Exemplo n.º 1
0
def client_auth_data_callback(ca_names, chosen_nickname, password, certdb):
    cert = None
    if chosen_nickname:
        try:
            cert = nss.find_cert_from_nickname(chosen_nickname, password)
            priv_key = nss.find_key_by_any_cert(cert, password)
            if verbose:
                print("client cert:\n%s" % cert)
            return cert, priv_key
        except NSPRError as e:
            print("client_auth_data_callback: %s" % e, file=sys.stderr)
            return False
    else:
        nicknames = nss.get_cert_nicknames(certdb,
                                           cert.SEC_CERT_NICKNAMES_USER)
        for nickname in nicknames:
            try:
                cert = nss.find_cert_from_nickname(nickname, password)
                if verbose:
                    print("client cert:\n%s" % cert)
                if cert.check_valid_times():
                    if cert.has_signer_in_ca_names(ca_names):
                        priv_key = nss.find_key_by_any_cert(cert, password)
                        return cert, priv_key
            except NSPRError as e:
                print("client_auth_data_callback: %s" % e, file=sys.stderr)
        return False
Exemplo n.º 2
0
    def client_auth_data_callback(self, ca_names, chosen_nickname=None,
                                  password=None):
        """Client authentication callback (client cert)

        The password argument is passed down to the password callback.
        """
        cert = None
        if chosen_nickname:
            try:
                cert = nss.find_cert_from_nickname(chosen_nickname, password)
                priv_key = nss.find_key_by_any_cert(cert, password)
                return cert, priv_key
            except NSPRError:
                return False
        else:
            nicknames = nss.get_cert_nicknames(self.certdb,
                                               nss.SEC_CERT_NICKNAMES_USER)
            for nickname in nicknames:
                try:
                    cert = nss.find_cert_from_nickname(nickname, password)
                    if cert.check_valid_times():
                        if cert.has_signer_in_ca_names(ca_names):
                            priv_key = nss.find_key_by_any_cert(cert,
                                                                password)
                            return cert, priv_key
                except NSPRError:
                    pass
            return False
Exemplo n.º 3
0
def client_auth_data_callback(ca_names, chosen_nickname, password, certdb):
    cert = None
    if chosen_nickname:
        try:
            cert = nss.find_cert_from_nickname(chosen_nickname, password)
            priv_key = nss.find_key_by_any_cert(cert, password)
            if verbose:
                print("client cert:\n%s" % cert)
            return cert, priv_key
        except NSPRError as e:
            print("client_auth_data_callback: %s" % e, file=sys.stderr)
            return False
    else:
        nicknames = nss.get_cert_nicknames(certdb, cert.SEC_CERT_NICKNAMES_USER)
        for nickname in nicknames:
            try:
                cert = nss.find_cert_from_nickname(nickname, password)
                if verbose:
                    print("client cert:\n%s" % cert)
                if cert.check_valid_times():
                    if cert.has_signer_in_ca_names(ca_names):
                        priv_key = nss.find_key_by_any_cert(cert, password)
                        return cert, priv_key
            except NSPRError as e:
                print("client_auth_data_callback: %s" % e, file=sys.stderr)
        return False
Exemplo n.º 4
0
    def _client_auth_data_callback(self, ca_names, chosen_nickname, password, nicknames):
        nickname = _certificate_callback(
            nss.get_cert_nicknames(self._certdb, nss.SEC_CERT_NICKNAMES_USER))
        try:
            cert = nss.find_cert_from_nickname(nickname, password)
            priv_key = nss.find_key_by_any_cert(cert, password)
        except NSPRError:
            return False

        return cert, priv_key
Exemplo n.º 5
0
    def _client_auth_data_callback(self, ca_names, chosen_nickname, password,
                                   nicknames):
        nickname = _certificate_callback(
            nss.get_cert_nicknames(self._certdb, nss.SEC_CERT_NICKNAMES_USER))
        try:
            cert = nss.find_cert_from_nickname(nickname, password)
            priv_key = nss.find_key_by_any_cert(cert, password)
        except NSPRError:
            return False

        return cert, priv_key
Exemplo n.º 6
0
    if verbose: print "Returning cert_is_valid = %s" % cert_is_valid
    return cert_is_valid

def client_auth_data_callback(ca_names, chosen_nickname, password, certdb):
    cert = None
    if chosen_nickname:
        try:
            cert = nss.find_cert_from_nickname(chosen_nickname, password)
            priv_key = nss.find_key_by_any_cert(cert, password)
            if verbose: print "client cert:\n%s" % cert
            return cert, priv_key
        except NSPRError, e:
            print >>sys.stderr, "client_auth_data_callback: %s" % e
            return False
    else:
        nicknames = nss.get_cert_nicknames(certdb, cert.SEC_CERT_NICKNAMES_USER)
        for nickname in nicknames:
            try:
                cert = nss.find_cert_from_nickname(nickname, password)
                if verbose: print "client cert:\n%s" % cert
                if cert.check_valid_times():
                    if cert.has_signer_in_ca_names(ca_names):
                        priv_key = nss.find_key_by_any_cert(cert, password)
                        return cert, priv_key
            except NSPRError, e:
                print >>sys.stderr, "client_auth_data_callback: %s" % e
        return False

# -----------------------------------------------------------------------------
# Client Implementation
# -----------------------------------------------------------------------------
Exemplo n.º 7
0
    return cert_is_valid


def client_auth_data_callback(ca_names, chosen_nickname, password, certdb):
    cert = None
    if chosen_nickname:
        try:
            cert = nss.find_cert_from_nickname(chosen_nickname, password)
            priv_key = nss.find_key_by_any_cert(cert, password)
            if verbose: print "client cert:\n%s" % cert
            return cert, priv_key
        except NSPRError, e:
            print >> sys.stderr, "client_auth_data_callback: %s" % e
            return False
    else:
        nicknames = nss.get_cert_nicknames(certdb,
                                           cert.SEC_CERT_NICKNAMES_USER)
        for nickname in nicknames:
            try:
                cert = nss.find_cert_from_nickname(nickname, password)
                if verbose: print "client cert:\n%s" % cert
                if cert.check_valid_times():
                    if cert.has_signer_in_ca_names(ca_names):
                        priv_key = nss.find_key_by_any_cert(cert, password)
                        return cert, priv_key
            except NSPRError, e:
                print >> sys.stderr, "client_auth_data_callback: %s" % e
        return False


# -----------------------------------------------------------------------------
# Client Implementation