def extractCert(spkiobj): if spki.isa(spkiobj, spki.Sequence): for elt in spkiobj: if spki.isa(elt, spki.Cert): return elt elif spki.isa(spkiobj, spki.Cert): return spkiobj
def loadPrivate(self, obj): if spki.isa(obj, 'default'): self._default = 1 elif spki.isa(obj, spki.PasswordEncrypted): self._priv = obj self.loadState = self.LOAD_DONE else: print "Warning: Unexpected SPKI object. Skipping." print obj.__class__ print sexp.pprint(obj.sexp())
def add(self, pub, priv): if spki.isa(pub, spki.Hash): p = pub else: try: p = pub.getPrincipal() except AttributeError: raise TypeError, "arg 1 must be hash or public key" if not spki.isa(priv, spki.PasswordEncrypted) \ or not priv.type == 'private-key': raise TypeError, "arg 2 must be encrypted private key" self.keys[p] = priv
def lookupName(self, name, namespace=None): """Return certs for specified name The name can either be a SPKI name object or a simple string. If it is a string, the key for the namespace must be passed as the second argument. """ if type(name) == types.StringType: checkType(2, namespace, spki.PublicKey, spki.Hash) if spki.isa(namespace, spki.PublicKey): p = namespace.getPrincipal() else: p = namespace name = spki.Name(p, name) checkType(1, name, spki.Name) certs = self.lookupCertByIssuer(name) names = [] for cert in certs: if isinstance(cert, spki.Sequence): for elt in cert: if isinstance(elt, spki.Cert): if elt.isNameCert(): names.append(cert) break elif cert.isNameCert(): names.append(cert) return names
def loadObject(self, obj): if not spki.isa(obj, spki.Entry): print "Warning: Not an acl entry. Skipping." print sexp.pprint(obj.sexp()) return l = self.entries.get(obj.subject, []) l.append(obj) self.entries[obj.subject] = l
def loadPublic(self, obj): if not spki.isa(obj, spki.Hash): print "Warning: Unexpected SPKI object. Skipping." print obj.__class__ print sexp.pprint(obj.sexp()) return self._prin = obj self._default = 0 self._priv = None self.loadState = self.LOAD_PRIV
def hashToB64(h): """Converts a hash object to its base 64 representation Args: h; spki.Hash Returns: String """ if spki.isa(h, spki.Hash): return sexp.str_to_b64(h.value) else: raise ValueError("Hash object not supplied")
def loadObject(self, obj): if not spki.isa(obj, spki.PublicKey): print "Warning: Unexpected SPKI object. Skipping." print obj.__class__ print sexp.pprint(obj.sexp()) return p = obj.getPrincipal() if self.principals.has_key(p): print "Warning: Duplicate definition of %s" % str(p) print "Old definition:" print sexp.pprint(self.principals[p].sexp()) print "New definition:" print sexp.pprint(obj.sexp()) self.principals[p] = obj
def parseKeyIdInput(buf, keystore, parseName=True): """Parses a string into a spki.Hash object String could be a sexp, a base 64 encoded version of the hash or a name Taken from the spkitool.py in pisces but doesn't use global variables and raises different exceptions. Args: buf: String to be parsed. keystore: KeyStore object. parseName: Bool. Returns: spki.Hash object Raises: ValueError: Raised if buf fails to parse NameError: Raised if buf is an unbound name. """ try: p = spki.parseText(buf) except sexp.ParseError: # It wasnt an sexp, try next potential format pass else: if spki.isa(p, spki.Hash): return p # Parse an MD5 hash in B64 representation # Will always be 24 chars long and end in == if len(buf) == 24 and buf[-2:] == '==': try: digest = sexp.b64_to_str(buf) p = spki.Hash('md5', digest) except binascii.Error: pass else: return p if not parseName: raise ValueError("Unable to parse %s to hash" % buf) ns = keystore.getDefaultKey() if ns is None: raise ValueError('No default key specified') certs = keystore.lookupName(buf, ns) matches = [] for seq in certs: for elt in seq: if isinstance(elt, spki.Cert) and elt.isNameCert(): subj = elt.getSubject().getPrincipal() if subj not in matches: matches.append(subj) l = len(matches) if l == 0: raise NameError('No key bound to name: %s' % buf) if l != 1: raise NameError('Ambiguous name: %s matches %d keys' % (buf, l)) p = matches[0] return p
def writeStorageHint(self, obj, io): if spki.isa(obj, spki.Hash): io.write("# %s\n" % stripNewlines(obj.sexp())) elif spki.isa(obj, 'default'): io.write('# default private key\n')