebee25f8cdbec6bbee04fdf9681edf0155c5b.zip
cpython-46bebee25f8cdbec6bbee04fdf9681edf0155c5b.tar.gz
cpython-46bebee25f8cdbec6bbee04fdf9681edf0155c5b.tar.bz2
2 files changed, 27 insertions, 0 deletions
diff --git a/Lib/ssl.py b/Lib/ssl.py
index 5d48f1b..d78d96d 100644
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -89,6 +89,7 @@ ALERT_DESCRIPTION_UNKNOWN_PSK_IDENTITY
 
 import textwrap
 import re
+import sys
 import os
 import collections
 
@@ -139,6 +140,9 @@ else:
     _PROTOCOL_NAMES[PROTOCOL_TLSv1_1] = "TLSv1.1"
     _PROTOCOL_NAMES[PROTOCOL_TLSv1_2] = "TLSv1.2"
 
+if sys.platform == "win32":
+    from _ssl import enum_cert_store, X509_ASN_ENCODING, PKCS_7_ASN_ENCODING
+
 from socket import getnameinfo as _getnameinfo
 from socket import socket, AF_INET, SOCK_STREAM, create_connection
 import base64        # for DER-to-PEM translation
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 6cecc17..08a07ba 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -407,6 +407,29 @@ class BasicSocketTests(unittest.TestCase):
             self.assertEqual(paths.capath, CAPATH)
 
 
+    @unittest.skipUnless(sys.platform == "win32", "Windows specific")
+    def test_enum_cert_store(self):
+        self.assertEqual(ssl.X509_ASN_ENCODING, 1)
+        self.assertEqual(ssl.PKCS_7_ASN_ENCODING, 0x00010000)
+
+        self.assertEqual(ssl.enum_cert_store("CA"),
+            ssl.enum_cert_store("CA", "certificate"))
+        ssl.enum_cert_store("CA", "crl")
+        self.assertEqual(ssl.enum_cert_store("ROOT"),
+            ssl.enum_cert_store("ROOT", "certificate"))
+        ssl.enum_cert_store("ROOT", "crl")
+
+        self.assertRaises(TypeError, ssl.enum_cert_store)
+        self.assertRaises(WindowsError, ssl.enum_cert_store, "")
+        self.assertRaises(ValueError, ssl.enum_cert_store, "CA", "wrong")
+
+        ca = ssl.enum_cert_store("CA")
+        self.assertIsInstance(ca, list)
+        self.assertIsInstance(ca[0], tuple)
+        self.assertEqual(len(ca[0]), 2)
+        self.assertIsInstance(ca[0][0], bytes)
+        self.assertIsInstance(ca[0][1], int)
+
 class ContextTests(unittest.TestCase):
 
     @skip_if_broken_ubuntu_ssl
author	Christian Heimes <christian@cheimes.de>	2013-06-09 17:03:31 (GMT)
committer	Christian Heimes <christian@cheimes.de>	2013-06-09 17:03:31 (GMT)
commit	46bebee25f8cdbec6bbee04fdf9681edf0155c5b (patch)
tree	1efc519de6a189022c18f84d46c234fa48bf55ff /Lib
parent	142ec2c0149995c8d2299eaf6eccec9c69d6110b (diff)
download	cpython-46bebee25f8cdbec6bbee04fdf9681edf0155c5b.zip cpython-46bebee25f8cdbec6bbee04fdf9681edf0155c5b.tar.gz cpython-46bebee25f8cdbec6bbee04fdf9681edf0155c5b.tar.bz2