Could it be that somehow in (in the latest build) - X509_STORE_set_purpose and associated #defines are missing ?
In below - things work fine up until lib.X509_STORE_set_purpose() - but that calls gives me a: AttributeError: cffi library '_openssl' has no function, constant or global variable named 'X509_STORE_set_purpose' With kind regards, Dw # Create the pkcs7 object pkcs7_object = lib.d2i_PKCS7_bio(bio.bio, ffi.NULL) # We're not passing any untrusted certificates, the chain should # complete, up to, but not including the CA cert, in the CMS package. # other = lib.sk_X509_new_null() binding._openssl_assert(lib, other != ffi.NULL) # We are prividing exactly one certificate - that of the certificate # authority - as trusted. It has to be signed by this national root. # store = lib.X509_STORE_new() lib.X509_STORE_add_cert(store, certificate._x509) # type: ignore # As we're using certifcates somewhat off-label; we need to relax # the purpose verification. This is the equivalent of the -purpose any # flag in: # openssl smime -verify -inform DER -content payload.raw \ # -CAfile ca.pem -in signature.p7 -purpose any lib.X509_STORE_set_purpose(store, 7) # X509_PURPOSE_ANY
_______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev