diff options
author | Michael Shuler <michael@pbandjelly.org> | 2011-12-11 17:42:46 -0600 |
---|---|---|
committer | Michael Shuler <michael@pbandjelly.org> | 2011-12-11 17:42:46 -0600 |
commit | c04ca9cf0f228920bbe786d05b1dd41cc068a60f (patch) | |
tree | 7b9b5c75c0d771b53b35db802f3243b288e68d92 /mozilla | |
parent | ae03cea72e176c15c832dcfd44f03f4a558d85c4 (diff) | |
download | ca-certificates-c04ca9cf0f228920bbe786d05b1dd41cc068a60f.tar.gz |
Update mozilla/certdata2pem.py to parse NETSCAPE or NSS data
Diffstat (limited to 'mozilla')
-rw-r--r-- | mozilla/certdata2pem.py | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/mozilla/certdata2pem.py b/mozilla/certdata2pem.py index d6dfa53..3c89e92 100644 --- a/mozilla/certdata2pem.py +++ b/mozilla/certdata2pem.py @@ -92,15 +92,19 @@ if os.path.exists('blacklist.txt'): # Build up trust database. trust = dict() for obj in objects: - if obj['CKA_CLASS'] != 'CKO_NETSCAPE_TRUST': + if not (obj['CKA_CLASS'] == 'CKO_NETSCAPE_TRUST' or + obj['CKA_CLASS'] == 'CKO_NSS_TRUST'): continue if obj['CKA_LABEL'] in blacklist: print "Certificate %s blacklisted, ignoring." % obj['CKA_LABEL'] - elif obj['CKA_TRUST_SERVER_AUTH'] == 'CKT_NETSCAPE_TRUSTED_DELEGATOR': + elif (obj['CKA_TRUST_SERVER_AUTH'] == 'CKT_NETSCAPE_TRUSTED_DELEGATOR' or + obj['CKA_TRUST_SERVER_AUTH'] == 'CKT_NSS_TRUSTED_DELEGATOR'): trust[obj['CKA_LABEL']] = True - elif obj['CKA_TRUST_EMAIL_PROTECTION'] == 'CKT_NETSCAPE_TRUSTED_DELEGATOR': + elif (obj['CKA_TRUST_EMAIL_PROTECTION'] == 'CKT_NETSCAPE_TRUSTED_DELEGATOR' or + obj['CKA_TRUST_EMAIL_PROTECTION'] == 'CKT_NSS_TRUSTED_DELEGATOR'): trust[obj['CKA_LABEL']] = True - elif obj['CKA_TRUST_SERVER_AUTH'] == 'CKT_NETSCAPE_UNTRUSTED': + elif (obj['CKA_TRUST_SERVER_AUTH'] == 'CKT_NETSCAPE_UNTRUSTED' or + obj['CKA_TRUST_SERVER_AUTH'] == 'CKT_NSS_NOT_TRUSTED'): print '!'*74 print "UNTRUSTED BUT NOT BLACKLISTED CERTIFICATE FOUND: %s" % obj['CKA_LABEL'] print '!'*74 |