On Fri, 2009-12-18 at 08:32 -0500, John Dennis wrote:
> On 12/18/2009 07:45 AM, Jason Gerard DeRose wrote:
> > On Thu, 2009-12-17 at 11:32 -0500, Rob Crittenden wrote:
> >> Found a few problems with certificate handling with certmonger. Add a
> >> try/except to handle base64-encoded certificates more gracefully. I had
> >> also missed a function import causing things to blow up in some cases.
> >> rob
> > ack. pushed to master.
> Hmm... maybe this should have been NAK'ed. The issues were under active
> discussion. I don't think the patch is doing any harm but I'm not sure
> it's the right solution. Maybe the patch shouldn't have been applied.
Ah, sorry about that... I got the impression that this was an innocent
stop-gap till we decide upon the details here.
> We have to be careful with our data types.
> The patch effectively was trying to determine if a certificate was
> encoded in binary DER format as opposed to base64 encoded PEM format by
> trying to base64 decode the certificate, if it successfully decoded it
> was assumed to be PEM. That's not the right way to handle this IMHO.
> We either need to:
> * adopt the convention that all certificates are in pem format when
> exchanged at an interface boundary
> * Have a method to unambiguously identify the certificate encoding, this
> could be done in one of two ways.
> 1. Always associate an encoding format attribute with the certificate
> 2. We do have the ability to unambiguously distinguish between binary
> objects and text objects. We could adopt the convention that if the data
> type of the certificate object is binary it is in DER format and if the
> data type of the certificate is TEXT then it's in PEM format.
> The distinction between binary and text is based on whether the object
> is a str class or a unicode class. The downside of this approach is
> we've haven't been rigorous with enforcing the correct data types, a
> problem compounded by the fact Python happily converts between str and
> unicode silently. Provided we're careful with using the right data type
> then the following would work:
> if type(cert) is unicode:
> cert_der = base64.b64decode(cert)
> cert_der = cert
> if type(cert) is str:
> cert_pem = cert
> cert_pem = der_cert_to_pem(cert)
> What we don't want to do is start employing heuristics to guess the
> encoding, format, or data type of objects, it's not robust defensive
> coding practice.
Freeipa-devel mailing list