Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(10699)
Issues Repositories Search
Open Issues | Closed Issues | All Issues | Sign in with your Google Account to create issues and add comments

Issue 11040043: Add a cert utility

Can't Edit
Can't Publish+Mail
Start Review
Created:
10 years, 9 months ago by ekasper
Modified:
10 years, 9 months ago
CC:
ctlog-opensource-review_google.com
Visibility:
Public.

Description

Add a cert utility

Patch Set 1 #

Total comments: 9

Patch Set 2 : more functionality #

Patch Set 3 : small fixes #

Total comments: 8

Patch Set 4 : comments #

Unified diffs Side-by-side diffs Delta from patch set Stats (+269 lines, -11 lines) Patch
M src/python/ct/crypto/cert.py View 1 2 3 5 chunks +52 lines, -6 lines 0 comments Download
M src/python/ct/crypto/cert_test.py View 1 2 3 4 chunks +33 lines, -4 lines 0 comments Download
M src/python/ct/crypto/testdata/google_cert.pem View 1 1 chunk +1 line, -1 line 0 comments Download
A src/python/ct/crypto/testdata/google_chain.pem View 1 1 chunk +57 lines, -0 lines 0 comments Download
A src/python/ct/crypto/tools/cert_util.py View 1 2 3 1 chunk +126 lines, -0 lines 0 comments Download

Messages

Total messages: 8
ekasper
This adds a little stand-alone tool on top of the X509 module. It's fairly straighforward ...
10 years, 9 months ago (2013-07-09 14:00:45 UTC) #1
ekasper
Switching reviewers since Eran is overloaded.
10 years, 9 months ago (2013-07-11 09:54:36 UTC) #2
Ben Laurie (Google)
LGTM. https://codereview.appspot.com/11040043/diff/1/src/python/ct/crypto/tools/cert_util.py File src/python/ct/crypto/tools/cert_util.py (right): https://codereview.appspot.com/11040043/diff/1/src/python/ct/crypto/tools/cert_util.py#newcode17 src/python/ct/crypto/tools/cert_util.py:17: cert_util.py print --subject cert.pem - print the subject ...
10 years, 9 months ago (2013-07-11 15:12:22 UTC) #3
ekasper
https://codereview.appspot.com/11040043/diff/1/src/python/ct/crypto/tools/cert_util.py File src/python/ct/crypto/tools/cert_util.py (right): https://codereview.appspot.com/11040043/diff/1/src/python/ct/crypto/tools/cert_util.py#newcode17 src/python/ct/crypto/tools/cert_util.py:17: cert_util.py print --subject cert.pem - print the subject name ...
10 years, 9 months ago (2013-07-11 17:37:23 UTC) #4
ekasper
https://codereview.appspot.com/11040043/diff/1/src/python/ct/crypto/tools/cert_util.py File src/python/ct/crypto/tools/cert_util.py (right): https://codereview.appspot.com/11040043/diff/1/src/python/ct/crypto/tools/cert_util.py#newcode17 src/python/ct/crypto/tools/cert_util.py:17: cert_util.py print --subject cert.pem - print the subject name ...
10 years, 9 months ago (2013-07-11 17:39:38 UTC) #5
Eran
Minor comments, sorry for the late review. https://codereview.appspot.com/11040043/diff/10001/src/python/ct/crypto/cert.py File src/python/ct/crypto/cert.py (right): https://codereview.appspot.com/11040043/diff/10001/src/python/ct/crypto/cert.py#newcode45 src/python/ct/crypto/cert.py:45: def all_from_pem(cls, ...
10 years, 9 months ago (2013-07-11 19:47:45 UTC) #6
Eran
Just to clarify - LGTM regardless of the comments.
10 years, 9 months ago (2013-07-11 19:48:17 UTC) #7
ekasper
10 years, 9 months ago (2013-07-12 10:12:32 UTC) #8 
https://codereview.appspot.com/11040043/diff/10001/src/python/ct/crypto/cert.py
File src/python/ct/crypto/cert.py (right):

https://codereview.appspot.com/11040043/diff/10001/src/python/ct/crypto/cert....
src/python/ct/crypto/cert.py:45: def all_from_pem(cls, pem_string):
On 2013/07/11 19:47:45, Eran wrote:
> This is a method I'd expect to see at a module-level, not in the class
itself...

The related from_pem() and from_pem_file() methods are class methods, but as you
prefer. Done.

https://codereview.appspot.com/11040043/diff/10001/src/python/ct/crypto/cert....
src/python/ct/crypto/cert.py:58: pem_string, cls._PEM_MARKERS,
skip_invalid_blobs=False):
On 2013/07/11 19:47:45, Eran wrote:
> Nit: Allow the caller to specify whether to skip invalid blobs or not?

Ok, but I've flipped the default.

https://codereview.appspot.com/11040043/diff/10001/src/python/ct/crypto/cert_...
File src/python/ct/crypto/cert_test.py (right):

https://codereview.appspot.com/11040043/diff/10001/src/python/ct/crypto/cert_...
src/python/ct/crypto/cert_test.py:49: self.assertTrue(all(map(lambda x:
isinstance(x, cert.Certificate),
On 2013/07/11 19:47:45, Eran wrote:
> My understanding is that the order is important, so I'd suggest verifying it.

Good call, done.

https://codereview.appspot.com/11040043/diff/10001/src/python/ct/crypto/tools...
File src/python/ct/crypto/tools/cert_util.py (right):

https://codereview.appspot.com/11040043/diff/10001/src/python/ct/crypto/tools...
src/python/ct/crypto/tools/cert_util.py:6: cert_util.py <command> [flags]
[cert_file ...]
On 2013/07/11 19:47:45, Eran wrote:
> Call this cert_print rather than cert_util, since it only does one thing now?
> It's not immediately clear which of the code in this file would be shared
> between different utilities, should we add more later on.

I certainly plan to add more functionality, so I'd rather keep it as is and
refactor shared parts when this happens.
Sign in to reply to this message.

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b