summaryrefslogtreecommitdiffstats
path: root/ipalib/x509.py
diff options
context:
space:
mode:
Diffstat (limited to 'ipalib/x509.py')
-rw-r--r--ipalib/x509.py21
1 files changed, 12 insertions, 9 deletions
diff --git a/ipalib/x509.py b/ipalib/x509.py
index ee9ceb3e0..1db25d06f 100644
--- a/ipalib/x509.py
+++ b/ipalib/x509.py
@@ -45,6 +45,9 @@ from pyasn1 import error
# Would be autogenerated from ASN.1 source by a ASN.1 parser
# X.509 spec (rfc2459)
+PEM = 0
+DER = 1
+
# Common OIDs found in a subject
oidtable = { "2.5.4.3": "CN",
"2.5.4.6": "C",
@@ -202,18 +205,18 @@ def strip_header(pem):
return pem
-def load_certificate(pem):
+def load_certificate(data, type=PEM):
"""
Given a base64-encoded certificate, with or without the
header/footer, return a request object.
"""
- pem = strip_header(pem)
-
- substrate = base64.b64decode(pem)
+ if (type == PEM):
+ data = strip_header(data)
+ data = base64.b64decode(data)
- return decoder.decode(substrate, asn1Spec=Certificate())[0]
+ return decoder.decode(data, asn1Spec=Certificate())[0]
-def get_subject_components(certificate):
+def get_subject_components(certificate, type=PEM):
"""
Load an X509.3 certificate and get the subject.
@@ -222,16 +225,16 @@ def get_subject_components(certificate):
"""
# Grab the subject, reverse it, combine it and return it
- x509cert = load_certificate(certificate)
+ x509cert = load_certificate(certificate, type)
return x509cert.get_subject().get_components()
-def get_serial_number(certificate):
+def get_serial_number(certificate, type=PEM):
"""
Return the serial number of a certificate.
Returns an integer
"""
- x509cert = load_certificate(certificate)
+ x509cert = load_certificate(certificate, type)
return x509cert.get_serial_number()
if __name__ == '__main__':