def validate_certificate(cert, datatype=PEM, dbdir=None): """ Perform certificate validation by trying to load it into NSS database """ try: load_certificate(cert, datatype=datatype, dbdir=dbdir) except NSPRError as nsprerr: if nsprerr.errno == -8183: # SEC_ERROR_BAD_DER raise errors.CertificateFormatError( error=_('improperly formatted DER-encoded certificate')) else: raise errors.CertificateFormatError(error=str(nsprerr))
def validate_der_x509_certificate(cert): """ Perform cert validation by trying to load it via python-cryptography. """ try: load_der_x509_certificate(cert) except ValueError as e: raise errors.CertificateFormatError(error=str(e))
def validate_certificate(cert, datatype=PEM): """ Perform cert validation by trying to load it via python-cryptography. """ try: load_certificate(cert, datatype=datatype) except ValueError as e: raise errors.CertificateFormatError(error=str(e))
try: dercert = base64.b64decode(rawcert) except Exception, e: raise errors.Base64DecodeError(reason=str(e)) else: dercert = rawcert # At this point we should have a certificate, either because the data # was base64-encoded and now its not or it came in as DER format. # Let's decode it and see. Fetching the serial number will pass the # certificate through the NSS DER parser. try: serial = unicode(get_serial_number(dercert, DER)) except NSPRError, nsprerr: if nsprerr.errno == -8183: # SEC_ERROR_BAD_DER raise errors.CertificateFormatError( error=_('improperly formatted DER-encoded certificate')) else: raise errors.CertificateFormatError(error=str(nsprerr)) return dercert def write_certificate(rawcert, filename): """ Write the certificate to a file in PEM format. The cert value can be either DER or PEM-encoded, it will be normalized to DER regardless, then back out to PEM. """ dercert = normalize_certificate(rawcert)