Add type argument to x509.load_certificate() so it can handle binary certs

ipalib/x509.py

@@ -45,6 +45,9 @@ from pyasn1 import error
 # Would be autogenerated from ASN.1 source by a ASN.1 parser
 # X.509 spec (rfc2459)
 
+PEM = 0
+DER = 1
+
 # Common OIDs found in a subject
 oidtable = { "2.5.4.3":  "CN",
              "2.5.4.6":  "C",
@@ -202,18 +205,18 @@ def strip_header(pem):
     return pem
 
 
-def load_certificate(pem):
+def load_certificate(data, type=PEM):
     """
     Given a base64-encoded certificate, with or without the
     header/footer, return a request object.
     """
-    pem = strip_header(pem)
+    if (type == PEM):
+        data = strip_header(data)
+        data = base64.b64decode(data)
 
-    substrate = base64.b64decode(pem)
+    return decoder.decode(data, asn1Spec=Certificate())[0]
 
-    return decoder.decode(substrate, asn1Spec=Certificate())[0]
-
-def get_subject_components(certificate):
+def get_subject_components(certificate, type=PEM):
     """
     Load an X509.3 certificate and get the subject.
 
@@ -222,16 +225,16 @@ def get_subject_components(certificate):
     """
 
     # Grab the subject, reverse it, combine it and return it
-    x509cert = load_certificate(certificate)
+    x509cert = load_certificate(certificate, type)
     return x509cert.get_subject().get_components()
 
-def get_serial_number(certificate):
+def get_serial_number(certificate, type=PEM):
     """
     Return the serial number of a certificate.
 
     Returns an integer
     """
-    x509cert = load_certificate(certificate)
+    x509cert = load_certificate(certificate, type)
     return x509cert.get_serial_number()
 
 if __name__ == '__main__':