[Freeipa-devel] [freeipa PR#504][synchronized] Add SHA256 fingerprints
URL: https://github.com/freeipa/freeipa/pull/504
Author: tomaskrizek
Title: #504: Add SHA256 fingerprints
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/504/head:pr504
git checkout pr504
From b61cfc0883bdb5fe998c95af9ed87ea9db3a794b Mon Sep 17 00:00:00 2001
From: Tomas Krizek
Date: Thu, 23 Feb 2017 17:03:01 +0100
Subject: [PATCH] Add SHA256 fingerprints for certs
https://fedorahosted.org/freeipa/ticket/6701
---
install/ui/src/freeipa/certificate.js | 6 +-
ipaserver/plugins/cert.py | 7 +++
ipaserver/plugins/host.py | 4
ipaserver/plugins/service.py | 6 ++
ipatests/test_xmlrpc/test_host_plugin.py | 1 +
ipatests/test_xmlrpc/test_service_plugin.py| 7 +++
ipatests/test_xmlrpc/tracker/host_plugin.py| 1 +
ipatests/test_xmlrpc/tracker/service_plugin.py | 4 ++--
8 files changed, 33 insertions(+), 3 deletions(-)
diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js
index b86c6cf..0cb43c7 100755
--- a/install/ui/src/freeipa/certificate.js
+++ b/install/ui/src/freeipa/certificate.js
@@ -571,6 +571,7 @@ IPA.cert.loader = function(spec) {
serial_number: result.serial_number,
serial_number_hex: result.serial_number_hex,
sha1_fingerprint: result.sha1_fingerprint,
+sha256_fingerprint: result.sha256_fingerprint,
subject: result.subject,
valid_not_after: result.valid_not_after,
valid_not_before: result.valid_not_before
@@ -1578,6 +1579,9 @@ exp.create_cert_metadata = function() {
add_param('sha1_fingerprint',
text.get('@i18n:objects.cert.sha1_fingerprint'),
text.get('@i18n:objects.cert.sha1_fingerprint'));
+add_param('sha256_fingerprint',
+text.get('@i18n:objects.cert.sha256_fingerprint'),
+text.get('@i18n:objects.cert.sha256_fingerprint'));
add_param('certificate',
text.get('@i18n:objects.cert.certificate'),
text.get('@i18n:objects.cert.certificate'));
@@ -1755,6 +1759,7 @@ return {
'valid_not_before',
'valid_not_after',
'sha1_fingerprint',
+'sha256_fingerprint',
{
$type: 'revocation_reason',
name: 'revocation_reason'
@@ -1871,7 +1876,6 @@ IPA.cert.details_facet = function(spec, no_init) {
that.create_refresh_command = function() {
var command = that.details_facet_create_refresh_command();
-delete command.options.all;
delete command.options.rights;
command.options = command.options || {};
diff --git a/ipaserver/plugins/cert.py b/ipaserver/plugins/cert.py
index 585a70e..a60dc41 100644
--- a/ipaserver/plugins/cert.py
+++ b/ipaserver/plugins/cert.py
@@ -350,6 +350,11 @@ class BaseCertObject(Object):
label=_('Fingerprint (SHA1)'),
flags={'no_create', 'no_update', 'no_search'},
),
+Str(
+'sha256_fingerprint',
+label=_('Fingerprint (SHA256)'),
+flags={'no_create', 'no_update', 'no_search'},
+),
Int(
'serial_number',
label=_('Serial number'),
@@ -390,6 +395,8 @@ def _parse(self, obj, full=True):
if full:
obj['sha1_fingerprint'] = x509.to_hex_with_colons(
cert.fingerprint(hashes.SHA1()))
+obj['sha256_fingerprint'] = x509.to_hex_with_colons(
+cert.fingerprint(hashes.SHA256()))
general_names = x509.process_othernames(
x509.get_san_general_names(cert))
diff --git a/ipaserver/plugins/host.py b/ipaserver/plugins/host.py
index 7ceec8e..dcadd54 100644
--- a/ipaserver/plugins/host.py
+++ b/ipaserver/plugins/host.py
@@ -514,6 +514,10 @@ class host(LDAPObject):
label=_('Fingerprint (SHA1)'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
+Str('sha256_fingerprint',
+label=_('Fingerprint (SHA256)'),
+flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
+),
Str('revocation_reason?',
label=_('Revocation reason'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
diff --git a/ipaserver/plugins/service.py b/ipaserver/plugins/service.py
index 3349889..03271d6 100644
--- a/ipaserver/plugins/service.py
+++ b/ipaserver/plugins/service.py
@@ -276,6 +276,8 @@ def set_certificate_attrs(entry_attrs):
entry_attrs['valid_not_after'] = x509.format_datetime(cert.not_valid_after)
entry_attrs['sha1_fingerprint'] = x509.to_hex_with_colons(
cert.fingerprint(hashes.SHA1()))
+
[Freeipa-devel] [freeipa PR#504][synchronized] Add SHA256 fingerprints
URL: https://github.com/freeipa/freeipa/pull/504
Author: tomaskrizek
Title: #504: Add SHA256 fingerprints
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/504/head:pr504
git checkout pr504
From 3ee0bda061ec5c51b31a35a9b23f4870dd8709a0 Mon Sep 17 00:00:00 2001
From: Tomas Krizek
Date: Thu, 23 Feb 2017 17:03:01 +0100
Subject: [PATCH] Add SHA256 fingerprints for certs
https://fedorahosted.org/freeipa/ticket/6701
---
install/ui/src/freeipa/certificate.js | 6 +-
install/ui/test/data/service_show.json | 1 +
ipaserver/plugins/cert.py | 7 +++
ipaserver/plugins/host.py | 4
ipaserver/plugins/service.py | 6 ++
ipatests/test_xmlrpc/test_host_plugin.py | 1 +
ipatests/test_xmlrpc/test_service_plugin.py| 7 +++
ipatests/test_xmlrpc/tracker/host_plugin.py| 1 +
ipatests/test_xmlrpc/tracker/service_plugin.py | 4 ++--
9 files changed, 34 insertions(+), 3 deletions(-)
diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js
index b86c6cf..0cb43c7 100755
--- a/install/ui/src/freeipa/certificate.js
+++ b/install/ui/src/freeipa/certificate.js
@@ -571,6 +571,7 @@ IPA.cert.loader = function(spec) {
serial_number: result.serial_number,
serial_number_hex: result.serial_number_hex,
sha1_fingerprint: result.sha1_fingerprint,
+sha256_fingerprint: result.sha256_fingerprint,
subject: result.subject,
valid_not_after: result.valid_not_after,
valid_not_before: result.valid_not_before
@@ -1578,6 +1579,9 @@ exp.create_cert_metadata = function() {
add_param('sha1_fingerprint',
text.get('@i18n:objects.cert.sha1_fingerprint'),
text.get('@i18n:objects.cert.sha1_fingerprint'));
+add_param('sha256_fingerprint',
+text.get('@i18n:objects.cert.sha256_fingerprint'),
+text.get('@i18n:objects.cert.sha256_fingerprint'));
add_param('certificate',
text.get('@i18n:objects.cert.certificate'),
text.get('@i18n:objects.cert.certificate'));
@@ -1755,6 +1759,7 @@ return {
'valid_not_before',
'valid_not_after',
'sha1_fingerprint',
+'sha256_fingerprint',
{
$type: 'revocation_reason',
name: 'revocation_reason'
@@ -1871,7 +1876,6 @@ IPA.cert.details_facet = function(spec, no_init) {
that.create_refresh_command = function() {
var command = that.details_facet_create_refresh_command();
-delete command.options.all;
delete command.options.rights;
command.options = command.options || {};
diff --git a/install/ui/test/data/service_show.json b/install/ui/test/data/service_show.json
index 213dfff..597f3ad 100644
--- a/install/ui/test/data/service_show.json
+++ b/install/ui/test/data/service_show.json
@@ -50,6 +50,7 @@
"serial_number": "1",
"serial_number_hex": "0x1",
"sha1_fingerprint": "b8:4c:4b:79:4f:13:03:79:47:08:fa:6b:52:63:3d:f9:15:8e:7e:dc",
+"sha256_fingerprint": "0f:3c:77:ed:c7:2b:09:5a:27:88:26:ca:91:e0:81:26:70:14:b1:cd:8e:fe:19:79:42:18:1b:02:07:70:25:30",
"subject": "CN=dev.example.com,O=EXAMPLE.COM",
"usercertificate": [
{
diff --git a/ipaserver/plugins/cert.py b/ipaserver/plugins/cert.py
index 585a70e..a60dc41 100644
--- a/ipaserver/plugins/cert.py
+++ b/ipaserver/plugins/cert.py
@@ -350,6 +350,11 @@ class BaseCertObject(Object):
label=_('Fingerprint (SHA1)'),
flags={'no_create', 'no_update', 'no_search'},
),
+Str(
+'sha256_fingerprint',
+label=_('Fingerprint (SHA256)'),
+flags={'no_create', 'no_update', 'no_search'},
+),
Int(
'serial_number',
label=_('Serial number'),
@@ -390,6 +395,8 @@ def _parse(self, obj, full=True):
if full:
obj['sha1_fingerprint'] = x509.to_hex_with_colons(
cert.fingerprint(hashes.SHA1()))
+obj['sha256_fingerprint'] = x509.to_hex_with_colons(
+cert.fingerprint(hashes.SHA256()))
general_names = x509.process_othernames(
x509.get_san_general_names(cert))
diff --git a/ipaserver/plugins/host.py b/ipaserver/plugins/host.py
index 7ceec8e..dcadd54 100644
--- a/ipaserver/plugins/host.py
+++ b/ipaserver/plugins/host.py
@@ -514,6 +514,10 @@ class host(LDAPObject):
label=_('Fingerprint (SHA1)'),
flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
),
+Str('sha256_fingerprint',
+label
[Freeipa-devel] [freeipa PR#504][synchronized] Add SHA256 fingerprints
URL: https://github.com/freeipa/freeipa/pull/504
Author: tomaskrizek
Title: #504: Add SHA256 fingerprints
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/504/head:pr504
git checkout pr504
From 6664a947ad9203c9c6d671c4a55d535e8c8d6c2e Mon Sep 17 00:00:00 2001
From: Tomas Krizek
Date: Thu, 23 Feb 2017 17:03:01 +0100
Subject: [PATCH] Add SHA256 fingerprints for certs
https://fedorahosted.org/freeipa/ticket/6701
---
install/ui/src/freeipa/certificate.js | 5 +
install/ui/test/data/cert_request.json | 1 +
install/ui/test/data/cert_show.json| 1 +
install/ui/test/data/service_show.json | 1 +
ipaserver/plugins/cert.py | 7 +++
ipaserver/plugins/host.py | 4
ipaserver/plugins/service.py | 6 ++
ipatests/test_xmlrpc/test_host_plugin.py | 1 +
ipatests/test_xmlrpc/test_service_plugin.py| 7 +++
ipatests/test_xmlrpc/tracker/host_plugin.py| 1 +
ipatests/test_xmlrpc/tracker/service_plugin.py | 4 ++--
11 files changed, 36 insertions(+), 2 deletions(-)
diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js
index b86c6cf..d7a50d7 100755
--- a/install/ui/src/freeipa/certificate.js
+++ b/install/ui/src/freeipa/certificate.js
@@ -571,6 +571,7 @@ IPA.cert.loader = function(spec) {
serial_number: result.serial_number,
serial_number_hex: result.serial_number_hex,
sha1_fingerprint: result.sha1_fingerprint,
+sha256_fingerprint: result.sha256_fingerprint,
subject: result.subject,
valid_not_after: result.valid_not_after,
valid_not_before: result.valid_not_before
@@ -1578,6 +1579,9 @@ exp.create_cert_metadata = function() {
add_param('sha1_fingerprint',
text.get('@i18n:objects.cert.sha1_fingerprint'),
text.get('@i18n:objects.cert.sha1_fingerprint'));
+add_param('sha256_fingerprint',
+text.get('@i18n:objects.cert.sha256_fingerprint'),
+text.get('@i18n:objects.cert.sha256_fingerprint'));
add_param('certificate',
text.get('@i18n:objects.cert.certificate'),
text.get('@i18n:objects.cert.certificate'));
@@ -1755,6 +1759,7 @@ return {
'valid_not_before',
'valid_not_after',
'sha1_fingerprint',
+'sha256_fingerprint',
{
$type: 'revocation_reason',
name: 'revocation_reason'
diff --git a/install/ui/test/data/cert_request.json b/install/ui/test/data/cert_request.json
index f8d8544..c610830 100644
--- a/install/ui/test/data/cert_request.json
+++ b/install/ui/test/data/cert_request.json
@@ -8,6 +8,7 @@
"request_id": "1",
"serial_number": "1",
"sha1_fingerprint": "b8:4c:4b:79:4f:13:03:79:47:08:fa:6b:52:63:3d:f9:15:8e:7e:dc",
+"sha256_fingerprint": "0f:3c:77:ed:c7:2b:09:5a:27:88:26:ca:91:e0:81:26:70:14:b1:cd:8e:fe:19:79:42:18:1b:02:07:70:25:30",
"subject": "CN=dev.example.com,O=EXAMPLE.COM",
"valid_not_after": "Tue Oct 13 01:59:32 2015 UTC",
"valid_not_before": "Wed Oct 13 01:59:32 2010 UTC"
diff --git a/install/ui/test/data/cert_show.json b/install/ui/test/data/cert_show.json
index 4942e63..6f1e9d3 100644
--- a/install/ui/test/data/cert_show.json
+++ b/install/ui/test/data/cert_show.json
@@ -7,6 +7,7 @@
"issuer": "CN=Certificate Authority,O=EXAMPLE.COM",
"serial_number": "1",
"sha1_fingerprint": "b8:4c:4b:79:4f:13:03:79:47:08:fa:6b:52:63:3d:f9:15:8e:7e:dc",
+"sha256_fingerprint": "0f:3c:77:ed:c7:2b:09:5a:27:88:26:ca:91:e0:81:26:70:14:b1:cd:8e:fe:19:79:42:18:1b:02:07:70:25:30",
"subject": "CN=dev.example.com,O=EXAMPLE.COM",
"valid_not_after": "Tue Oct 13 01:59:32 2015 UTC",
"valid_not_before": "Wed Oct 13 01:59:32 2010 UTC"
diff --git a/install/ui/test/data/service_show.json b/install/ui/test/data/service_show.json
index 213dfff..597f3ad 100644
--- a/install/ui/test/data/service_show.json
+++ b/install/ui/test/data/service_show.json
@@ -50,6 +50,7 @@
"serial_number": "1",
"serial_number_hex": "0x1",
"sha1_fingerprint": "b8:4c:4b:79:4f:13:03:79:47:08:fa:6b:52:63:3d:f9:15:8e:7e:dc",
+"sha256_fingerprint": "0f:3c:77:ed:c7:2b:09:5a:27:88:26:ca:91:e0:81:26:70:14:b1:cd:8e:fe:19:79:42:18:1b:02:07:70:25:30",
"subject": "CN=dev.example.com,O=EXAMPLE.COM",
"usercertificate": [
{
diff --git a/ipaserver/plugins/cert.py b/ipaserver/plugins/cert.py
index 585a70e..a60dc41 100644
--- a/ipaserver/plugins/cert.py
+++ b/ipaserver/plugins/cert.py
@@ -350,6 +
[Freeipa-devel] [freeipa PR#504][synchronized] Add SHA256 fingerprints
URL: https://github.com/freeipa/freeipa/pull/504
Author: tomaskrizek
Title: #504: Add SHA256 fingerprints
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/504/head:pr504
git checkout pr504
From 690ff813eefec7a16a9c6c330fb005a47efbdb85 Mon Sep 17 00:00:00 2001
From: Tomas Krizek
Date: Thu, 23 Feb 2017 17:03:01 +0100
Subject: [PATCH] Add SHA256 fingerprints for certs
https://fedorahosted.org/freeipa/ticket/6701
---
install/ui/src/freeipa/certificate.js | 5 +
install/ui/test/data/cert_request.json | 1 +
install/ui/test/data/cert_show.json| 1 +
install/ui/test/data/service_show.json | 1 +
ipaserver/plugins/cert.py | 6 ++
ipaserver/plugins/host.py | 4
ipaserver/plugins/service.py | 6 ++
ipatests/test_xmlrpc/test_host_plugin.py | 1 +
ipatests/test_xmlrpc/test_service_plugin.py| 7 +++
ipatests/test_xmlrpc/tracker/host_plugin.py| 1 +
ipatests/test_xmlrpc/tracker/service_plugin.py | 4 ++--
11 files changed, 35 insertions(+), 2 deletions(-)
diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js
index b86c6cf..d7a50d7 100755
--- a/install/ui/src/freeipa/certificate.js
+++ b/install/ui/src/freeipa/certificate.js
@@ -571,6 +571,7 @@ IPA.cert.loader = function(spec) {
serial_number: result.serial_number,
serial_number_hex: result.serial_number_hex,
sha1_fingerprint: result.sha1_fingerprint,
+sha256_fingerprint: result.sha256_fingerprint,
subject: result.subject,
valid_not_after: result.valid_not_after,
valid_not_before: result.valid_not_before
@@ -1578,6 +1579,9 @@ exp.create_cert_metadata = function() {
add_param('sha1_fingerprint',
text.get('@i18n:objects.cert.sha1_fingerprint'),
text.get('@i18n:objects.cert.sha1_fingerprint'));
+add_param('sha256_fingerprint',
+text.get('@i18n:objects.cert.sha256_fingerprint'),
+text.get('@i18n:objects.cert.sha256_fingerprint'));
add_param('certificate',
text.get('@i18n:objects.cert.certificate'),
text.get('@i18n:objects.cert.certificate'));
@@ -1755,6 +1759,7 @@ return {
'valid_not_before',
'valid_not_after',
'sha1_fingerprint',
+'sha256_fingerprint',
{
$type: 'revocation_reason',
name: 'revocation_reason'
diff --git a/install/ui/test/data/cert_request.json b/install/ui/test/data/cert_request.json
index f8d8544..c610830 100644
--- a/install/ui/test/data/cert_request.json
+++ b/install/ui/test/data/cert_request.json
@@ -8,6 +8,7 @@
"request_id": "1",
"serial_number": "1",
"sha1_fingerprint": "b8:4c:4b:79:4f:13:03:79:47:08:fa:6b:52:63:3d:f9:15:8e:7e:dc",
+"sha256_fingerprint": "0f:3c:77:ed:c7:2b:09:5a:27:88:26:ca:91:e0:81:26:70:14:b1:cd:8e:fe:19:79:42:18:1b:02:07:70:25:30",
"subject": "CN=dev.example.com,O=EXAMPLE.COM",
"valid_not_after": "Tue Oct 13 01:59:32 2015 UTC",
"valid_not_before": "Wed Oct 13 01:59:32 2010 UTC"
diff --git a/install/ui/test/data/cert_show.json b/install/ui/test/data/cert_show.json
index 4942e63..6f1e9d3 100644
--- a/install/ui/test/data/cert_show.json
+++ b/install/ui/test/data/cert_show.json
@@ -7,6 +7,7 @@
"issuer": "CN=Certificate Authority,O=EXAMPLE.COM",
"serial_number": "1",
"sha1_fingerprint": "b8:4c:4b:79:4f:13:03:79:47:08:fa:6b:52:63:3d:f9:15:8e:7e:dc",
+"sha256_fingerprint": "0f:3c:77:ed:c7:2b:09:5a:27:88:26:ca:91:e0:81:26:70:14:b1:cd:8e:fe:19:79:42:18:1b:02:07:70:25:30",
"subject": "CN=dev.example.com,O=EXAMPLE.COM",
"valid_not_after": "Tue Oct 13 01:59:32 2015 UTC",
"valid_not_before": "Wed Oct 13 01:59:32 2010 UTC"
diff --git a/install/ui/test/data/service_show.json b/install/ui/test/data/service_show.json
index 213dfff..597f3ad 100644
--- a/install/ui/test/data/service_show.json
+++ b/install/ui/test/data/service_show.json
@@ -50,6 +50,7 @@
"serial_number": "1",
"serial_number_hex": "0x1",
"sha1_fingerprint": "b8:4c:4b:79:4f:13:03:79:47:08:fa:6b:52:63:3d:f9:15:8e:7e:dc",
+"sha256_fingerprint": "0f:3c:77:ed:c7:2b:09:5a:27:88:26:ca:91:e0:81:26:70:14:b1:cd:8e:fe:19:79:42:18:1b:02:07:70:25:30",
"subject": "CN=dev.example.com,O=EXAMPLE.COM",
"usercertificate": [
{
diff --git a/ipaserver/plugins/cert.py b/ipaserver/plugins/cert.py
index 585a70e..ebf57e1 100644
--- a/ipaserver/plugins/cert.py
+++ b/ipaserver/plugins/cert.py
@@ -349,6 +3
