summaryrefslogtreecommitdiffstats
path: root/base/common/python/pki/cli
diff options
context:
space:
mode:
authorEndi S. Dewata <edewata@redhat.com>2016-02-24 22:22:10 +0100
committerAde Lee <alee@redhat.com>2016-02-26 13:12:14 -0500
commit935633c5ea9f2b5c4321d924af166367008ac4b3 (patch)
tree514fdf2533b8be3cc3fe7789a3736b294f6952ba /base/common/python/pki/cli
parent1d58b883ff9d0056d89d74d30f1375ab12d01f03 (diff)
downloadpki-935633c5ea9f2b5c4321d924af166367008ac4b3.tar.gz
pki-935633c5ea9f2b5c4321d924af166367008ac4b3.tar.xz
pki-935633c5ea9f2b5c4321d924af166367008ac4b3.zip
Added Python wrapper for pki pkcs12-import.
A Python wrapper module has been added for the pki pkcs12-import command to provide a mechanism to implement a workaround for JSS import limitation. Additional fixes by cheimes have been merged into this patch: setup.py: We must track all sub-packages manually. pylint-build-scan.py: pylint confuses the 'pki' package with the 'pki' command. The workaround symlinks the command and analysis the command under its alternative name. https://fedorahosted.org/pki/ticket/1742
Diffstat (limited to 'base/common/python/pki/cli')
-rw-r--r--base/common/python/pki/cli/__init__.py203
-rw-r--r--base/common/python/pki/cli/pkcs12.py124
2 files changed, 327 insertions, 0 deletions
diff --git a/base/common/python/pki/cli/__init__.py b/base/common/python/pki/cli/__init__.py
new file mode 100644
index 000000000..3be9cce2e
--- /dev/null
+++ b/base/common/python/pki/cli/__init__.py
@@ -0,0 +1,203 @@
+# Authors:
+# Endi S. Dewata <edewata@redhat.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Copyright (C) 2015 Red Hat, Inc.
+# All rights reserved.
+#
+
+from __future__ import absolute_import
+from __future__ import print_function
+import collections
+import getopt
+import sys
+from six import itervalues
+
+
+class CLI(object):
+
+ def __init__(self, name, description):
+
+ self.name = name
+ self.description = description
+ self.parent = None
+
+ self.verbose = False
+ self.debug = False
+
+ self.modules = collections.OrderedDict()
+
+ def set_verbose(self, verbose):
+ self.verbose = verbose
+ if self.parent:
+ self.parent.set_verbose(verbose)
+
+ def set_debug(self, debug):
+ self.debug = debug
+ if self.parent:
+ self.parent.set_debug(debug)
+
+ def get_full_name(self):
+ if self.parent:
+ return self.parent.get_full_module_name(self.name)
+ return self.name
+
+ def get_full_module_name(self, module_name):
+ return self.get_full_name() + '-' + module_name
+
+ def add_module(self, module):
+ self.modules[module.name] = module
+ module.parent = self
+
+ def get_module(self, name):
+ return self.modules.get(name)
+
+ def get_top_module(self):
+ if self.parent:
+ return self.parent.get_top_module()
+ return self
+
+ def print_message(self, message):
+ print('-' * len(message))
+ print(message)
+ print('-' * len(message))
+
+ def print_help(self):
+
+ print('Commands:')
+
+ for module in itervalues(self.modules):
+ full_name = module.get_full_name()
+ print(' {:30}{:30}'.format(full_name, module.description))
+
+ def find_module(self, command):
+
+ module = self
+
+ while True:
+ (module, command) = module.parse_command(command)
+
+ if not module or not command:
+ return module
+
+ def parse_command(self, command):
+
+ # A command consists of parts joined by dashes: <part 1>-<part 2>-...-<part N>.
+ # For example: cert-request-find
+
+ # The command will be split into module name and sub command, for example:
+ # - module name: cert
+ # - sub command: request-find
+ module_name = None
+ sub_command = None
+
+ # Search the module by incrementally adding parts into module name.
+ # Repeat until it finds the module or until there is no more parts to
+ # add.
+ module = None
+ position = 0
+
+ while True:
+
+ # Find the next dash.
+ i = command.find('-', position)
+ if i >= 0:
+ # Dash found. Split command into module name and sub command.
+ module_name = command[0:i]
+ sub_command = command[i + 1:]
+ else:
+ # Dash not found. Use the whole command.
+ module_name = command
+ sub_command = None
+
+ if self.debug:
+ print('Module: %s' % module_name)
+
+ m = self.get_module(module_name)
+ if m:
+ # Module found. Check sub command.
+ if not sub_command:
+ # No sub command. Use this module.
+ module = m
+ break
+
+ # There is a sub command. It must be processed by module's
+ # children.
+ if len(m.modules) > 0:
+ # Module has children. Use this module.
+ module = m
+ break
+
+ # Module doesn't have children. Keep looking.
+
+ # If there's no more dashes, stop.
+ if i < 0:
+ break
+
+ position = i + 1
+
+ return (module, sub_command)
+
+ def parse_args(self, args):
+
+ command = args[0]
+ (module, sub_command) = self.parse_command(command)
+
+ if not module:
+ raise Exception('Invalid module "%s".' % command)
+
+ # Prepare module arguments.
+ if sub_command:
+ # If module command exists, include it as arguments:
+ # <module command> <args>...
+ module_args = [sub_command] + args[1:]
+
+ else:
+ # Otherwise, pass the original arguments: <args>...
+ module_args = args[1:]
+
+ return (module, module_args)
+
+ def execute(self, argv):
+
+ try:
+ opts, args = getopt.getopt(argv, 'v', [
+ 'verbose', 'help'])
+
+ except getopt.GetoptError as e:
+ print('ERROR: ' + str(e))
+ self.print_help()
+ sys.exit(1)
+
+ if len(args) == 0:
+ self.print_help()
+ sys.exit()
+
+ for o, _ in opts:
+ if o in ('-v', '--verbose'):
+ self.set_verbose(True)
+
+ elif o == '--help':
+ self.print_help()
+ sys.exit()
+
+ else:
+ print('ERROR: unknown option %s' % o)
+ self.print_help()
+ sys.exit(1)
+
+ (module, module_args) = self.parse_args(argv)
+
+ module.execute(module_args)
diff --git a/base/common/python/pki/cli/pkcs12.py b/base/common/python/pki/cli/pkcs12.py
new file mode 100644
index 000000000..c0bf9aff0
--- /dev/null
+++ b/base/common/python/pki/cli/pkcs12.py
@@ -0,0 +1,124 @@
+# Authors:
+# Endi S. Dewata <edewata@redhat.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Copyright (C) 2016 Red Hat, Inc.
+# All rights reserved.
+#
+
+from __future__ import absolute_import
+from __future__ import print_function
+import getopt
+import sys
+
+import pki.cli
+
+
+class PKCS12CLI(pki.cli.CLI):
+
+ def __init__(self):
+ super(PKCS12CLI, self).__init__(
+ 'pkcs12', 'PKCS #12 utilities')
+
+ self.add_module(PKCS12ImportCLI())
+
+
+class PKCS12ImportCLI(pki.cli.CLI):
+
+ def __init__(self):
+ super(PKCS12ImportCLI, self).__init__(
+ 'import', 'Import PKCS #12 file into NSS database')
+
+ def print_help(self):
+ print('Usage: pki pkcs12-import [OPTIONS]')
+ print()
+ print(' --pkcs12 PKCS #12 file containing certificates and keys.')
+ print(' --pkcs12-password Password for the PKCS #12 file.')
+ print(' --pkcs12-password-file File containing the PKCS #12 password.')
+ print(' --no-trust-flags Do not include trust flags')
+ print(' -v, --verbose Run in verbose mode.')
+ print(' --debug Run in debug mode.')
+ print(' --help Show help message.')
+ print()
+
+ def execute(self, args):
+
+ try:
+ opts, _ = getopt.gnu_getopt(args, 'v', [
+ 'pkcs12=', 'pkcs12-password=', 'pkcs12-password-file=',
+ 'no-trust-flags', 'verbose', 'debug', 'help'])
+
+ except getopt.GetoptError as e:
+ print('ERROR: ' + str(e))
+ self.print_help()
+ sys.exit(1)
+
+ pkcs12_file = None
+ pkcs12_password = None
+ password_file = None
+ no_trust_flags = False
+
+ for o, a in opts:
+ if o == '--pkcs12':
+ pkcs12_file = a
+
+ elif o == '--pkcs12-password':
+ pkcs12_password = a
+
+ elif o == '--pkcs12-password-file':
+ password_file = a
+
+ elif o == '--no-trust-flags':
+ no_trust_flags = True
+
+ elif o in ('-v', '--verbose'):
+ self.set_verbose(True)
+
+ elif o == '--help':
+ self.print_help()
+ sys.exit()
+
+ else:
+ print('ERROR: unknown option ' + o)
+ self.print_help()
+ sys.exit(1)
+
+ if not pkcs12_file:
+ print('ERROR: Missing PKCS #12 file')
+ self.print_help()
+ sys.exit(1)
+
+ if not pkcs12_password and not password_file:
+ print('ERROR: Missing PKCS #12 password')
+ self.print_help()
+ sys.exit(1)
+
+ main_cli = self.parent.parent
+
+ cmd = ['pkcs12-import']
+
+ if pkcs12_file:
+ cmd.extend(['--pkcs12', pkcs12_file])
+
+ if pkcs12_password:
+ cmd.extend(['--pkcs12-password', pkcs12_password])
+
+ if password_file:
+ cmd.extend(['--pkcs12-password-file', password_file])
+
+ if no_trust_flags:
+ cmd.extend(['--no-trust-flags'])
+
+ main_cli.execute_java(cmd)
generated by cgit (git 2.34.1) at 2026-01-06 00:36:12 +0000