Exemplo n.º 1
0
def extractCert(spkiobj):
    if spki.isa(spkiobj, spki.Sequence):
        for elt in spkiobj:
            if spki.isa(elt, spki.Cert):
                return elt
    elif spki.isa(spkiobj, spki.Cert):
        return spkiobj
Exemplo n.º 2
0
 def loadPrivate(self, obj):
     if spki.isa(obj, 'default'):
         self._default = 1
     elif spki.isa(obj, spki.PasswordEncrypted):
         self._priv = obj
         self.loadState = self.LOAD_DONE
     else:
         print "Warning: Unexpected SPKI object. Skipping."
         print obj.__class__
         print sexp.pprint(obj.sexp())
Exemplo n.º 3
0
 def add(self, pub, priv):
     if spki.isa(pub, spki.Hash):
         p = pub
     else:
         try:
             p = pub.getPrincipal()
         except AttributeError:
             raise TypeError, "arg 1 must be hash or public key"
     if not spki.isa(priv, spki.PasswordEncrypted) \
        or not priv.type == 'private-key':
         raise TypeError, "arg 2 must be encrypted private key"
     self.keys[p] = priv
Exemplo n.º 4
0
    def lookupName(self, name, namespace=None):
        """Return certs for specified name

        The name can either be a SPKI name object or a simple string.
        If it is a string, the key for the namespace must be passed as
        the second argument.
        """
        if type(name) == types.StringType:
            checkType(2, namespace, spki.PublicKey, spki.Hash)
            if spki.isa(namespace, spki.PublicKey):
                p = namespace.getPrincipal()
            else:
                p = namespace
            name = spki.Name(p, name)
        checkType(1, name, spki.Name)
        certs = self.lookupCertByIssuer(name)
        names = []
        for cert in certs:
            if isinstance(cert, spki.Sequence):
                for elt in cert:
                    if isinstance(elt, spki.Cert):
                        if elt.isNameCert():
                            names.append(cert)
                        break
            elif cert.isNameCert():
                names.append(cert)
        return names
Exemplo n.º 5
0
 def loadObject(self, obj):
     if not spki.isa(obj, spki.Entry):
         print "Warning: Not an acl entry.  Skipping."
         print sexp.pprint(obj.sexp())
         return
     l = self.entries.get(obj.subject, [])
     l.append(obj)
     self.entries[obj.subject] = l
Exemplo n.º 6
0
 def loadPublic(self, obj):
     if not spki.isa(obj, spki.Hash):
         print "Warning: Unexpected SPKI object. Skipping."
         print obj.__class__
         print sexp.pprint(obj.sexp())
         return
     self._prin = obj
     self._default = 0
     self._priv = None
     self.loadState = self.LOAD_PRIV
Exemplo n.º 7
0
def hashToB64(h):
    """Converts a hash object to its base 64 representation

    Args:
        h; spki.Hash

    Returns:
        String
    """

    if spki.isa(h, spki.Hash):
        return sexp.str_to_b64(h.value)
    else:
        raise ValueError("Hash object not supplied")
Exemplo n.º 8
0
 def loadObject(self, obj):
     if not spki.isa(obj, spki.PublicKey):
         print "Warning: Unexpected SPKI object. Skipping."
         print obj.__class__
         print sexp.pprint(obj.sexp())
         return
     p = obj.getPrincipal()
     if self.principals.has_key(p):
         print "Warning: Duplicate definition of %s" % str(p)
         print "Old definition:"
         print sexp.pprint(self.principals[p].sexp())
         print "New definition:"
         print sexp.pprint(obj.sexp())
     self.principals[p] = obj
Exemplo n.º 9
0
def parseKeyIdInput(buf, keystore, parseName=True):
    """Parses a string into a spki.Hash object

    String  could be a sexp, a base 64 encoded version of the hash or a name

    Taken from the spkitool.py in pisces but doesn't use global variables
    and raises different exceptions.

    Args:
        buf: String to be parsed.

        keystore: KeyStore object.

        parseName: Bool.

    Returns:
        spki.Hash object

    Raises:
        ValueError: Raised if buf fails to parse

        NameError: Raised if buf is an unbound name.
    """

    try:
        p = spki.parseText(buf)
    except sexp.ParseError:
        # It wasnt an sexp, try next potential format
        pass
    else:
        if spki.isa(p, spki.Hash):
            return p

    #  Parse an MD5 hash in B64 representation
    #  Will always be 24 chars long and end in ==

    if len(buf) == 24 and buf[-2:] == '==':
        try:
            digest = sexp.b64_to_str(buf)
            p = spki.Hash('md5', digest)
        except binascii.Error:
            pass
        else:
            return p

    if not parseName:
        raise ValueError("Unable to parse %s to hash" % buf)

    ns = keystore.getDefaultKey()
    if ns is None:
        raise ValueError('No default key specified')

    certs = keystore.lookupName(buf, ns)

    matches = []
    for seq in certs:
        for elt in seq:
            if isinstance(elt, spki.Cert) and elt.isNameCert():
                subj = elt.getSubject().getPrincipal()
                if subj not in matches:
                    matches.append(subj)
    l = len(matches)
    if l == 0:
        raise NameError('No key bound to name: %s' % buf)
    if l != 1:
        raise NameError('Ambiguous name: %s matches %d keys' % (buf, l))

    p = matches[0]
    return p
Exemplo n.º 10
0
 def writeStorageHint(self, obj, io):
     if spki.isa(obj, spki.Hash):
         io.write("# %s\n" % stripNewlines(obj.sexp()))
     elif spki.isa(obj, 'default'):
         io.write('# default private key\n')