1
########################################################################
3
# (c) by Michael Stroeder, michael@stroeder.com
4
########################################################################
5
# Deal with X.509 certificates and cert requests with
6
# plain Python 1.5.2 lib
7
########################################################################
9
import string, re, base64, md5, sha
11
pem_re = re.compile('-----BEGIN (CERTIFICATE|X509 CRL|CERTIFICATE REQUEST)-----([ \w+/=\r\n]+?)-----END (CERTIFICATE|X509 CRL|CERTIFICATE REQUEST)-----',re.S+re.M)
13
def MD5Fingerprint(cert_der='',delimiter=':'):
15
MD5 fingerprint in dotted notation (delimiter between bytes)
17
cert_md5 = md5.new(cert_der).digest()
20
cert_fingerprint.append(string.upper('%02x' % (ord(i))))
21
return string.join(cert_fingerprint,delimiter)
23
def SHA1Fingerprint(cert_der='',delimiter=':'):
25
Return SHA-1 fingerprint in dotted notation (delimiter between bytes)
27
cert_sha1 = sha.new(cert_der).digest()
30
cert_fingerprint.append(string.upper('%02x' % (ord(i))))
31
return string.join(cert_fingerprint,delimiter)
33
def extract_pem(cert_text):
35
Extract all base64 encoded certs in a text file to a list of strings
38
for begin_type,cert_base64,end_type in pem_re.findall(cert_text):
39
if begin_type!=end_type:
40
raise ValueError,"-----BEGIN %s----- and -----END %s----- does not match" % (begin_type,end_type)
41
result.append((begin_type,string.strip(cert_base64)))
44
def der2pem(cert_der,cert_type='CERTIFICATE'):
46
Convert single binary DER-encoded certificate to base64 encoded format
48
return """-----BEGIN %s-----
50
""" % (cert_type,base64.encodestring(cert_der),cert_type)
52
def pem2der(cert_text):
54
Convert single base64 encoded certificate to binary DER-encoded format
56
cert_type,cert_base64 = extract_pem(cert_text)[0]
57
return base64.decodestring(string.strip(cert_base64))