diff options
author | Rob Crittenden <rcritten@redhat.com> | 2009-12-01 17:16:40 -0500 |
---|---|---|
committer | Jason Gerard DeRose <jderose@redhat.com> | 2009-12-01 23:17:55 -0700 |
commit | cb4c0d6caf73c1a35970a6614d5be83c6e3d5434 (patch) | |
tree | 24f27212a28e018ce665a84395bd3f1953ebfcc2 | |
parent | 060662f320ffb0e78b20713d705d65ebee295678 (diff) | |
download | freeipa-cb4c0d6caf73c1a35970a6614d5be83c6e3d5434.tar.gz freeipa-cb4c0d6caf73c1a35970a6614d5be83c6e3d5434.tar.xz freeipa-cb4c0d6caf73c1a35970a6614d5be83c6e3d5434.zip |
Add type argument to x509.load_certificate() so it can handle binary certs
-rw-r--r-- | ipalib/x509.py | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/ipalib/x509.py b/ipalib/x509.py index ee9ceb3e0..1db25d06f 100644 --- a/ipalib/x509.py +++ b/ipalib/x509.py @@ -45,6 +45,9 @@ from pyasn1 import error # Would be autogenerated from ASN.1 source by a ASN.1 parser # X.509 spec (rfc2459) +PEM = 0 +DER = 1 + # Common OIDs found in a subject oidtable = { "2.5.4.3": "CN", "2.5.4.6": "C", @@ -202,18 +205,18 @@ def strip_header(pem): return pem -def load_certificate(pem): +def load_certificate(data, type=PEM): """ Given a base64-encoded certificate, with or without the header/footer, return a request object. """ - pem = strip_header(pem) - - substrate = base64.b64decode(pem) + if (type == PEM): + data = strip_header(data) + data = base64.b64decode(data) - return decoder.decode(substrate, asn1Spec=Certificate())[0] + return decoder.decode(data, asn1Spec=Certificate())[0] -def get_subject_components(certificate): +def get_subject_components(certificate, type=PEM): """ Load an X509.3 certificate and get the subject. @@ -222,16 +225,16 @@ def get_subject_components(certificate): """ # Grab the subject, reverse it, combine it and return it - x509cert = load_certificate(certificate) + x509cert = load_certificate(certificate, type) return x509cert.get_subject().get_components() -def get_serial_number(certificate): +def get_serial_number(certificate, type=PEM): """ Return the serial number of a certificate. Returns an integer """ - x509cert = load_certificate(certificate) + x509cert = load_certificate(certificate, type) return x509cert.get_serial_number() if __name__ == '__main__': |