def load_db(self,keyid):
if not self.keydb.has_key(keyid):
return False
self.refresh_db()
keyinfo = self.keydb[keyid]
if type(keyinfo) == type(''):
return False
self.key_id = keyid
self.key_expire,self.key_depr,self.key_fresh = keyinfo['key_expire'],keyinfo['key_depr'],keyinfo['key_fresh']
# Decrypt Save key.
def _pinreader(hint):
msg = u'对称密钥需要解锁。\n请输入如下私有证书的密码:\n [%s]' % hint
return pinreader(False,message=msg)
pin = _util.cache_get(keyid)
if pin == None:
pin = _pinreader(keyinfo['key_hint'])
pin = certificate().derive_savekey(pin)
_util.cache_set(keyid,pin,_util.CONFIG_cache_password_life)
try:
self.key_val = self._decryptor(pin,keyinfo['key_val'])
except Exception,e:
log.exception('Failed decrypting symmetric key [%s]: User supplied incorrect passphrase or had cancelled.',keyid)
_util.cache_del(keyid)
raise Exception('Cannot load symmetric key: %s' % e)
def get_cert(account,software,secret=False,path=defaultpath):
global BASEPATH
secname = get_certsubject(account,software,path)
if secname == False:
return False
cfg = ConfigParser.ConfigParser()
try:
path = os.path.join(BASEPATH,path)
cfg.read(path)
ret = certificate.certificate()
def _pinreader(checktwice=False,p1='',p2='',s=secret,n=secname):
msg = '需要解密以下用户的私有证书存储:\n %s' % n
if not secret:
warn = '由于配置错误,本次读取无法找到公开证书,所以试图从私有导入。\n请修改配置以改正此问题。'
return pinreader.pinreader(checktwice,message=msg,warning=warn)
return pinreader.pinreader(checktwice,message=msg)
if secret:
if cfg.has_option(secname,'Private'):
filepath = os.path.join(BASEPATH,cfg.get(secname,'Private'))
ret.load_private_text(filepath,_pinreader)
else:
return False
else:
if cfg.has_option(secname,'Public'):
filepath = os.path.join(BASEPATH,cfg.get(secname,'Public'))
ret.load_public_text(open(filepath,'r').read())
elif cfg.has_option(secname,'Private'):
filepath = os.path.join(BASEPATH,cfg.get(secname,'Private'))
transcert = certificate.certificate()
transcert.load_private_text(filepath,_pinreader)
pubtext = transcert.get_public_text()
ret.load_public_text(pubtext)
else:
return False
return ret
except Exception,e:
print "Error loading certificate: %s" % e
# -*- coding: utf-8 -*-
# 检查一个证书,允许编辑
from gui.certeditor import certeditor
from xi.certificate import certificate
c = certificate()
c.generate('test',level=1,bits=1024)
certeditor(c)
if jobid == 2: # 导入证书签名
signtxt = inputbox('请将签名文本粘贴(Ctrl+V)到下面:','导入签名',True).decode('base64')
try:
signparsed = serializer.loads(signtxt)
certified = signparsed['Content']['Certified_ID']
issued = signparsed['Content']['Issuer_ID']
except:
log.warning('Given signature cannot be parsed. Data may corrupted.')
print '证书格式不正确。'
exit()
# Find issuer(public) and holder(private), though issuer may not be verified yet.
issuer, holder = None, None
c = certificate()
for u in publiclist:
c_path = os.path.join(_util.BASEPATH,publiclist[u])
c.load_public_text(open(c_path,'r').read())
cid = c.get_id()
if cid == certified:
holder_pubpath = c_path
if u in privatelist:
holder = certificate()
# holder_pubpath = c_path
def _pinreader(b=False,p1='',p2=''):
msg = u'正在将签名导入私有证书。\n请您输入密码解密以下证书:\n [%s]\n\n如果取消,将试图将签名只导入到公钥证书。' % c.subject
return pinreader(b,message=msg)
try: