本文整理汇总了Python中OpenSSL.crypto.FILETYPE_ASN1属性的典型用法代码示例。如果您正苦于以下问题:Python crypto.FILETYPE_ASN1属性的具体用法?Python crypto.FILETYPE_ASN1怎么用?Python crypto.FILETYPE_ASN1使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类OpenSSL.crypto的用法示例。
在下文中一共展示了crypto.FILETYPE_ASN1属性的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: extract_certificate_chain
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def extract_certificate_chain(self, connection):
"""Gets certificate chain and extract the key info from OpenSSL connection."""
from OpenSSL.crypto import dump_certificate, FILETYPE_ASN1
cert_map = OrderedDict()
logger.debug(
"# of certificates: %s",
len(connection.get_peer_cert_chain()))
for cert_openssl in connection.get_peer_cert_chain():
cert_der = dump_certificate(FILETYPE_ASN1, cert_openssl)
cert = Certificate.load(cert_der)
logger.debug(
'subject: %s, issuer: %s',
cert.subject.native, cert.issuer.native)
cert_map[cert.subject.sha256] = cert
return self.create_pair_issuer_subject(cert_map) 示例2: test_dump_certificate
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def test_dump_certificate(self):
"""
:py:obj:`dump_certificate` writes PEM, DER, and text.
"""
pemData = cleartextCertificatePEM + cleartextPrivateKeyPEM
cert = load_certificate(FILETYPE_PEM, pemData)
dumped_pem = dump_certificate(FILETYPE_PEM, cert)
self.assertEqual(dumped_pem, cleartextCertificatePEM)
dumped_der = dump_certificate(FILETYPE_ASN1, cert)
good_der = _runopenssl(dumped_pem, b"x509", b"-outform", b"DER")
self.assertEqual(dumped_der, good_der)
cert2 = load_certificate(FILETYPE_ASN1, dumped_der)
dumped_pem2 = dump_certificate(FILETYPE_PEM, cert2)
self.assertEqual(dumped_pem2, cleartextCertificatePEM)
dumped_text = dump_certificate(FILETYPE_TEXT, cert)
good_text = _runopenssl(dumped_pem, b"x509", b"-noout", b"-text")
self.assertEqual(dumped_text, good_text) 示例3: test_dump_certificate_request
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def test_dump_certificate_request(self):
"""
:py:obj:`dump_certificate_request` writes a PEM, DER, and text.
"""
req = load_certificate_request(FILETYPE_PEM, cleartextCertificateRequestPEM)
dumped_pem = dump_certificate_request(FILETYPE_PEM, req)
self.assertEqual(dumped_pem, cleartextCertificateRequestPEM)
dumped_der = dump_certificate_request(FILETYPE_ASN1, req)
good_der = _runopenssl(dumped_pem, b"req", b"-outform", b"DER")
self.assertEqual(dumped_der, good_der)
req2 = load_certificate_request(FILETYPE_ASN1, dumped_der)
dumped_pem2 = dump_certificate_request(FILETYPE_PEM, req2)
self.assertEqual(dumped_pem2, cleartextCertificateRequestPEM)
dumped_text = dump_certificate_request(FILETYPE_TEXT, req)
good_text = _runopenssl(dumped_pem, b"req", b"-noout", b"-text")
self.assertEqual(dumped_text, good_text)
self.assertRaises(ValueError, dump_certificate_request, 100, req) 示例4: test_export_der
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def test_export_der(self):
"""
If passed ``FILETYPE_ASN1`` for the format, ``CRL.export`` returns a
"DER" format string representing a serial number, a revoked reason, and
certificate issuer information.
"""
crl = self._get_crl()
# DER format
dumped_crl = crl.export(self.cert, self.pkey, FILETYPE_ASN1)
text = _runopenssl(
dumped_crl, b"crl", b"-noout", b"-text", b"-inform", b"DER"
)
text.index(b('Serial Number: 03AB'))
text.index(b('Superseded'))
text.index(
b('Issuer: /C=US/ST=IL/L=Chicago/O=Testing/CN=Testing Root CA')
) 示例5: test_export_text
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def test_export_text(self):
"""
If passed ``FILETYPE_TEXT`` for the format, ``CRL.export`` returns a
text format string like the one produced by the openssl command line
tool.
"""
crl = self._get_crl()
dumped_crl = crl.export(self.cert, self.pkey, FILETYPE_ASN1)
text = _runopenssl(
dumped_crl, b"crl", b"-noout", b"-text", b"-inform", b"DER"
)
# text format
dumped_text = crl.export(self.cert, self.pkey, type=FILETYPE_TEXT)
self.assertEqual(text, dumped_text) 示例6: test_load_crl
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def test_load_crl(self):
"""
Load a known CRL and inspect its revocations. Both
PEM and DER formats are loaded.
"""
crl = load_crl(FILETYPE_PEM, crlData)
revs = crl.get_revoked()
self.assertEqual(len(revs), 2)
self.assertEqual(revs[0].get_serial(), b('03AB'))
self.assertEqual(revs[0].get_reason(), None)
self.assertEqual(revs[1].get_serial(), b('0100'))
self.assertEqual(revs[1].get_reason(), b('Superseded'))
der = _runopenssl(crlData, b"crl", b"-outform", b"DER")
crl = load_crl(FILETYPE_ASN1, der)
revs = crl.get_revoked()
self.assertEqual(len(revs), 2)
self.assertEqual(revs[0].get_serial(), b('03AB'))
self.assertEqual(revs[0].get_reason(), None)
self.assertEqual(revs[1].get_serial(), b('0100'))
self.assertEqual(revs[1].get_reason(), b('Superseded')) 示例7: keyHash
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def keyHash(self):
"""
Compute a hash of the underlying PKey object.
The purpose of this method is to allow you to determine if two
certificates share the same public key; it is not really useful for
anything else.
In versions of Twisted prior to 15.0, C{keyHash} used a technique
involving certificate requests for computing the hash that was not
stable in the face of changes to the underlying OpenSSL library.
@return: Return a 32-character hexadecimal string uniquely identifying
this public key, I{for this version of Twisted}.
@rtype: native L{str}
"""
raw = crypto.dump_publickey(crypto.FILETYPE_ASN1, self.original)
h = md5()
h.update(raw)
return h.hexdigest() 示例8: parse_x509_der_hex
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def parse_x509_der_hex(self):
"""Parse X509 cert in DER format
X.509 is an ITU-T standard for a public key infrastructure (PKI)
and Privilege Management Infrastructure (PMI). It is commonly involved
with SSL/TLS security.<br><br>This operation displays the contents of
a certificate in a human readable format, similar to the openssl command line tool.
Returns:
Chepy: A Chepy object.
"""
cert = _pyssl_crypto.load_certificate(
_pyssl_crypto.FILETYPE_ASN1, self._convert_to_bytes()
)
info = self._convert_cert_to_obj(cert)
self.state = info
return self 示例9: pem_to_der_hex
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def pem_to_der_hex(self):
"""Convert PEM cert to DER format
Converts PEM (Privacy Enhanced Mail) format to a hexadecimal
DER (Distinguished Encoding Rules) string.
Returns:
Chepy: The Chepy object.
"""
cert_pem = _pyssl_crypto.load_certificate(
_pyssl_crypto.FILETYPE_PEM, self.state
)
self.state = _pyssl_crypto.dump_certificate(
_pyssl_crypto.FILETYPE_ASN1, cert_pem
)
return self 示例10: test_dump_certificate
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def test_dump_certificate(self):
"""
`dump_certificate` writes PEM, DER, and text.
"""
pemData = cleartextCertificatePEM + cleartextPrivateKeyPEM
cert = load_certificate(FILETYPE_PEM, pemData)
dumped_pem = dump_certificate(FILETYPE_PEM, cert)
assert dumped_pem == cleartextCertificatePEM
dumped_der = dump_certificate(FILETYPE_ASN1, cert)
good_der = _runopenssl(dumped_pem, b"x509", b"-outform", b"DER")
assert dumped_der == good_der
cert2 = load_certificate(FILETYPE_ASN1, dumped_der)
dumped_pem2 = dump_certificate(FILETYPE_PEM, cert2)
assert dumped_pem2 == cleartextCertificatePEM
dumped_text = dump_certificate(FILETYPE_TEXT, cert)
good_text = _runopenssl(
dumped_pem, b"x509", b"-noout", b"-text", b"-nameopt", b"")
assert dumped_text == good_text 示例11: test_dump_certificate_request
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def test_dump_certificate_request(self):
"""
`dump_certificate_request` writes a PEM, DER, and text.
"""
req = load_certificate_request(
FILETYPE_PEM, cleartextCertificateRequestPEM)
dumped_pem = dump_certificate_request(FILETYPE_PEM, req)
assert dumped_pem == cleartextCertificateRequestPEM
dumped_der = dump_certificate_request(FILETYPE_ASN1, req)
good_der = _runopenssl(dumped_pem, b"req", b"-outform", b"DER")
assert dumped_der == good_der
req2 = load_certificate_request(FILETYPE_ASN1, dumped_der)
dumped_pem2 = dump_certificate_request(FILETYPE_PEM, req2)
assert dumped_pem2 == cleartextCertificateRequestPEM
dumped_text = dump_certificate_request(FILETYPE_TEXT, req)
good_text = _runopenssl(
dumped_pem, b"req", b"-noout", b"-text", b"-nameopt", b"")
assert dumped_text == good_text
with pytest.raises(ValueError):
dump_certificate_request(100, req) 示例12: test_export_der
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def test_export_der(self):
"""
If passed ``FILETYPE_ASN1`` for the format, ``CRL.export`` returns a
"DER" format string representing a serial number, a revoked reason, and
certificate issuer information.
"""
crl = self._get_crl()
# DER format
dumped_crl = self._get_crl().export(
self.cert, self.pkey, FILETYPE_ASN1, digest=b"md5"
)
crl = x509.load_der_x509_crl(dumped_crl, backend)
revoked = crl.get_revoked_certificate_by_serial_number(0x03AB)
assert revoked is not None
assert crl.issuer == x509.Name([
x509.NameAttribute(x509.NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(x509.NameOID.STATE_OR_PROVINCE_NAME, u"IL"),
x509.NameAttribute(x509.NameOID.LOCALITY_NAME, u"Chicago"),
x509.NameAttribute(x509.NameOID.ORGANIZATION_NAME, u"Testing"),
x509.NameAttribute(x509.NameOID.COMMON_NAME, u"Testing Root CA"),
])
# Flaky because we compare the output of running commands which sometimes
# varies by 1 second 示例13: test_load_crl
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def test_load_crl(self):
"""
Load a known CRL and inspect its revocations. Both EM and DER formats
are loaded.
"""
crl = load_crl(FILETYPE_PEM, crlData)
revs = crl.get_revoked()
assert len(revs) == 2
assert revs[0].get_serial() == b'03AB'
assert revs[0].get_reason() is None
assert revs[1].get_serial() == b'0100'
assert revs[1].get_reason() == b'Superseded'
der = _runopenssl(crlData, b"crl", b"-outform", b"DER")
crl = load_crl(FILETYPE_ASN1, der)
revs = crl.get_revoked()
assert len(revs) == 2
assert revs[0].get_serial() == b'03AB'
assert revs[0].get_reason() is None
assert revs[1].get_serial() == b'0100'
assert revs[1].get_reason() == b'Superseded' 示例14: _fetch_certs
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def _fetch_certs(hostname_file):
with open(hostname_file) as f:
hostnames = f.read().split('\n')
map_serial_to_name = {}
for h in hostnames:
if not h:
continue
connection = _openssl_connect(h, 443)
for cert_openssl in connection.get_peer_cert_chain():
cert_der = dump_certificate(FILETYPE_ASN1, cert_openssl)
cert = Certificate.load(cert_der)
map_serial_to_name[cert.serial_number] = cert.subject.native
return map_serial_to_name 示例15: test_load_privatekey_passphraseWrongType
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import FILETYPE_ASN1 [as 别名]
def test_load_privatekey_passphraseWrongType(self):
"""
:py:obj:`load_privatekey` raises :py:obj:`ValueError` when it is passed a passphrase
with a private key encoded in a format, that doesn't support
encryption.
"""
key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM)
blob = dump_privatekey(FILETYPE_ASN1, key)
self.assertRaises(ValueError,
load_privatekey, FILETYPE_ASN1, blob, "secret")