summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2009-12-01 17:16:40 -0500
committerJason Gerard DeRose <jderose@redhat.com>2009-12-01 23:17:55 -0700
commitcb4c0d6caf73c1a35970a6614d5be83c6e3d5434 (patch)
tree24f27212a28e018ce665a84395bd3f1953ebfcc2
parent060662f320ffb0e78b20713d705d65ebee295678 (diff)
downloadfreeipa-cb4c0d6caf73c1a35970a6614d5be83c6e3d5434.tar.gz
freeipa-cb4c0d6caf73c1a35970a6614d5be83c6e3d5434.tar.xz
freeipa-cb4c0d6caf73c1a35970a6614d5be83c6e3d5434.zip
Add type argument to x509.load_certificate() so it can handle binary certs
-rw-r--r--ipalib/x509.py21
1 files changed, 12 insertions, 9 deletions
diff --git a/ipalib/x509.py b/ipalib/x509.py
index ee9ceb3e0..1db25d06f 100644
--- a/ipalib/x509.py
+++ b/ipalib/x509.py
@@ -45,6 +45,9 @@ from pyasn1 import error
# Would be autogenerated from ASN.1 source by a ASN.1 parser
# X.509 spec (rfc2459)
+PEM = 0
+DER = 1
+
# Common OIDs found in a subject
oidtable = { "2.5.4.3": "CN",
"2.5.4.6": "C",
@@ -202,18 +205,18 @@ def strip_header(pem):
return pem
-def load_certificate(pem):
+def load_certificate(data, type=PEM):
"""
Given a base64-encoded certificate, with or without the
header/footer, return a request object.
"""
- pem = strip_header(pem)
-
- substrate = base64.b64decode(pem)
+ if (type == PEM):
+ data = strip_header(data)
+ data = base64.b64decode(data)
- return decoder.decode(substrate, asn1Spec=Certificate())[0]
+ return decoder.decode(data, asn1Spec=Certificate())[0]
-def get_subject_components(certificate):
+def get_subject_components(certificate, type=PEM):
"""
Load an X509.3 certificate and get the subject.
@@ -222,16 +225,16 @@ def get_subject_components(certificate):
"""
# Grab the subject, reverse it, combine it and return it
- x509cert = load_certificate(certificate)
+ x509cert = load_certificate(certificate, type)
return x509cert.get_subject().get_components()
-def get_serial_number(certificate):
+def get_serial_number(certificate, type=PEM):
"""
Return the serial number of a certificate.
Returns an integer
"""
- x509cert = load_certificate(certificate)
+ x509cert = load_certificate(certificate, type)
return x509cert.get_serial_number()
if __name__ == '__main__':