add `Connection.use_(certificate|privatekey)` (#1121)

* add `Connection.use_(certificate|privatekey)` * bump minimum cryptography version * deduplicate tests * black! * max line length
author: Maximilian Hils <git@maximilianhils.com> 2022-09-16 23:55:17 +0200
committer: GitHub <noreply@github.com> 2022-09-16 16:55:17 -0500
commit: f0ed288747a28a5785d7a62ef9e7afc699674625 (patch)
tree: 355b6d894d8f139f85823a6f71b19a1de9e12e90 /src
parent: a3483a7ad7415eb6037237b5261fb8a93e863589 (diff)
download: pyopenssl-f0ed288747a28a5785d7a62ef9e7afc699674625.tar.gz
1 files changed, 32 insertions, 0 deletions
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
index 2ee5b18..9db7353 100644
--- a/src/OpenSSL/SSL.py
+++ b/src/OpenSSL/SSL.py
@@ -962,6 +962,7 @@ class Context:
         :param cert: The X509 object
         :return: None
         """
+        # Mirrored at Connection.use_certificate
         if not isinstance(cert, X509):
             raise TypeError("cert must be an X509 instance")
 
@@ -1023,6 +1024,7 @@ class Context:
         :param pkey: The PKey object
         :return: None
         """
+        # Mirrored at Connection.use_privatekey
         if not isinstance(pkey, PKey):
             raise TypeError("pkey must be a PKey instance")
 
@@ -1788,6 +1790,36 @@ class Connection:
         """
         return _lib.SSL_get_verify_mode(self._ssl)
 
+    def use_certificate(self, cert):
+        """
+        Load a certificate from a X509 object
+
+        :param cert: The X509 object
+        :return: None
+        """
+        # Mirrored from Context.use_certificate
+        if not isinstance(cert, X509):
+            raise TypeError("cert must be an X509 instance")
+
+        use_result = _lib.SSL_use_certificate(self._ssl, cert._x509)
+        if not use_result:
+            _raise_current_error()
+
+    def use_privatekey(self, pkey):
+        """
+        Load a private key from a PKey object
+
+        :param pkey: The PKey object
+        :return: None
+        """
+        # Mirrored from Context.use_privatekey
+        if not isinstance(pkey, PKey):
+            raise TypeError("pkey must be a PKey instance")
+
+        use_result = _lib.SSL_use_PrivateKey(self._ssl, pkey._pkey)
+        if not use_result:
+            self._context._raise_passphrase_exception()
+
     def set_ciphertext_mtu(self, mtu):
         """
         For DTLS, set the maximum UDP payload size (*not* including IP/UDP
author	Maximilian Hils <git@maximilianhils.com>	2022-09-16 23:55:17 +0200
committer	GitHub <noreply@github.com>	2022-09-16 16:55:17 -0500
commit	f0ed288747a28a5785d7a62ef9e7afc699674625 (patch)
tree	355b6d894d8f139f85823a6f71b19a1de9e12e90 /src
parent	a3483a7ad7415eb6037237b5261fb8a93e863589 (diff)
download	pyopenssl-f0ed288747a28a5785d7a62ef9e7afc699674625.tar.gz