Home Explore Help
Register Sign In
dayuan
/
manyi
6
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 34216f9fac
Branches Tags
manyi
/
venv
/
Lib
/
site-packages
/
scrapy
/
utils
/
ssl.py

ssl.py 2.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 
  1. # -*- coding: utf-8 -*-
    2. 

  2. 

  3. import OpenSSL
    4. 

  4. import OpenSSL._util as pyOpenSSLutil
    5. 

  5. 

  6. from scrapy.utils.python import to_native_str
    7. 

  7. 

  8. 

  9. # The OpenSSL symbol is present since 1.1.1 but it's not currently supported in any version of pyOpenSSL.
    10. 

  10. # Using the binding directly, as this code does, requires cryptography 2.4.
    11. 

  11. SSL_OP_NO_TLSv1_3 = getattr(pyOpenSSLutil.lib, 'SSL_OP_NO_TLSv1_3', 0)
    12. 

  12. 

  13. 

  14. def ffi_buf_to_string(buf):
    15. 

  15.     return to_native_str(pyOpenSSLutil.ffi.string(buf))
    16. 

  16. 

  17. 

  18. def x509name_to_string(x509name):
    19. 

  19.     # from OpenSSL.crypto.X509Name.__repr__
    20. 

  20.     result_buffer = pyOpenSSLutil.ffi.new("char[]", 512)
    21. 

  21.     pyOpenSSLutil.lib.X509_NAME_oneline(x509name._name, result_buffer, len(result_buffer))
    22. 

  22. 

  23.     return ffi_buf_to_string(result_buffer)
    24. 

  24. 

  25. 

  26. def get_temp_key_info(ssl_object):
    27. 

  27.     if not hasattr(pyOpenSSLutil.lib, 'SSL_get_server_tmp_key'):  # requires OpenSSL 1.0.2
    28. 

  28.         return None
    29. 

  29. 

  30.     # adapted from OpenSSL apps/s_cb.c::ssl_print_tmp_key()
    31. 

  31.     temp_key_p = pyOpenSSLutil.ffi.new("EVP_PKEY **")
    32. 

  32.     if not pyOpenSSLutil.lib.SSL_get_server_tmp_key(ssl_object, temp_key_p):
    33. 

  33.         return None
    34. 

  34.     temp_key = temp_key_p[0]
    35. 

  35.     if temp_key == pyOpenSSLutil.ffi.NULL:
    36. 

  36.         return None
    37. 

  37.     temp_key = pyOpenSSLutil.ffi.gc(temp_key, pyOpenSSLutil.lib.EVP_PKEY_free)
    38. 

  38.     key_info = []
    39. 

  39.     key_type = pyOpenSSLutil.lib.EVP_PKEY_id(temp_key)
    40. 

  40.     if key_type == pyOpenSSLutil.lib.EVP_PKEY_RSA:
    41. 

  41.         key_info.append('RSA')
    42. 

  42.     elif key_type == pyOpenSSLutil.lib.EVP_PKEY_DH:
    43. 

  43.         key_info.append('DH')
    44. 

  44.     elif key_type == pyOpenSSLutil.lib.EVP_PKEY_EC:
    45. 

  45.         key_info.append('ECDH')
    46. 

  46.         ec_key = pyOpenSSLutil.lib.EVP_PKEY_get1_EC_KEY(temp_key)
    47. 

  47.         ec_key = pyOpenSSLutil.ffi.gc(ec_key, pyOpenSSLutil.lib.EC_KEY_free)
    48. 

  48.         nid = pyOpenSSLutil.lib.EC_GROUP_get_curve_name(pyOpenSSLutil.lib.EC_KEY_get0_group(ec_key))
    49. 

  49.         cname = pyOpenSSLutil.lib.EC_curve_nid2nist(nid)
    50. 

  50.         if cname == pyOpenSSLutil.ffi.NULL:
    51. 

  51.             cname = pyOpenSSLutil.lib.OBJ_nid2sn(nid)
    52. 

  52.         key_info.append(ffi_buf_to_string(cname))
    53. 

  53.     else:
    54. 

  54.         key_info.append(ffi_buf_to_string(pyOpenSSLutil.lib.OBJ_nid2sn(key_type)))
    55. 

  55.     key_info.append('%s bits' % pyOpenSSLutil.lib.EVP_PKEY_bits(temp_key))
    56. 

  56.     return ', '.join(key_info)
    57. 

  57. 

  58. 

  59. def get_openssl_version():
    60. 

  60.     system_openssl = OpenSSL.SSL.SSLeay_version(
    61. 

  61.         OpenSSL.SSL.SSLEAY_VERSION
    62. 

  62.     ).decode('ascii', errors='replace')
    63. 

  63.     return '{} ({})'.format(OpenSSL.version.__version__, system_openssl)
    64.