|
Lines 70-76
for line in open('certdata.txt', 'r'):
Link Here
|
| 70 |
field, type = line_parts |
70 |
field, type = line_parts |
| 71 |
value = None |
71 |
value = None |
| 72 |
else: |
72 |
else: |
| 73 |
raise NotImplementedError, 'line_parts < 2 not supported.' |
73 |
raise NotImplementedError('line_parts < 2 not supported.') |
| 74 |
if type == 'MULTILINE_OCTAL': |
74 |
if type == 'MULTILINE_OCTAL': |
| 75 |
in_multiline = True |
75 |
in_multiline = True |
| 76 |
value = "" |
76 |
value = "" |
|
Lines 95-101
for obj in objects:
Link Here
|
| 95 |
if obj['CKA_CLASS'] not in ('CKO_NETSCAPE_TRUST', 'CKO_NSS_TRUST'): |
95 |
if obj['CKA_CLASS'] not in ('CKO_NETSCAPE_TRUST', 'CKO_NSS_TRUST'): |
| 96 |
continue |
96 |
continue |
| 97 |
if obj['CKA_LABEL'] in blacklist: |
97 |
if obj['CKA_LABEL'] in blacklist: |
| 98 |
print "Certificate %s blacklisted, ignoring." % obj['CKA_LABEL'] |
98 |
print("Certificate %s blacklisted, ignoring." % obj['CKA_LABEL']) |
| 99 |
elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_TRUSTED_DELEGATOR', |
99 |
elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_TRUSTED_DELEGATOR', |
| 100 |
'CKT_NSS_TRUSTED_DELEGATOR'): |
100 |
'CKT_NSS_TRUSTED_DELEGATOR'): |
| 101 |
trust[obj['CKA_LABEL']] = True |
101 |
trust[obj['CKA_LABEL']] = True |
|
Lines 104-116
for obj in objects:
Link Here
|
| 104 |
trust[obj['CKA_LABEL']] = True |
104 |
trust[obj['CKA_LABEL']] = True |
| 105 |
elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_UNTRUSTED', |
105 |
elif obj['CKA_TRUST_SERVER_AUTH'] in ('CKT_NETSCAPE_UNTRUSTED', |
| 106 |
'CKT_NSS_NOT_TRUSTED'): |
106 |
'CKT_NSS_NOT_TRUSTED'): |
| 107 |
print '!'*74 |
107 |
print('!'*74) |
| 108 |
print "UNTRUSTED BUT NOT BLACKLISTED CERTIFICATE FOUND: %s" % obj['CKA_LABEL'] |
108 |
print("UNTRUSTED BUT NOT BLACKLISTED CERTIFICATE FOUND: %s" % obj['CKA_LABEL']) |
| 109 |
print '!'*74 |
109 |
print('!'*74) |
| 110 |
else: |
110 |
else: |
| 111 |
print "Ignoring certificate %s. SAUTH=%s, EPROT=%s" % \ |
111 |
print("Ignoring certificate %s. SAUTH=%s, EPROT=%s" % \ |
| 112 |
(obj['CKA_LABEL'], obj['CKA_TRUST_SERVER_AUTH'], |
112 |
(obj['CKA_LABEL'], obj['CKA_TRUST_SERVER_AUTH'], |
| 113 |
obj['CKA_TRUST_EMAIL_PROTECTION']) |
113 |
obj['CKA_TRUST_EMAIL_PROTECTION'])) |
| 114 |
|
114 |
|
| 115 |
for obj in objects: |
115 |
for obj in objects: |
| 116 |
if obj['CKA_CLASS'] == 'CKO_CERTIFICATE': |
116 |
if obj['CKA_CLASS'] == 'CKO_CERTIFICATE': |
|
Lines 121-133
for obj in objects:
Link Here
|
| 121 |
.replace('(', '=')\ |
121 |
.replace('(', '=')\ |
| 122 |
.replace(')', '=')\ |
122 |
.replace(')', '=')\ |
| 123 |
.replace(',', '_') |
123 |
.replace(',', '_') |
| 124 |
bname = bname.decode('string_escape') |
124 |
bname = bname.encode().decode('unicode_escape') |
| 125 |
fname = bname + '.crt' |
125 |
fname = bname + '.crt' |
| 126 |
if os.path.exists(fname): |
126 |
if os.path.exists(fname): |
| 127 |
print "Found duplicate certificate name %s, renaming." % bname |
127 |
print("Found duplicate certificate name %s, renaming." % bname) |
| 128 |
fname = bname + '_2.crt' |
128 |
fname = bname + '_2.crt' |
| 129 |
f = open(fname, 'w') |
129 |
f = open(fname, 'w') |
| 130 |
f.write("-----BEGIN CERTIFICATE-----\n") |
130 |
f.write("-----BEGIN CERTIFICATE-----\n") |
| 131 |
f.write("\n".join(textwrap.wrap(base64.b64encode(obj['CKA_VALUE']), 64))) |
131 |
f.write("\n".join(textwrap.wrap(base64.b64encode(obj['CKA_VALUE'].encode('raw_unicode_escape')).decode(), 64))) |
| 132 |
f.write("\n-----END CERTIFICATE-----\n") |
132 |
f.write("\n-----END CERTIFICATE-----\n") |
| 133 |
|
133 |
|
