Split x509.load_certificate() into PEM/DER functions

Splitting the load_certificate() function into two separate helps us word the requirements for the input explicitly. It also makes our backend similar to the one of python-cryptography so eventually we can swap python-cryptography for IPA x509 module. https://pagure.io/freeipa/issue/4985 Reviewed-By: Fraser Tweedale <ftweedal@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Martin Basti <mbasti@redhat.com>
2025-02-25 18:55:28 -06:00 · 2017-06-16 09:36:26 +02:00
parent 284658e08e
commit 4375ef860f
15 changed files with 106 additions and 94 deletions
--- a/ipaclient/plugins/cert.py
+++ b/ipaclient/plugins/cert.py
@@ -66,7 +66,7 @@ class CertRetrieveOverride(MethodOverride):
                certs = result['result']['certificate_chain']
            else:
                certs = [result['result']['certificate']]
-            certs = (x509.normalize_certificate(cert) for cert in certs)
+            certs = (x509.ensure_der_format(cert) for cert in certs)
            certs = (x509.make_pem(base64.b64encode(cert)) for cert in certs)
            with open(certificate_out, 'w') as f:
                f.write('\n'.join(certs))