Пример #1
0
    def htmlprint(self):

        # Convert character sets
        subjectdatalist = []
        issuerdatalist = []
        for attr in X509v1_certattrlist:
            subjectdatalist.append(
                string.strip(charset.asn12html4(self.subject.get(attr, ''))))
            issuerdatalist.append(
                string.strip(charset.asn12html4(self.issuer.get(attr, ''))))

        return """
  <TABLE BORDER=1 WIDTH="100%%" CELLPADDING="5%%">
  <TR>
    <TD WIDTH="50%%">
      <DL>
        <DT><STRONG>This certificate belongs to:</STRONG></DT>
        <DD>%s</DD>
      </DL>
    </TD>
    <TD>
      <DL>
        <DT><STRONG>This certificate was issued by:</STRONG></DT>
        <DD>%s</DD>
      </DL>
    </TD>
  </TR>
  <TR>
    <TD COLSPAN=2>
      <DL>
        <DT><STRONG>Serial Number:</STRONG><DT>
        <DD>%s</DD>
        <DT><STRONG>This certificate is valid from %s until %s.</STRONG></DT>
        <DT><STRONG>Certificate Fingerprint:</STRONG></DT>
        <DD><PRE>SHA-1: %s<BR>MD5:   %s</PRE></DD>
      </DL>
    </TD>
  </TR>
  </TABLE>
  """ % ( \
              string.join(subjectdatalist,'<BR>'),
              string.join(issuerdatalist,'<BR>'),
              self.serial,
        self.notBefore,
        self.notAfter,
        self.getfingerprint('sha1'),
        self.getfingerprint('md5'),
             )
Пример #2
0
  def htmlprint(self):

    # Convert character sets
    subjectdatalist = []
    issuerdatalist = []
    for attr in X509v1_certattrlist:
      subjectdatalist.append(string.strip(charset.asn12html4(self.subject.get(attr,''))))
      issuerdatalist.append(string.strip(charset.asn12html4(self.issuer.get(attr,''))))

    return """
  <TABLE BORDER=1 WIDTH="100%%" CELLPADDING="5%%">
  <TR>
    <TD WIDTH="50%%">
      <DL>
        <DT><STRONG>This certificate belongs to:</STRONG></DT>
        <DD>%s</DD>
      </DL>
    </TD>
    <TD>
      <DL>
        <DT><STRONG>This certificate was issued by:</STRONG></DT>
        <DD>%s</DD>
      </DL>
    </TD>
  </TR>
  <TR>
    <TD COLSPAN=2>
      <DL>
        <DT><STRONG>Serial Number:</STRONG><DT>
        <DD>%s</DD>
        <DT><STRONG>This certificate is valid from %s until %s.</STRONG></DT>
        <DT><STRONG>Certificate Fingerprint:</STRONG></DT>
        <DD><PRE>SHA-1: %s<BR>MD5:   %s</PRE></DD>
      </DL>
    </TD>
  </TR>
  </TABLE>
  """ % ( \
          string.join(subjectdatalist,'<BR>'),
          string.join(issuerdatalist,'<BR>'),
          self.serial,
	  self.notBefore,
	  self.notAfter,
	  self.getfingerprint('sha1'),
	  self.getfingerprint('md5'),
         )
Пример #3
0
def PrintFound(form, found, cellpadding=2, width=100):

    print '<TABLE BORDER CELLPADDING=%d%% WIDTH=%d%%>' % (cellpadding, width)
    print '<TR><TH>CA name</TH><TH COLSPAN=3>Serial</TH><TH>valid<BR>until</TH>'
    for i in searchkeys:
        print '<TH><FONT SIZE=-1>%s</FONT></TH>' % (form.field[i][0].text)
    print '</TR>'

    for ca_name in found.keys():
        ca = opensslcnf.getcadata(ca_name)
        if ca.isservercert():
            certtype = 'server'
        else:
            certtype = 'email'
        for i in found[ca_name]:
            print '<TR><TD>%s</TD>' % (ca_name)
            if i[DB_type] == DB_TYPE_REV:
                print '<TD>%s</TD><TD>&nbsp;</TD><TD><A HREF="%s%s/%s/%s?%s">View</A></TD><TD>revoked %s</TD>' % ( \
             i[DB_serial],
                nsBaseUrl,nsViewCertUrl,ca_name,certtype,i[DB_serial],
                strftime('%Y-%m-%d %H:%M',localtime(mktime(dbtime2tuple(i[DB_rev_date]))))
                )
            elif i[DB_type] == DB_TYPE_EXP:
                print '<TD>%s</TD><TD>&nbsp;</TD><TD><A HREF="%s%s/%s/%s?%s">View</A></TD><TD>expired %s</TD>' % ( \
           i[DB_serial],
                nsBaseUrl,nsViewCertUrl,ca_name,certtype,i[DB_serial],
                strftime('%Y-%m-%d %H:%M',localtime(mktime(dbtime2tuple(i[DB_exp_date]))))
                )
            elif i[DB_type] == DB_TYPE_VAL:
                print '<TD>%s</TD><TD><A HREF="%s%s/%s/%s.crt?%s">Load</A></TD><TD><A HREF="%s%s/%s/%s?%s">View</A></TD><TD>%s</TD>' % ( \
           i[DB_serial],
                nsBaseUrl,nsGetCertUrl,ca_name,certtype,i[DB_serial],
                nsBaseUrl,nsViewCertUrl,ca_name,certtype,i[DB_serial],
                strftime('%Y-%m-%d %H:%M',localtime(mktime(dbtime2tuple(i[DB_exp_date]))))
                )
            else:
                raise ValueError
            dnfield = SplitDN(i[DB_name])
            for j in searchkeys:
                if dnfield.has_key(j) and dnfield[j]:
                    if j == "Email":
                        print '<TD><FONT SIZE=-1><A HREF="mailto:%s">%s</A></FONT></TD>' % (
                            dnfield[j], dnfield[j])
                    else:
                        print '<TD><FONT SIZE=-1>%s</FONT></TD>' % charset.asn12html4(
                            dnfield[j])
                else:
                    print '<TD>&nbsp;</TD>'
            print '</TR>'

    print '</TABLE>'

    return
Пример #4
0
def PrintFound(form,found,cellpadding=2,width=100):

  print '<TABLE BORDER CELLPADDING=%d%% WIDTH=%d%%>' % (cellpadding,width)
  print '<TR><TH>CA name</TH><TH COLSPAN=3>Serial</TH><TH>valid<BR>until</TH>'
  for i in searchkeys:
    print '<TH><FONT SIZE=-1>%s</FONT></TH>' % (form.field[i][0].text)
  print '</TR>'

  for ca_name in found.keys():
    ca = opensslcnf.getcadata(ca_name)
    if ca.isservercert():
      certtype='server'
    else:
      certtype='email'
    for i in found[ca_name]:
      print '<TR><TD>%s</TD>' % (ca_name)
      if i[DB_type]==DB_TYPE_REV:
        print '<TD>%s</TD><TD>&nbsp;</TD><TD><A HREF="%s%s/%s/%s?%s">View</A></TD><TD>revoked %s</TD>' % ( \
  	  i[DB_serial],
	  nsBaseUrl,nsViewCertUrl,ca_name,certtype,i[DB_serial],
	  strftime('%Y-%m-%d %H:%M',localtime(mktime(dbtime2tuple(i[DB_rev_date]))))
	)
      elif i[DB_type]==DB_TYPE_EXP:
        print '<TD>%s</TD><TD>&nbsp;</TD><TD><A HREF="%s%s/%s/%s?%s">View</A></TD><TD>expired %s</TD>' % ( \
	  i[DB_serial],
	  nsBaseUrl,nsViewCertUrl,ca_name,certtype,i[DB_serial],
	  strftime('%Y-%m-%d %H:%M',localtime(mktime(dbtime2tuple(i[DB_exp_date]))))
	)
      elif i[DB_type]==DB_TYPE_VAL:
        print '<TD>%s</TD><TD><A HREF="%s%s/%s/%s.crt?%s">Load</A></TD><TD><A HREF="%s%s/%s/%s?%s">View</A></TD><TD>%s</TD>' % ( \
	  i[DB_serial],
	  nsBaseUrl,nsGetCertUrl,ca_name,certtype,i[DB_serial],
	  nsBaseUrl,nsViewCertUrl,ca_name,certtype,i[DB_serial],
	  strftime('%Y-%m-%d %H:%M',localtime(mktime(dbtime2tuple(i[DB_exp_date]))))
	)
      else:
        raise ValueError
      dnfield = SplitDN(i[DB_name])
      for j in searchkeys:
	if dnfield.has_key(j) and dnfield[j]:
	  if j=="Email":
            print '<TD><FONT SIZE=-1><A HREF="mailto:%s">%s</A></FONT></TD>' % (dnfield[j],dnfield[j])
	  else:
            print '<TD><FONT SIZE=-1>%s</FONT></TD>' % charset.asn12html4(dnfield[j])
	else:
          print '<TD>&nbsp;</TD>'
      print '</TR>'

  print '</TABLE>'

  return
Пример #5
0
            cert = ReadCertFromFileObject(os.popen(command))
        else:
            cert = open(certfilename, 'r').read()
            mimetype = 'application/x-x509-user-cert'

else:
    htmlbase.PrintErrorMsg('Invalid certificate type "%s"' % cert_type)
    sys.exit(0)

if browser_name == 'MSIE' and cert_type == 'user':
    import vbs, charset
    htmlbase.PrintHeader('Install certificate')
    htmlbase.PrintHeading('Install certificate')
    print 'Certificate of type <STRONG>%s</STRONG>:<P>' % ca_name
    print 'Subject DN: %s<BR>Valid until: %s' % ( \
      charset.asn12html4(entry[DB_name]), \
      strftime('%d.%m.%Y',localtime(mktime(dbtime2tuple(entry[DB_exp_date])))) \
    )
    vbs.PrintVBSXenrollObject()
    print '<SCRIPT Language=VBSCRIPT>\n<!-- '
    vbs.PrintVBSCertInstallCode(
        string.strip(entry[DB_name]), entry[DB_serial],
        strftime('%d.%m.%Y',
                 localtime(mktime(dbtime2tuple(entry[DB_exp_date])))), cert)
    print ' -->\n</SCRIPT>'
    htmlbase.PrintFooter()
else:
    # Simply write MIME-type and certificate data to stdout
    sys.stdout.flush()
    sys.stdout.write('Content-type: %s\n\n' % mimetype)
    if cert_format == 'der':
Пример #6
0
    sys.exit(0)

# Does the certificate file exist?
if not os.path.isfile(certfilename):
    htmlbase.PrintErrorMsg('Certificate file not found.')
    sys.exit(0)

if cert_type == 'crl':

    htmlbase.PrintHeader('View CRL')
    htmlbase.PrintHeading('View CRL')
    crl = openssl.cert.CRLClass(certfilename)
    issuerdatalist = []
    for attr in openssl.cert.X509v1_certattrlist:
        issuerdatalist.append(
            string.strip(charset.asn12html4(crl.issuer.get(attr, ''))))
    print """
<DL>
  <DT><STRONG>This CRL was issued by:</STRONG></DT>
  <DD>%s</DD>
  <DT><STRONG>last updated:</STRONG></DT>
  <DD>%s</DD>
  <DT><STRONG>next update:</STRONG></DT>
  <DD>%s</DD>
</DL>
<P><A HREF="%s%s/%s/crl.crl">Download CRL</A></P>
<HR><FONT SIZE=-1><PRE>
""" % ( \
          string.join(issuerdatalist,'<BR>'),
          crl.lastUpdate,crl.nextUpdate,
    nsBaseUrl,nsGetCertUrl,ca_name
Пример #7
0
      cert = ReadCertFromFileObject(os.popen(command))
    else:
      cert = open(certfilename,'r').read()
      mimetype = 'application/x-x509-user-cert'

else:
  htmlbase.PrintErrorMsg('Invalid certificate type "%s"' % cert_type)
  sys.exit(0)

if browser_name=='MSIE' and cert_type=='user':
  import vbs, charset
  htmlbase.PrintHeader('Install certificate')
  htmlbase.PrintHeading('Install certificate')
  print 'Certificate of type <STRONG>%s</STRONG>:<P>' % ca_name
  print 'Subject DN: %s<BR>Valid until: %s' % ( \
    charset.asn12html4(entry[DB_name]), \
    strftime('%d.%m.%Y',localtime(mktime(dbtime2tuple(entry[DB_exp_date])))) \
  )
  vbs.PrintVBSXenrollObject()
  print '<SCRIPT Language=VBSCRIPT>\n<!-- '
  vbs.PrintVBSCertInstallCode(string.strip(entry[DB_name]),entry[DB_serial],strftime('%d.%m.%Y',localtime(mktime(dbtime2tuple(entry[DB_exp_date])))),cert)
  print ' -->\n</SCRIPT>'
  htmlbase.PrintFooter()
else:
  # Simply write MIME-type and certificate data to stdout
  sys.stdout.flush()
  sys.stdout.write('Content-type: %s\n\n' % mimetype)
  if cert_format=='der':
    sys.stdout.write(certhelper.pem2der(cert))
  elif cert_format=='pem':
    pem_type = {0:'CERTIFICATE',1:'CRL'}[cert_type=='crl']
Пример #8
0
def PrintSecInfo(acceptedciphers,
                 valid_dn_regex='',
                 valid_idn_regex='',
                 f=sys.stdout):

    seclevel = SecLevel(acceptedciphers, valid_dn_regex, valid_idn_regex)

    f.write(
        """<h3>Security level</h3><p>Current security level is: <strong>%d</strong></p>
           <table cellspacing=5%%>
	   <tr>
	     <td align=center width=10%%>0</td>
	     <td>no encryption at all</td>
	   </tr>
	   <tr>
	     <td align=center>1</td>
	     <td>Session is encrypted with SSL and cipher is accepted</td>
	   </tr>
	   <tr>
	     <td align=center>2</td>
	     <td>Client presented valid certificate,<br>
	     the DN of the certified object matches "<CODE>%s</CODE>"<br>
	     and the DN of the certifier matches "<CODE>%s</CODE>"</td>
	   </tr>
	   </table>
	   """ % (seclevel, valid_dn_regex, valid_idn_regex))

    if seclevel >= 1:

        SSL_CIPHER_ALGKEYSIZE = os.environ.get(
            'SSL_CIPHER_ALGKEYSIZE',
            os.environ.get(
                'HTTPS_KEYSIZE',
                os.environ.get('SSL_KEYSIZE',
                               os.environ.get('SSL_SERVER_KEY_SIZE', ''))))
        SSL_CIPHER_EXPORT = os.environ.get(
            'SSL_CIPHER_EXPORT',
            os.environ.get('HTTPS_EXPORT', os.environ.get('SSL_EXPORT', '')))
        SSL_CIPHER = os.environ.get('SSL_CIPHER',
                                    os.environ.get('HTTPS_CIPHER', ''))
        SSL_CIPHER_USEKEYSIZE = os.environ.get(
            'SSL_CIPHER_USEKEYSIZE',
            os.environ.get('HTTPS_SECRETKEYSIZE',
                           os.environ.get('SSL_SECKEYSIZE', '')))
        SSL_SERVER_S_DN = os.environ.get('SSL_SERVER_S_DN',
                                         os.environ.get('SSL_SERVER_DN', ''))
        SSL_SERVER_I_DN = os.environ.get('SSL_SERVER_I_DN',
                                         os.environ.get('SSL_SERVER_IDN', ''))

        f.write(
            """You connected with cipher <strong>%s</strong>, key size <strong>%s Bit</strong>, actually used key size <strong>%s Bit</strong>.<p>
<h3>Server certificate</h3>
<table summary="Server certificate">
  <tr>
    <td>
      <dl>
	<dt>This certificate belongs to:</dt>
	<dd>%s</dd>
      </dl>
    </td>
    <td>
      <dl>
	<dt>This certificate was issued by:</dt>
	<dd>%s</dd>
      </dl>
    </td>
  </tr>
</table>
""" % (SSL_CIPHER, SSL_CIPHER_ALGKEYSIZE, SSL_CIPHER_USEKEYSIZE,
        string.join(string.split(charset.asn12html4(SSL_SERVER_S_DN), '/'),
                   '<br>'),
        string.join(string.split(charset.asn12html4(SSL_SERVER_I_DN), '/'),
                   '<br>')))

    if seclevel >= 2:

        SSL_CLIENT_I_DN = os.environ.get('SSL_CLIENT_I_DN',
                                         os.environ.get('SSL_CLIENT_IDN', ''))
        SSL_CLIENT_S_DN = os.environ.get('SSL_CLIENT_S_DN',
                                         os.environ.get('SSL_CLIENT_DN', ''))

        f.write("""<h3>Your client certificate</h3>
<table summary="Client certificate">
  <tr>
    <td>
      <dl>
	<dt>This certificate belongs to:</dt>
	<dd>%s</dd>
      </dl>
    </td>
    <td>
      <dl>
	<dt>This certificate was issued by:</dt>
	<dd>%s</dd>
      </dl>
    </td>
  </tr>
</table>
""" % (string.join(string.split(charset.asn12html4(SSL_CLIENT_S_DN), '/'),
                   '<br>'),
        string.join(string.split(charset.asn12html4(SSL_CLIENT_I_DN), '/'),
                   '<br>')))
Пример #9
0
  htmlbase.PrintErrorMsg('Invalid certificate type "%s"' % cert_type)
  sys.exit(0)

# Does the certificate file exist?
if not os.path.isfile(certfilename):
  htmlbase.PrintErrorMsg('Certificate file not found.')
  sys.exit(0)

if cert_type=='crl':

  htmlbase.PrintHeader('View CRL')
  htmlbase.PrintHeading('View CRL')
  crl = openssl.cert.CRLClass(certfilename)
  issuerdatalist = []
  for attr in openssl.cert.X509v1_certattrlist:
    issuerdatalist.append(string.strip(charset.asn12html4(crl.issuer.get(attr,''))))
  print """
<DL>
  <DT><STRONG>This CRL was issued by:</STRONG></DT>
  <DD>%s</DD>
  <DT><STRONG>last updated:</STRONG></DT>
  <DD>%s</DD>
  <DT><STRONG>next update:</STRONG></DT>
  <DD>%s</DD>
</DL>
<P><A HREF="%s%s/%s/crl.crl">Download CRL</A></P>
<HR><FONT SIZE=-1><PRE>
""" % ( \
        string.join(issuerdatalist,'<BR>'),
        crl.lastUpdate,crl.nextUpdate,
	nsBaseUrl,nsGetCertUrl,ca_name