def getfingerprint(self, digest='md5', delimiter=':'): digest = string.upper(digest) if not digest in ['MD2', 'MD5', 'MDC2', 'RMD160', 'SHA', 'SHA1']: raise ValueError, 'Illegal parameter for digest: %s' % digest elif self.fingerprint.has_key(digest): result = self.fingerprint[digest] elif digest == 'MD5': return certhelper.MD5Fingerprint( certhelper.pem2der(open(self.filename, 'r').read()), delimiter) elif digest == 'SHA1': return certhelper.SHA1Fingerprint( certhelper.pem2der(open(self.filename, 'r').read()), delimiter) else: opensslcommand = '%s x509 -in %s -inform %s -outform DER | %s %s' % ( openssl.bin_filename, self.filename, self.format, openssl.bin_filename, string.lower(digest)) f = os.popen(opensslcommand) rawdigest = string.strip(f.read()) rc = f.close() if rc and rc != 256: raise IOError, "Error %s: %s" % (rc, opensslcommand) result = [] for i in range(len(rawdigest) / 2): result.append(rawdigest[2 * i:2 * (i + 1)]) self.fingerprint[digest] = result return string.upper(string.join(result, delimiter))
def getfingerprint(self,digest='md5',delimiter=':'): digest = string.upper(digest) if not digest in ['MD2','MD5','MDC2','RMD160','SHA','SHA1']: raise ValueError, 'Illegal parameter for digest: %s' % digest elif self.fingerprint.has_key(digest): result = self.fingerprint[digest] elif digest=='MD5': return certhelper.MD5Fingerprint(certhelper.pem2der(open(self.filename,'r').read()),delimiter) elif digest=='SHA1': return certhelper.SHA1Fingerprint(certhelper.pem2der(open(self.filename,'r').read()),delimiter) else: opensslcommand = '%s x509 -in %s -inform %s -outform DER | %s %s' % ( openssl.bin_filename, self.filename, self.format, openssl.bin_filename, string.lower(digest) ) f = os.popen(opensslcommand) rawdigest = string.strip(f.read()) rc = f.close() if rc and rc!=256: raise IOError,"Error %s: %s" % (rc,opensslcommand) result = [] for i in range(len(rawdigest)/2): result.append(rawdigest[2*i:2*(i+1)]) self.fingerprint[digest] = result return string.upper(string.join(result,delimiter))
htmlbase.PrintHeading('Install certificate') print 'Certificate of type <STRONG>%s</STRONG>:<P>' % ca_name print 'Subject DN: %s<BR>Valid until: %s' % ( \ charset.asn12html4(entry[DB_name]), \ strftime('%d.%m.%Y',localtime(mktime(dbtime2tuple(entry[DB_exp_date])))) \ ) vbs.PrintVBSXenrollObject() print '<SCRIPT Language=VBSCRIPT>\n<!-- ' vbs.PrintVBSCertInstallCode( string.strip(entry[DB_name]), entry[DB_serial], strftime('%d.%m.%Y', localtime(mktime(dbtime2tuple(entry[DB_exp_date])))), cert) print ' -->\n</SCRIPT>' htmlbase.PrintFooter() else: # Simply write MIME-type and certificate data to stdout sys.stdout.flush() sys.stdout.write('Content-type: %s\n\n' % mimetype) if cert_format == 'der': sys.stdout.write(certhelper.pem2der(cert)) elif cert_format == 'pem': pem_type = {0: 'CERTIFICATE', 1: 'CRL'}[cert_type == 'crl'] sys.stdout.write("""-----BEGIN %s----- %s -----END %s----- """ % (pem_type, certhelper.extract_pem(cert)[0][1], pem_type)) elif cert_format == 'b64': sys.stdout.write(certhelper.extract_pem(cert)[0][1]) sys.exit(0)
if scep_operation in ['GetCACert','GetCACertChain']: # *** Check parameter message again for being valid FQDN. # *** Set to pre-configured SCEP CA scep_message = 'SCEP' ca = opensslcnf.getcadata(scep_message) if not opensslcnf.data['ca'].has_key(scep_message): htmlbase.PrintErrorMsg('Unknown certificate authority "%s".' % scep_message) sys.exit(0) # Does the certificate file exist? if not os.path.isfile(ca.certificate): htmlbase.PrintErrorMsg('CA Certificate of file not found.') sys.exit(0) cert = certhelper.pem2der(open(ca.certificate,'r').read()) sys.stderr.write('%s' % repr(cert)) # Simply write MIME-type and certificate data to stdout sys.stdout.write('Content-type: application/x-x509-ca-cert\n\n') sys.stdout.write(cert) sys.stdout.flush() elif scep_operation=='PKIOperation': open('/tmp/scep_message','wb').write(scep_message) sys.exit(0)
if browser_name=='MSIE' and cert_type=='user': import vbs, charset htmlbase.PrintHeader('Install certificate') htmlbase.PrintHeading('Install certificate') print 'Certificate of type <STRONG>%s</STRONG>:<P>' % ca_name print 'Subject DN: %s<BR>Valid until: %s' % ( \ charset.asn12html4(entry[DB_name]), \ strftime('%d.%m.%Y',localtime(mktime(dbtime2tuple(entry[DB_exp_date])))) \ ) vbs.PrintVBSXenrollObject() print '<SCRIPT Language=VBSCRIPT>\n<!-- ' vbs.PrintVBSCertInstallCode(string.strip(entry[DB_name]),entry[DB_serial],strftime('%d.%m.%Y',localtime(mktime(dbtime2tuple(entry[DB_exp_date])))),cert) print ' -->\n</SCRIPT>' htmlbase.PrintFooter() else: # Simply write MIME-type and certificate data to stdout sys.stdout.flush() sys.stdout.write('Content-type: %s\n\n' % mimetype) if cert_format=='der': sys.stdout.write(certhelper.pem2der(cert)) elif cert_format=='pem': pem_type = {0:'CERTIFICATE',1:'CRL'}[cert_type=='crl'] sys.stdout.write("""-----BEGIN %s----- %s -----END %s----- """ % (pem_type,certhelper.extract_pem(cert)[0][1],pem_type)) elif cert_format=='b64': sys.stdout.write(certhelper.extract_pem(cert)[0][1]) sys.exit(0)
# *** Check parameter message again for being valid FQDN. # *** Set to pre-configured SCEP CA scep_message = 'SCEP' ca = opensslcnf.getcadata(scep_message) if not opensslcnf.data['ca'].has_key(scep_message): htmlbase.PrintErrorMsg('Unknown certificate authority "%s".' % scep_message) sys.exit(0) # Does the certificate file exist? if not os.path.isfile(ca.certificate): htmlbase.PrintErrorMsg('CA Certificate of file not found.') sys.exit(0) cert = certhelper.pem2der(open(ca.certificate, 'r').read()) sys.stderr.write('%s' % repr(cert)) # Simply write MIME-type and certificate data to stdout sys.stdout.write('Content-type: application/x-x509-ca-cert\n\n') sys.stdout.write(cert) sys.stdout.flush() elif scep_operation == 'PKIOperation': open('/tmp/scep_message', 'wb').write(scep_message) sys.exit(0)