upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-06-06 23:32:06 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

RevocationRequest.certificate auto decode/encode.

Browse source
This commit is contained in:
Jakub Warmuz 2015-02-12 15:44:05 +00:00
parent 77a637b7f0
commit a3eedc294d
No known key found for this signature in database
GPG key ID: 2A7BAD3A489B52EA
2 changed files with 16 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
letsencrypt/acme/messages.py
View file

@ -435,7 +435,7 @@ class RevocationRequest(Message):
"""
return cls(signature=other.Signature.from_msg(
kwargs["certificate"], key, sig_nonce), **kwargs)
kwargs["certificate"].as_der(), key, sig_nonce), **kwargs)
def verify(self):
"""Verify signature.
@ -446,17 +446,26 @@ class RevocationRequest(Message):
"""
# TODO: must also check that the public key encoded in the JWK object
# is the correct key for a given context.
return self.signature.verify(self.certificate)
return self.signature.verify(self.certificate.as_der())
@classmethod
def _decode_cert(cls, b64der):
return util.ComparableX509(M2Crypto.X509.load_cert_der_string(
jose.b64decode(b64der)))
@classmethod
def _encode_cert(cls, cert):
return jose.b64encode(cert.as_der())
def _fields_to_json(self):
return {
"certificate": jose.b64encode(self.certificate),
"certificate": self._encode_cert(self.certificate),
"signature": self.signature,
}
@classmethod
def _from_valid_json(cls, jobj):
return cls(certificate=jose.b64decode(jobj["certificate"]),
return cls(certificate=cls._decode_cert(jobj["certificate"]),
signature=other.Signature.from_json(
jobj["signature"], validate=False))

6
letsencrypt/client/revoker.py
View file

@ -38,13 +38,13 @@ class Revoker(object):
:rtype: :class:`letsencrypt.acme.message.Revocation`
"""
cert_der = M2Crypto.X509.load_cert(cert["backup_cert_file"]).as_der()
certificate = M2Crypto.X509.load_cert(cert["backup_cert_file"])
with open(cert["backup_key_file"], 'rU') as backup_key_file:
key = backup_key_file.read()
key = Crypto.PublicKey.RSA.importKey(backup_key_file.read())
revocation = self.network.send_and_receive_expected(
acme.messages.RevocationRequest.create(
certificate=cert_der, key=Crypto.PublicKey.RSA.importKey(key)),
certificate=certificate, key=key),
acme.messages.Revocation)
zope.component.getUtility(interfaces.IDisplay).generic_notification(