Basic X509V3 context support

Hi Emmanuel,

Thanks for the patch. I've just started looking at it. It'll take me a little while to digest, but in the mean time, one thing I noticed is that the added files declare themselves to be copyright you, all rights reserved. Technically, I need you to license them to me, preferably under the MIT or BSD license, in order to be able to use them. I assume you'll be happy to do this, or you wouldn't have contributed the patch. :) But I need to check to make sure.

Hello Jean-Paul,

My bad ("just take the header and replace everything") - no problem about the license :)

I applied the patch to ext-context successfully but the sample code doesn't run.
X509Extension objects don't have a set_subject or set_issuer attribute, and trying to add
an extension of "subjectKeyIdentifier" produces this strange error which is not fixable by playing
with "import"

TypeError: X509Extension() argument 4 must be X509Context, not OpenSSL.crypto.X509Context

I'm using fedora 10, python 2.5.2-1.fc10.i386, openssl-0.9.8g-12.fc10.i686, and
ext-context revision 95

This patch applied on top of Tseekers on top of revision 95 fixes
my problems described above, although the code is still seg faulting
for me which could be because I am trying to create a self signed
CA with those attributes. Anyway, I'll keep looking.

The patch will not work against rev 95 because it will conflict with some of Jean-Paul's work in progress (which at the moment defines a behaviour-less X509Context type). To get the patch to work, you need to use revision 92.

Here is the API I like which doesn't python wrap the x509context,
but instead adds optional args of "issuer" and "subject" to
the X509Extension() constructor. For example...

 ext1 = crypto.X509Extension('subjectKeyIdentifier', False, 'hash', subject=cert, )
 ext3 = crypto.X509Extension('basicConstraints', False, 'CA:TRUE')
 certx.add_extensions( (ext1, ext3) )
 ext2 = crypto.X509Extension('authorityKeyIdentifier', False, 'keyid:always,issuer:always', issuer=cert)
 certx.add_extensions( (ext2, ) )

The attached patch applies to revision 95 of branch ext-context.
Compared to the alternatives, this code is shorter and uses less
memory.

I have ported this to the tip of main, added some LATEX
documentation, and pushed it to
lp:~rick-fdd/pyopenssl/subject_and_issuer2

This functionality is critical for constructing X509v3
root certificates.

There was a bug in OpenSSL.test.util.failUnlessRaises()
which is patched.

This patch was sponsored by http://easyradius.com/
who is "Secure enterprise WiFi made easy".