def __get_certs_by_name(self, name):
"""Given 'name', a Cryptograhy 'Name' object, return the certs
with that name as a subject."""
res = []
count = 0
name_hsh = hashlib.sha1(misc.force_bytes(name)).hexdigest()
def load_cert(pth):
with open(pth, "rb") as f:
return x509.load_pem_x509_certificate(
f.read(), default_backend())
try:
while True:
pth = os.path.join(self.__subj_root,
"{0}.{1}".format(name_hsh, count))
res.append(load_cert(pth))
count += 1
except EnvironmentError as e:
# When switching to a different hash algorithm, the hash
# name of file changes so that we couldn't find the
# file. We try harder to rebuild the subject's metadata
# if it's the first time we fail (count == 0).
if count == 0 and e.errno == errno.ENOENT:
self.__rebuild_subj_root()
try:
res.append(load_cert(pth))
except EnvironmentError as ex:
if ex.errno != errno.ENOENT:
raise
t = api_errors._convert_error(e,
[errno.ENOENT])
if t:
raise t
res.extend(self.__issuers.get(name_hsh, []))
return res
评论列表
文章目录
