本文整理汇总了Python中OpenSSL.crypto.TYPE_RSA属性的典型用法代码示例。如果您正苦于以下问题:Python crypto.TYPE_RSA属性的具体用法?Python crypto.TYPE_RSA怎么用?Python crypto.TYPE_RSA使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类OpenSSL.crypto的用法示例。
在下文中一共展示了crypto.TYPE_RSA属性的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: gen_cert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def gen_cert(self, cn, key_size=2048, days=9999):
logging.debug("Generating cert for " + cn)
cacert = crypto.load_certificate(crypto.FILETYPE_PEM, self.cert)
cakey = crypto.load_privatekey(crypto.FILETYPE_PEM, self.key)
pkey = createKeyPair(crypto.TYPE_RSA, key_size)
req = createCertRequest(pkey, CN=cn)
cert = createCertificate(req, (cacert, cakey), 1, (0, 60*60*24*days))
key_data = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
cert_data = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
return Cert(key_data, cert_data, self.cert)
#
# Multi-Threaded Generator Plumbing
# 示例2: generate_cert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def generate_cert(project_name):
"""Generate a self signed cerficate."""
# Defer imports to avoid issues on Python 2.
from OpenSSL import crypto
key = crypto.PKey()
key.generate_key(crypto.TYPE_RSA, 2048)
cert = crypto.X509()
cert.get_subject().C = 'US'
cert.get_subject().CN = '*' + untrusted.internal_network_domain()
cert.get_subject().O = project_name
cert.set_serial_number(9001)
cert.set_notBefore(b'20000101000000Z')
cert.set_notAfter(b'21000101000000Z')
cert.set_issuer(cert.get_subject())
cert.set_pubkey(key)
cert.sign(key, 'sha256')
cert_contents = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
key_contents = crypto.dump_privatekey(crypto.FILETYPE_PEM, key)
return cert_contents, key_contents 示例3: setUp
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def setUp(self):
"""
Create a new private key and start a certificate request (for a test
method to finish in one way or another).
"""
super(X509ExtTests, self).setUp()
# Basic setup stuff to generate a certificate
self.pkey = PKey()
self.pkey.generate_key(TYPE_RSA, 384)
self.req = X509Req()
self.req.set_pubkey(self.pkey)
# Authority good you have.
self.req.get_subject().commonName = "Yoda root CA"
self.x509 = X509()
self.subject = self.x509.get_subject()
self.subject.commonName = self.req.get_subject().commonName
self.x509.set_issuer(self.subject)
self.x509.set_pubkey(self.pkey)
now = b(datetime.now().strftime("%Y%m%d%H%M%SZ"))
expire = b((datetime.now() + timedelta(days=100)).strftime("%Y%m%d%H%M%SZ"))
self.x509.set_notBefore(now)
self.x509.set_notAfter(expire) 示例4: makeCertificate
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def makeCertificate(**kw):
keypair = PKey()
keypair.generate_key(TYPE_RSA, 768)
certificate = X509()
certificate.gmtime_adj_notBefore(0)
certificate.gmtime_adj_notAfter(60 * 60 * 24 * 365) # One year
for xname in certificate.get_issuer(), certificate.get_subject():
for (k, v) in kw.items():
setattr(xname, k, nativeString(v))
certificate.set_serial_number(counter())
certificate.set_pubkey(keypair)
certificate.sign(keypair, "md5")
return keypair, certificate 示例5: generate_keypair
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def generate_keypair(uuid):
hostname = socket.gethostname()
# create a key pair
keypair = crypto.PKey()
keypair.generate_key(crypto.TYPE_RSA, 2048)
# create a self-signed cert
cert = crypto.X509()
cert.set_version(2)
cert.get_subject().CN = str(uuid)+"/"+hostname
cert.get_issuer().CN = str(uuid)+"/"+hostname
cert.set_serial_number(1000)
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(10*365*24*60*60)
cert.set_pubkey(keypair)
cert.sign(keypair, 'sha256')
certificate = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
privatekey = crypto.dump_privatekey(crypto.FILETYPE_PEM, keypair)
return certificate, privatekey 示例6: __init__
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def __init__(self, filename=None, text=None, passphrase=None,
filetype="pem", bits=2048, _key=None):
self.__passphrase = passphrase # can also be a callable
if _key is not None:
key = _key
else:
ftype = _FILETYPES[filetype]
if filename is not None:
ftype, text = get_type_and_text(filename)
if text is not None:
if passphrase is not None:
key = crypto.load_privatekey(ftype, text, passphrase)
else:
key = crypto.load_privatekey(ftype, text)
else:
key = crypto.PKey()
key.generate_key(crypto.TYPE_RSA, bits)
key.check()
self._key = key 示例7: SelfSignedCertificate
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def SelfSignedCertificate():
# create a key pair
k = crypto.PKey()
k.generate_key(crypto.TYPE_RSA, 1024)
# create a self-signed cert
cert = crypto.X509()
cert.get_subject().C = "IL"
cert.get_subject().ST = "Jerusalem"
cert.get_subject().L = "Jerusalem"
cert.get_subject().OU = "DevOps Loft"
cert.get_subject().CN = gethostname()
cert.set_serial_number(1000)
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(10*365*24*60*60)
cert.set_issuer(cert.get_subject())
cert.set_pubkey(k)
cert.sign(k, 'sha1')
with open(CERT_FILE, "wb") as cert_f:
cert_f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
with open(KEY_FILE, "wb") as key_f:
key_f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, k)) 示例8: create_self_signed_cert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def create_self_signed_cert(name="localhost"):
from OpenSSL import crypto
# create key pair
key = crypto.PKey()
key.generate_key(crypto.TYPE_RSA, 2048)
# create self-signed certificate
cert = crypto.X509()
cert.get_subject().CN = name
cert.set_serial_number(1000)
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(10 * 365 * 86400)
cert.set_issuer(cert.get_subject())
cert.set_pubkey(key)
cert.sign(key, "sha1")
with open(CERT_FILE, "wb") as fp:
fp.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
with open(KEY_FILE, "wb") as fp:
fp.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, key)) 示例9: makeCertificate
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def makeCertificate(**kw):
keypair = PKey()
keypair.generate_key(TYPE_RSA, 1024)
certificate = X509()
certificate.gmtime_adj_notBefore(0)
certificate.gmtime_adj_notAfter(60 * 60 * 24 * 365) # One year
for xname in certificate.get_issuer(), certificate.get_subject():
for (k, v) in kw.items():
setattr(xname, k, nativeString(v))
certificate.set_serial_number(counter())
certificate.set_pubkey(keypair)
certificate.sign(keypair, "md5")
return keypair, certificate 示例10: generateImpacketCert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def generateImpacketCert(certname='/tmp/impacket.crt'):
# Create a private key
pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, 2048)
# Create the certificate
cert = crypto.X509()
cert.gmtime_adj_notBefore(0)
# Valid for 5 years
cert.gmtime_adj_notAfter(60*60*24*365*5)
subj = cert.get_subject()
subj.CN = 'impacket'
cert.set_pubkey(pkey)
cert.sign(pkey, "sha256")
# We write both from the same file
with open(certname, 'w') as certfile:
certfile.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey).decode('utf-8'))
certfile.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode('utf-8'))
LOG.debug('Wrote certificate to %s' % certname)
# Class to wrap the client socket in SSL when serving as a SOCKS server 示例11: gen_cert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def gen_cert(self):
key_pair = crypto.PKey()
key_pair.generate_key(crypto.TYPE_RSA, 2048)
cert = crypto.X509()
cert.get_subject().O = 'Loki'
cert.get_subject().CN = 'Sami'
cert.get_subject().OU = 'Pure-L0G1C'
cert.get_subject().C = 'US'
cert.get_subject().L = 'Los Santos'
cert.get_subject().ST = 'California'
cert.set_serial_number(SystemRandom().randint(2048 ** 8, 4096 ** 8))
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(256 * 409600)
cert.set_issuer(cert.get_subject())
cert.set_pubkey(key_pair)
cert.sign(key_pair, 'sha256')
with open(const.CERT_FILE, 'wb') as f:
f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
with open(const.KEY_FILE, 'wb') as f:
f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, key_pair)) 示例12: test_should_return_for_pyopenssl_stored_key_with_extensions
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def test_should_return_for_pyopenssl_stored_key_with_extensions(self):
self.order_meta.update(self.stored_key_meta)
pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, 2048)
self.private_key_value = base64.b64encode(crypto.dump_privatekey(
crypto.FILETYPE_PEM, pkey))
self.store_plugin.get_secret.side_effect = self.stored_key_side_effect
self.order_meta['extensions'] = 'my ASN.1 extensions structure here'
# TODO(alee-3) Add real extensions data here
self.result.status = cert_man.CertificateStatus.WAITING_FOR_CA
cert_res.issue_certificate_request(self.order,
self.project,
self.result_follow_on)
self._verify_issue_certificate_plugins_called()
self.assertIsNotNone(self.order.order_barbican_meta['generated_csr'])
# TODO(alee-3) Add tests to validate the request based on the validator
# code that dave-mccowan is adding.
# TODO(alee-3) Add tests to validate the extensions in the request 示例13: _do_pyopenssl_stored_key_request
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def _do_pyopenssl_stored_key_request(self):
self.order_meta.update(self.stored_key_meta)
pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, 2048)
key_pem = crypto.dump_privatekey(
crypto.FILETYPE_PEM, pkey)
self.private_key_value = base64.b64encode(key_pem)
self.public_key_value = "public_key"
self.passphrase_value = None
self.store_plugin.get_secret.side_effect = self.stored_key_side_effect
self._test_should_return_waiting_for_ca(
cert_res.issue_certificate_request)
self._test_should_return_certificate_generated(
cert_res.check_certificate_request) 示例14: makeCertificate
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def makeCertificate(**kw):
keypair = PKey()
keypair.generate_key(TYPE_RSA, 512)
certificate = X509()
certificate.gmtime_adj_notBefore(0)
certificate.gmtime_adj_notAfter(60 * 60 * 24 * 365) # One year
for xname in certificate.get_issuer(), certificate.get_subject():
for (k, v) in kw.items():
setattr(xname, k, v)
certificate.set_serial_number(counter())
certificate.set_pubkey(keypair)
certificate.sign(keypair, "md5")
return keypair, certificate 示例15: generate_adhoc_ssl_pair
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import TYPE_RSA [as 别名]
def generate_adhoc_ssl_pair(cn=None):
from random import random
crypto = _get_openssl_crypto_module()
# pretty damn sure that this is not actually accepted by anyone
if cn is None:
cn = "*"
cert = crypto.X509()
cert.set_serial_number(int(random() * sys.maxsize))
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(60 * 60 * 24 * 365)
subject = cert.get_subject()
subject.CN = cn
subject.O = "Dummy Certificate" # noqa: E741
issuer = cert.get_issuer()
issuer.CN = subject.CN
issuer.O = subject.O # noqa: E741
pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, 2048)
cert.set_pubkey(pkey)
cert.sign(pkey, "sha256")
return cert, pkey