third_party/tlslite/tlslite/X509CertChain.py - Issue 9515015: Support reading PEM files in TLSLite

Side by Side Diff: third_party/tlslite/tlslite/X509CertChain.py

Issue 9515015: Support reading PEM files in TLSLite (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 8 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 """Class representing an X.509 certificate chain."""	1 """Class representing an X.509 certificate chain."""

2	2

3 from utils import cryptomath	3 from utils import cryptomath

	4 from X509 import X509

4	5

5 class X509CertChain:	6 class X509CertChain:

6 """This class represents a chain of X.509 certificates.	7 """This class represents a chain of X.509 certificates.

7	8

8 @type x509List: list	9 @type x509List: list

9 @ivar x509List: A list of L{tlslite.X509.X509} instances,	10 @ivar x509List: A list of L{tlslite.X509.X509} instances,

10 starting with the end-entity certificate and with every	11 starting with the end-entity certificate and with every

11 subsequent certificate certifying the previous.	12 subsequent certificate certifying the previous.

12 """	13 """

13	14

14 def __init__(self, x509List=None):	15 def __init__(self, x509List=None):

15 """Create a new X509CertChain.	16 """Create a new X509CertChain.

16	17

17 @type x509List: list	18 @type x509List: list

18 @param x509List: A list of L{tlslite.X509.X509} instances,	19 @param x509List: A list of L{tlslite.X509.X509} instances,

19 starting with the end-entity certificate and with every	20 starting with the end-entity certificate and with every

20 subsequent certificate certifying the previous.	21 subsequent certificate certifying the previous.

21 """	22 """

22 if x509List:	23 if x509List:

23 self.x509List = x509List	24 self.x509List = x509List

24 else:	25 else:

25 self.x509List = []	26 self.x509List = []

26	27

	28 def parseChain(self, s):
	Nico 2012/02/29 00:33:34 Could use a basic unit test Could use a basic unit test
	29 """Parse a PEM-encoded X.509 certificate file chain file.

	30

	31 @type s: str
	Nico 2012/02/29 00:33:34 s isn't a great parameter name. parameters are par s isn't a great parameter name. parameters are part of the interface and hence should have decent names.
	32 @param s: A PEM-encoded (eg: Base64) X.509 certificate file, with every

	33 certificate wrapped within "-----BEGIN CERTIFICATE-----" and

	34 "-----END CERTIFICATE-----" tags). Extraneous data outside such tags,

	35 such as human readable representations, will be ignored.

	36 """

	37

	38 class PEMIterator(object):

	39 """Simple iterator over PEM-encoded certificates within a string.

	40

	41 @type s: string

	42 @ivar s: A string containing PEM-encoded (Base64) certificates, with

	43 every certificate wrapped within "-----BEGIN CERTIFICATE-----" and

	44 "-----END CERTIFICATE-----" tags). Extraneous data outside such

	45 tags, such as human readable representations, will be ignored.

	46

	47 @type index: integer

	48 @param index: The current offset within s to begin iterating from
	Nico 2012/02/29 00:33:34 @ivar index? @ivar index?
	49 """

	50

	51 def __init__(self, s):

	52 self.s = s

	53 self.index = 0

	54

	55 def __iter__(self):

	56 return self

	57

	58 def next(self):

	59 """Iterates and returns the next L{tlslite.X509.X509}

	60 certificate in s

	61

	62 @rtype tlslite.X509.X509

	63 """

	64

	65 self.index = self.s.find("-----BEGIN CERTIFICATE-----",
	Nico 2012/02/29 00:33:34 Make these strings "constants"? Make these strings "constants"?
	66 self.index)

	67 if (self.index == -1):
	Nico 2012/02/29 00:33:34 no parens no parens
	68 raise StopIteration

	69 end = self.s.find("-----END CERTIFICATE-----", self.index)

	70 if (end == -1):
	Nico 2012/02/29 00:33:34 no parens no parens
	71 raise StopIteration

	72

	73 certStr = self.s[self.index+len("-----BEGIN CERTIFICATE-----") :

	74 end]

	75 self.index = end + len("-----END CERTIFICATE-----")

	76 bytes = cryptomath.base64ToBytes(certStr)

	77 cert = X509()

	78 cert.parseBinary(bytes)

	79 return cert

	80

	81 certs = []

	82 for cert in PEMIterator(s):

	83 certs.append(cert)

	84 self.x509List = certs
	Nico 2012/02/29 00:33:34 Does `self.x509List = list(PEMIerator(s))` work as Does `self.x509List = list(PEMIerator(s))` work as well?
	85 return self

	86

27 def getNumCerts(self):	87 def getNumCerts(self):

28 """Get the number of certificates in this chain.	88 """Get the number of certificates in this chain.

29	89

30 @rtype: int	90 @rtype: int

31 """	91 """

32 return len(self.x509List)	92 return len(self.x509List)

33	93

34 def getEndEntityPublicKey(self):	94 def getEndEntityPublicKey(self):

35 """Get the public key from the end-entity certificate.	95 """Get the public key from the end-entity certificate.

36	96

(...skipping 135 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
172 return False	232 return False

173 if not compareNames(cryptlib_py.CRYPT_CERTINFO_LOCALITYNAME):	233 if not compareNames(cryptlib_py.CRYPT_CERTINFO_LOCALITYNAME):

174 return False	234 return False

175 if not compareNames(cryptlib_py.CRYPT_CERTINFO_ORGANIZATIONNAME):	235 if not compareNames(cryptlib_py.CRYPT_CERTINFO_ORGANIZATIONNAME):

176 return False	236 return False

177 if not compareNames(cryptlib_py.CRYPT_CERTINFO_ORGANIZATIONALUNITNAME):	237 if not compareNames(cryptlib_py.CRYPT_CERTINFO_ORGANIZATIONALUNITNAME):

178 return False	238 return False

179 if not compareNames(cryptlib_py.CRYPT_CERTINFO_COMMONNAME):	239 if not compareNames(cryptlib_py.CRYPT_CERTINFO_COMMONNAME):

180 return False	240 return False

181 return True	241 return True

OLD	NEW

« third_party/tlslite/README.chromium ('K') | « third_party/tlslite/README.chromium ('k') | no next file » | no next file with comments »