当前位置: 首页>>代码示例>>Python>>正文


Python crypto.PKCS12属性代码示例

本文整理汇总了Python中OpenSSL.crypto.PKCS12属性的典型用法代码示例。如果您正苦于以下问题:Python crypto.PKCS12属性的具体用法?Python crypto.PKCS12怎么用?Python crypto.PKCS12使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在OpenSSL.crypto的用法示例。


在下文中一共展示了crypto.PKCS12属性的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: _create_pkcs12_bin

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import PKCS12 [as 别名]
def _create_pkcs12_bin(self):
        """
        Helper function to create an encrypted pkcs12 binary for download

        :return: PKCS12 binary
        """
        certificate = self.get_tokeninfo("certificate")
        privatekey = self.get_tokeninfo("privatekey")
        pkcs12 = crypto.PKCS12()
        pkcs12.set_certificate(crypto.load_certificate(
            crypto.FILETYPE_PEM, certificate))
        pkcs12.set_privatekey(crypto.load_privatekey(crypto.FILETYPE_PEM,
                                                     privatekey))
        # TODO define a random passphrase and hand it to the user
        passphrase = self.token.get_pin()
        if passphrase == -1:
            passphrase = ""
        pkcs12_bin = pkcs12.export(passphrase=passphrase)
        return pkcs12_bin 
开发者ID:privacyidea,项目名称:privacyidea,代码行数:21,代码来源:certificatetoken.py

示例2: get_as_dict

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import PKCS12 [as 别名]
def get_as_dict(self):
        """
        This returns the token data as a dictionary.
        It is used to display the token list at /token/list.

        The certificate token can add the PKCS12 file if it exists

        :return: The token data as dict
        :rtype: dict
        """
        # first get the database values as dict
        token_dict = self.token.get()

        if "privatekey" in token_dict.get("info"):
            token_dict["info"]["pkcs12"] = b64encode_and_unicode(self._create_pkcs12_bin())

        return token_dict 
开发者ID:privacyidea,项目名称:privacyidea,代码行数:19,代码来源:certificatetoken.py

示例3: _create_self_signed_cert

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import PKCS12 [as 别名]
def _create_self_signed_cert(self):

        # Create a key pair
        k = crypto.PKey()
        k.generate_key(crypto.TYPE_RSA, 1024)

        # Create a self-signed cert
        cert = crypto.X509()
        cert.get_subject().C = "NL"
        cert.get_subject().ST = "Rotterdam"
        cert.get_subject().L = "Rotterdam"
        cert.get_subject().O = "Mendix"  # noqa: E741
        cert.get_subject().OU = "Mendix"
        cert.get_subject().CN = gethostname()
        cert.set_serial_number(1000)
        cert.gmtime_adj_notBefore(0)
        cert.gmtime_adj_notAfter(10 * 365 * 24 * 60 * 60)
        cert.set_issuer(cert.get_subject())
        cert.set_pubkey(k)
        cert.sign(k, "sha1")

        # Create a P12 container
        p12 = crypto.PKCS12()
        p12.set_certificate(cert)

        return p12.export()

    # The following two tests ensure that the certificates are being loaded into the right configuration key
    # Mendix 7.20 deprecated WebServiceClientCertificates in favour of ClientCertificateUsagess 
开发者ID:mendix,项目名称:cf-mendix-buildpack,代码行数:31,代码来源:test_client_certificates.py

示例4: store_cert

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import PKCS12 [as 别名]
def store_cert(self, context, certificate, private_key, intermediates=None,
                   private_key_passphrase=None, expiration=None,
                   name="PKCS12 Certificate Bundle"):
        p12 = crypto.PKCS12()
        p12.set_certificate(certificate)
        p12.set_privatekey(private_key)
        if intermediates:
            p12.set_ca_certificates(intermediates)
        if private_key_passphrase:
            raise exceptions.CertificateStorageException(
                "Passphrases protected PKCS12 certificates are not supported.")

        p12_data = opaque_data.OpaqueData(p12.export(), name=name)
        self.manager.store(context, p12_data) 
开发者ID:openstack,项目名称:octavia,代码行数:16,代码来源:castellan_mgr.py

示例5: get_init_detail

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import PKCS12 [as 别名]
def get_init_detail(self, params=None, user=None):
        """
        At the end of the initialization we return the certificate and the
        PKCS12 file, if the private key exists.
        """
        response_detail = TokenClass.get_init_detail(self, params, user)
        params = params or {}
        certificate = self.get_tokeninfo("certificate")
        response_detail["certificate"] = certificate
        privatekey = self.get_tokeninfo("privatekey")
        # If there is a private key, we dump a PKCS12
        if privatekey:
            response_detail["pkcs12"] = b64encode_and_unicode(self._create_pkcs12_bin())

        return response_detail 
开发者ID:privacyidea,项目名称:privacyidea,代码行数:17,代码来源:certificatetoken.py

示例6: set_pin

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import PKCS12 [as 别名]
def set_pin(self, pin, encrypt=False):
        """
        set the PIN of a token.
        The PIN of the certificate token is stored encrypted. It is used as
        passphrase for the PKCS12 file.

        :param pin: the pin to be set for the token
        :type pin: basestring
        :param encrypt: If set to True, the pin is stored encrypted and
                        can be retrieved from the database again
        :type encrypt: bool
        """
        storeHashed = False
        self.token.set_pin(pin, storeHashed) 
开发者ID:privacyidea,项目名称:privacyidea,代码行数:16,代码来源:certificatetoken.py

示例7: p12_assertions

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import PKCS12 [as 别名]
def p12_assertions(self, cdir, cert, key, p12, cacert=None):
        '''
        test basic p12 certificate bundle assumptions

        Args:
            cdir (s_certdir.CertDir): certdir object
            cert (crypto.X509): Cert to test
            key (crypto.PKey): Key for the certification
            p12 (crypto.PKCS12): PKCS12 object to test
            cacert (crypto.X509): Corresponding CA cert (optional)
        '''
        self.nn(p12)

        # Pull out the CA cert and keypair data
        p12_cacert = None
        if cacert:
            p12_cacert = p12.get_ca_certificates()
            self.nn(p12_cacert)
            self.len(1, p12_cacert)
            p12_cacert = p12_cacert[0]
            self.eq(crypto.dump_certificate(crypto.FILETYPE_ASN1, cacert), crypto.dump_certificate(crypto.FILETYPE_ASN1, p12_cacert))

        p12_cert = p12.get_certificate()
        p12_key = p12.get_privatekey()
        self.basic_assertions(cdir, p12_cert, p12_key, cacert=p12_cacert)

        # Make sure that the CA cert and keypair files are the same as the CA cert and keypair contained in the p12 file
        self.eq(crypto.dump_certificate(crypto.FILETYPE_ASN1, cert), crypto.dump_certificate(crypto.FILETYPE_ASN1, p12_cert))
        self.eq(crypto.dump_privatekey(crypto.FILETYPE_ASN1, key), crypto.dump_privatekey(crypto.FILETYPE_ASN1, p12_key)) 
开发者ID:vertexproject,项目名称:synapse,代码行数:31,代码来源:test_lib_certdir.py

示例8: store_cert

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import PKCS12 [as 别名]
def store_cert(self, context, certificate, private_key, intermediates=None,
                   private_key_passphrase=None, expiration=None,
                   name="PKCS12 Certificate Bundle"):
        """Stores a certificate in the certificate manager.

        :param context: Oslo context of the request
        :param certificate: PEM encoded TLS certificate
        :param private_key: private key for the supplied certificate
        :param intermediates: ordered and concatenated intermediate certs
        :param private_key_passphrase: optional passphrase for the supplied key
        :param expiration: the expiration time of the cert in ISO 8601 format
        :param name: a friendly name for the cert

        :returns: the container_ref of the stored cert
        :raises Exception: if certificate storage fails
        """
        connection = self.auth.get_barbican_client(context.project_id)

        LOG.info("Storing certificate secret '%s' in Barbican.", name)
        p12 = crypto.PKCS12()
        p12.set_friendlyname(encodeutils.to_utf8(name))
        x509_cert = crypto.load_certificate(crypto.FILETYPE_PEM, certificate)
        p12.set_certificate(x509_cert)
        x509_pk = crypto.load_privatekey(crypto.FILETYPE_PEM, private_key)
        p12.set_privatekey(x509_pk)
        if intermediates:
            cert_ints = list(cert_parser.get_intermediates_pems(intermediates))
            x509_ints = [
                crypto.load_certificate(crypto.FILETYPE_PEM, ci)
                for ci in cert_ints]
            p12.set_ca_certificates(x509_ints)
        if private_key_passphrase:
            raise exceptions.CertificateStorageException(
                "Passphrase protected PKCS12 certificates are not supported.")

        try:
            certificate_secret = connection.secrets.create(
                payload=p12.export(),
                expiration=expiration,
                name=name
            )
            certificate_secret.store()
            return certificate_secret.secret_ref
        except Exception as e:
            with excutils.save_and_reraise_exception():
                LOG.error('Error storing certificate data: %s', e) 
开发者ID:openstack,项目名称:octavia,代码行数:48,代码来源:barbican.py


注:本文中的OpenSSL.crypto.PKCS12属性示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。