1

我做了这个函数,它需要一个 pkcs7 信封和颁发者公钥并返回证书。

def get_cert_from_pkcs7(pkcs7, cert_parent):
    """
    Take a pkcs7 and return a certificate.

    @type pkcs7: string
    @param pkcs7: The base64 of the PKCS7 envelop as 
    -----BEGIN PKCS7-----
    base64 of the pkcs7 envelop
    -----END PKCS7-----

    @type cert_parent : string
    @param cert_parent : Issuer certificate file path

    @rtype : M2Crypto.X509
    @return : The certificate

    """
    sm_obj = SMIME.SMIME()
    x509 = X509.load_cert(cert_parent) # public key cert used by the remote
                                       # client when signing the message
    sk = X509.X509_Stack()
    sk.push(x509)
    sm_obj.set_x509_stack(sk)

    st = X509.X509_Store()
    st.load_info(cert_parent) # Public cert for the CA which signed
                              # the above certificate

    sm_obj.set_x509_store(st)

    buf = BIO.MemoryBuffer(pkcs7)
    p7 = SMIME.load_pkcs7_bio(buf)

    signers = p7.get0_signers(sk)
    certificat = signers[0]
    return certificat

问题是 certificat 是一个与 Python 绑定的 C 对象,当函数返回时,C 对象被垃圾收集,因此 _ptr 不存在,并且对证书的访问返回分段错误。

是否可以返回我的证书而没有任何错误(复制/克隆)?

4

0 回答 0