M2Crypto从函数返回X509对象

时间:2012-11-19 11:14:13

标签: python m2crypto

我做了这个函数,它接受pkcs7信封和发行者公钥并返回证书。

def get_cert_from_pkcs7(pkcs7, cert_parent):
    """
    Take a pkcs7 and return a certificate.

    @type pkcs7: string
    @param pkcs7: The base64 of the PKCS7 envelop as 
    -----BEGIN PKCS7-----
    base64 of the pkcs7 envelop
    -----END PKCS7-----

    @type cert_parent : string
    @param cert_parent : Issuer certificate file path

    @rtype : M2Crypto.X509
    @return : The certificate

    """
    sm_obj = SMIME.SMIME()
    x509 = X509.load_cert(cert_parent) # public key cert used by the remote
                                       # client when signing the message
    sk = X509.X509_Stack()
    sk.push(x509)
    sm_obj.set_x509_stack(sk)

    st = X509.X509_Store()
    st.load_info(cert_parent) # Public cert for the CA which signed
                              # the above certificate

    sm_obj.set_x509_store(st)

    buf = BIO.MemoryBuffer(pkcs7)
    p7 = SMIME.load_pkcs7_bio(buf)

    signers = p7.get0_signers(sk)
    certificat = signers[0]
    return certificat

问题是certificat是一个用Python绑定的C对象,当函数返回时,C对象被垃圾收集,因此_ptr不存在,并且对证书的访问会返回分段错误。

是否可以在没有任何错误(复制/克隆)的情况下返回我的证书?

0 个答案:

没有答案