From 7938c8a5d6f43dc0ea494af965e9e146648dbb40 Mon Sep 17 00:00:00 2001 From: idziubenko Date: Tue, 10 Aug 2021 17:53:30 +0300 Subject: [PATCH] fixed multiple bugs with cert operations --- .../application/CertificateClass.py | 4 +- pym/consolegui/application/client_class.py | 37 ++++++++++--------- pym/consolegui/application/dbus_service.py | 1 - 3 files changed, 21 insertions(+), 21 deletions(-) diff --git a/pym/consolegui/application/CertificateClass.py b/pym/consolegui/application/CertificateClass.py index e4aba65..fc28644 100644 --- a/pym/consolegui/application/CertificateClass.py +++ b/pym/consolegui/application/CertificateClass.py @@ -323,8 +323,8 @@ class CertClass (qt.QWidget): (OpenSSL.SSL.FILETYPE_PEM, ca_root) Issuer = certobj.get_issuer().get_components() for item in Issuer: - if item[0] == 'CN': - filename = item[1] + if item[0] == b'CN': + filename = item[1].decode("UTF-8") fc = open(root_cert_md5,"a") fc.write('%s %s\n' %(md5sum, filename)) diff --git a/pym/consolegui/application/client_class.py b/pym/consolegui/application/client_class.py index 7f3220e..a218411 100644 --- a/pym/consolegui/application/client_class.py +++ b/pym/consolegui/application/client_class.py @@ -66,10 +66,10 @@ def verify(server_cert, crl_path, flag): Issuer = certobj.get_issuer().get_components() CN, L = None, None for i in Issuer: - if i[0] == 'CN': - CN = i[1] - elif i[0] == 'L': - L = i[1] + if i[0] == b'CN': + CN = i[1].decode("UTF-8") + elif i[0] == b'L': + L = i[1].decode("UTF-8") if CN and len(CN) > 2: crl_file = crl_path + CN elif L: @@ -103,8 +103,8 @@ def verify(server_cert, crl_path, flag): for rvk in revoked_objects: if serverSerial == int(rvk.get_serial(), 16): print(_("This certificate has been revoked!")) - print (_("Serial") + ': %s\n' % rvk.get_serial() + - _("Revoke date") + _(': %s') % rvk.get_rev_date()) + print (_("Serial") + ': %s\n' % rvk.get_serial().decode("UTF-8") + + _("Revoke date") + _(': %s') % rvk.get_rev_date().decode("UTF-8")) raise VerifyError('CRL Exception') return 0 @@ -122,6 +122,7 @@ class AddServerCert (qt.QDialog): self.grid.addWidget(LabelWordWrap(_('Untrusted Server Certificate!'), \ self), 0, 1, 1, 2) + #TODO check if digest / get_serial_number return str or bytes certobj = OpenSSL.crypto.load_certificate \ (OpenSSL.SSL.FILETYPE_PEM, cert) self.grid.addWidget(LabelWordWrap (_('Fingerprint = %s') \ @@ -149,7 +150,7 @@ class AddServerCert (qt.QDialog): Subject = certobj.get_subject().get_components() for item in Subject: self.subject_layout.addWidget(LabelWordWrap \ - ("%s : %s" %(item[0], item[1]),self)) + ("%s : %s" %(item[0].decode("UTF-8"), item[1].decode("UTF-8")),self)) self.subject_wgt.setLayout(self.subject_layout) self.tab.addTab(self.subject_wgt, _('Subject')) @@ -464,8 +465,8 @@ class CheckingClientHTTPSConnection(httplib.HTTPSConnection): (OpenSSL.SSL.FILETYPE_PEM, cert) Issuer = certobj.get_issuer().get_components() for item in Issuer: - if item[0] == 'CN': - filename = item[1] + if item[0] == b'CN': + filename = item[1].decode("UTF-8") with open(root_cert_md5,"a") as fc: fc.write('%s %s\n' %(md5sum, filename)) @@ -526,11 +527,11 @@ class CheckingClientHTTPSConnection(httplib.HTTPSConnection): Issuer = certobj.get_issuer().get_components() inf_text += '\n'+_("Issuer") for i in Issuer: - inf_text += "\n %s : %s" %(i[0], i[1]) + inf_text += "\n %s : %s" %(i[0].decode("UTF-8"), i[1].decode("UTF-8")) Subject = certobj.get_subject().get_components() inf_text += '\n'+_("Subject") for subj in Subject: - inf_text += "\n %s : %s" %(subj[0], subj[1]) + inf_text += "\n %s : %s" %(subj[0].decode("UTF-8"), subj[1].decode("UTF-8")) text = _("Add the CA certificate to trusted? ") reply = show_question(self.ClientObj.MainWidget, text, inf_text, @@ -794,10 +795,10 @@ def get_CRL(path_to_cert): CN = None Subject = certobj.get_subject().get_components() for subj in Subject: - if subj[0] == 'L': - url = "https://" + subj[1] +"/?wsdl" - if subj[0] == 'CN': - CN = subj[1] + if subj[0] == b'L': + url = "https://" + subj[1].decode("UTF-8") +"/?wsdl" + if subj[0] == b'CN': + CN = subj[1].decode("UTF-8") if url: # connect to ca server (url get from certificates) @@ -820,7 +821,7 @@ def get_CRL(path_to_cert): if CN and len(CN) > 2: CRL_file = CRL_path + CN else: - host = subj[1].split(':')[0] + host = subj[1].split(b':')[0].decode("UTF-8") CRL_file = CRL_path + host if new_crl == ' ': open(CRL_file, 'w').close() @@ -844,8 +845,8 @@ def find_ca_in_crl(CRL_path, all_ca_certs_list): Issuer = certobj.get_issuer().get_components() for item in Issuer: - if item[0] == 'CN': - CN = item[1] + if item[0] == b'CN': + CN = item[1].decode("UTF-8") serverSerial = certobj.get_serial_number() CRL = CRL_path + CN if not os.path.exists(CRL): diff --git a/pym/consolegui/application/dbus_service.py b/pym/consolegui/application/dbus_service.py index 3b15c72..e26dec3 100644 --- a/pym/consolegui/application/dbus_service.py +++ b/pym/consolegui/application/dbus_service.py @@ -35,7 +35,6 @@ class DBusWidget(dbus.service.Object): @dbus.service.method(DBUS_NAME, in_signature='', out_signature='') def show(self): self._parent.hide() - debug(11, "DEBUG DBusWidget") self._parent.show() self._parent.showNormal()