On 07/25/2011 02:10 PM, nmset wrote:
Gajim is excellent for client authentication through credentials stored in a
PKCS12 container. It rejects however a PKCS12 file
protected by a password.
tlsnb_nb.py opens the PKCS12 file with :
p12 = OpenSSL.crypto.load_pkcs12(open(conn.client_cert).read())
It may also open a password protected PKCS12 container with :
p12 = OpenSSL.crypto.load_pkcs12(open(conn.client_cert).read(), p12pwd)
Testing with hard-coded password works fine.
I don't have the resources to code in Python, I guess it would be fairly easy
for Python gurus to modify tls_nb.py to popup a
dialog requesting a password for the container.
It's not that easy because tls_nb.py has nothing to do with GUI, so it
cannot display a dialog itself. Connection object should try to open the
certificat, if that fails, asks a password, before trying to connect.
But I can look at that.
Could you tell me what happens if you call directly
OpenSSL.crypto.load_pkcs12(open(PATH_TO_CERT).read()) on a password
protected cert? Does it raises a message about missing password?
I ask that to know how to detect it's protected or not.
Gajim-devel mailing list