git://git.onelab.eu
/
sfa.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
python3 - 2to3 + miscell obvious tweaks
[sfa.git]
/
sfa
/
trust
/
certificate.py
diff --git
a/sfa/trust/certificate.py
b/sfa/trust/certificate.py
index
199504d
..
cdad52a
100644
(file)
--- a/
sfa/trust/certificate.py
+++ b/
sfa/trust/certificate.py
@@
-45,7
+45,7
@@
#
#
-from __future__ import print_function
+
import functools
import os
import functools
import os
@@
-182,7
+182,8
@@
class Keypair:
# @param filename name of file to store the keypair in
def save_to_file(self, filename):
# @param filename name of file to store the keypair in
def save_to_file(self, filename):
- open(filename, 'w').write(self.as_pem())
+ with open(filename, 'w') as output:
+ output.write(self.as_pem())
self.filename = filename
##
self.filename = filename
##
@@
-520,7
+521,7
@@
class Certificate:
req = OpenSSL.crypto.X509Req()
reqSubject = req.get_subject()
if isinstance(subject, dict):
req = OpenSSL.crypto.X509Req()
reqSubject = req.get_subject()
if isinstance(subject, dict):
- for key in
reqSubject.keys(
):
+ for key in
list(reqSubject.keys()
):
setattr(reqSubject, key, subject[key])
else:
setattr(reqSubject, "CN", subject)
setattr(reqSubject, key, subject[key])
else:
setattr(reqSubject, "CN", subject)
@@
-547,7
+548,7
@@
class Certificate:
req = OpenSSL.crypto.X509Req()
subj = req.get_subject()
if isinstance(name, dict):
req = OpenSSL.crypto.X509Req()
subj = req.get_subject()
if isinstance(name, dict):
- for key in
name.keys(
):
+ for key in
list(name.keys()
):
setattr(subj, key, name[key])
else:
setattr(subj, "CN", name)
setattr(subj, key, name[key])
else:
setattr(subj, "CN", name)
@@
-583,7
+584,6
@@
class Certificate:
data = self.get_data(field='subjectAltName')
if data:
message += " SubjectAltName:"
data = self.get_data(field='subjectAltName')
if data:
message += " SubjectAltName:"
- counter = 0
filtered = [self.filter_chunk(chunk) for chunk in data.split()]
message += " ".join([f for f in filtered if f])
omitted = len([f for f in filtered if not f])
filtered = [self.filter_chunk(chunk) for chunk in data.split()]
message += " ".join([f for f in filtered if f])
omitted = len([f for f in filtered if not f])
@@
-791,11
+791,11
@@
class Certificate:
# @param cert certificate object
def is_signed_by_cert(self, cert):
# @param cert certificate object
def is_signed_by_cert(self, cert):
- k = cert.get_pubkey()
+ k
ey
= cert.get_pubkey()
logger.debug("Certificate.is_signed_by_cert -> verify on {}\n"
"with pubkey {}"
logger.debug("Certificate.is_signed_by_cert -> verify on {}\n"
"with pubkey {}"
- .format(self, k))
- result = self.verify(k)
+ .format(self, k
ey
))
+ result = self.verify(k
ey
)
return result
##
return result
##
@@
-838,7
+838,6
@@
class Certificate:
# the public key contained in it's parent. The chain is recursed
# until a certificate is found that is signed by a trusted root.
# the public key contained in it's parent. The chain is recursed
# until a certificate is found that is signed by a trusted root.
- logger.debug("Certificate.verify_chain {}".format(self.pretty_name()))
# verify expiration time
if self.x509.has_expired():
if debug_verify_chain:
# verify expiration time
if self.x509.has_expired():
if debug_verify_chain:
@@
-848,7
+847,8
@@
class Certificate:
# if this cert is signed by a trusted_cert, then we are set
for i, trusted_cert in enumerate(trusted_certs, 1):
# if this cert is signed by a trusted_cert, then we are set
for i, trusted_cert in enumerate(trusted_certs, 1):
- logger.debug("Certificate.verify_chain - trying trusted #{} : {}"
+ logger.debug(5*'-' +
+ " Certificate.verify_chain - trying trusted #{} : {}"
.format(i, trusted_cert.pretty_name()))
if self.is_signed_by_cert(trusted_cert):
# verify expiration of trusted_cert ?
.format(i, trusted_cert.pretty_name()))
if self.is_signed_by_cert(trusted_cert):
# verify expiration of trusted_cert ?
@@
-937,7
+937,7
@@
class Certificate:
return triples
def get_data_names(self):
return triples
def get_data_names(self):
- return
self.data.keys(
)
+ return
list(self.data.keys()
)
def get_all_datas(self):
triples = self.get_extensions()
def get_all_datas(self):
triples = self.get_extensions()