From 44c2d685f01eb4c03e4659125e41d73b8be47c19 Mon Sep 17 00:00:00 2001
From: Fraser Tweedale <ftweedal@redhat.com>
Date: Tue, 11 Oct 2016 12:43:22 +1000
Subject: x509: avoid use of nss.data_to_hex

Avoid use of the nss.data_to_hex function for formatting certificate
fingerprints.  Add our own helper functions to format the
fingerprints as hex (with colons).

Part of: https://fedorahosted.org/freeipa/ticket/6398

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
---
 ipaserver/plugins/cert.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'ipaserver/plugins/cert.py')

diff --git a/ipaserver/plugins/cert.py b/ipaserver/plugins/cert.py
index 5e85942dd..a534c4d26 100644
--- a/ipaserver/plugins/cert.py
+++ b/ipaserver/plugins/cert.py
@@ -379,10 +379,10 @@ class BaseCertObject(Object):
             obj['valid_not_before'] = unicode(cert.valid_not_before_str)
             obj['valid_not_after'] = unicode(cert.valid_not_after_str)
             if full:
-                obj['md5_fingerprint'] = unicode(
-                    nss.data_to_hex(nss.md5_digest(cert.der_data), 64)[0])
-                obj['sha1_fingerprint'] = unicode(
-                    nss.data_to_hex(nss.sha1_digest(cert.der_data), 64)[0])
+                obj['md5_fingerprint'] = x509.to_hex_with_colons(
+                    nss.md5_digest(cert.der_data))
+                obj['sha1_fingerprint'] = x509.to_hex_with_colons(
+                    nss.sha1_digest(cert.der_data))
 
             try:
                 ext_san = cert.get_extension(nss.SEC_OID_X509_SUBJECT_ALT_NAME)
-- 
cgit