本文整理汇总了Python中OpenSSL.crypto.X509属性的典型用法代码示例。如果您正苦于以下问题:Python crypto.X509属性的具体用法?Python crypto.X509怎么用?Python crypto.X509使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类OpenSSL.crypto
的用法示例。
在下文中一共展示了crypto.X509属性的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _validate_dependencies_met
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import X509 [as 别名]
def _validate_dependencies_met():
"""
Verifies that PyOpenSSL's package-level dependencies have been met.
Throws `ImportError` if they are not met.
"""
# Method added in `cryptography==1.1`; not available in older versions
from cryptography.x509.extensions import Extensions
if getattr(Extensions, "get_extension_for_class", None) is None:
raise ImportError("'cryptography' module missing required functionality. "
"Try upgrading to v1.3.4 or newer.")
# pyOpenSSL 0.14 and above use cryptography for OpenSSL bindings. The _x509
# attribute is only present on those versions.
from OpenSSL.crypto import X509
x509 = X509()
if getattr(x509, "_x509", None) is None:
raise ImportError("'pyOpenSSL' module missing required functionality. "
"Try upgrading to v0.14 or newer.")
示例2: _validate_dependencies_met
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import X509 [as 别名]
def _validate_dependencies_met():
"""
Verifies that PyOpenSSL's package-level dependencies have been met.
Throws `ImportError` if they are not met.
"""
# Method added in `cryptography==1.1`; not available in older versions
from cryptography.x509.extensions import Extensions
if getattr(Extensions, "get_extension_for_class", None) is None:
raise ImportError(
"'cryptography' module missing required functionality. "
"Try upgrading to v1.3.4 or newer."
)
# pyOpenSSL 0.14 and above use cryptography for OpenSSL bindings. The _x509
# attribute is only present on those versions.
from OpenSSL.crypto import X509
x509 = X509()
if getattr(x509, "_x509", None) is None:
raise ImportError(
"'pyOpenSSL' module missing required functionality. "
"Try upgrading to v0.14 or newer."
)
示例3: generate_cert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import X509 [as 别名]
def generate_cert(project_name):
"""Generate a self signed cerficate."""
# Defer imports to avoid issues on Python 2.
from OpenSSL import crypto
key = crypto.PKey()
key.generate_key(crypto.TYPE_RSA, 2048)
cert = crypto.X509()
cert.get_subject().C = 'US'
cert.get_subject().CN = '*' + untrusted.internal_network_domain()
cert.get_subject().O = project_name
cert.set_serial_number(9001)
cert.set_notBefore(b'20000101000000Z')
cert.set_notAfter(b'21000101000000Z')
cert.set_issuer(cert.get_subject())
cert.set_pubkey(key)
cert.sign(key, 'sha256')
cert_contents = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
key_contents = crypto.dump_privatekey(crypto.FILETYPE_PEM, key)
return cert_contents, key_contents
示例4: test_multiple_add_client_ca
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import X509 [as 别名]
def test_multiple_add_client_ca(self):
"""
Multiple CA names can be sent to the client by calling
:py:obj:`Context.add_client_ca` with multiple X509 objects.
"""
cacert = load_certificate(FILETYPE_PEM, root_cert_pem)
secert = load_certificate(FILETYPE_PEM, server_cert_pem)
cadesc = cacert.get_subject()
sedesc = secert.get_subject()
def multiple_ca(ctx):
ctx.add_client_ca(cacert)
ctx.add_client_ca(secert)
return [cadesc, sedesc]
self._check_client_ca_list(multiple_ca)
示例5: signRequestObject
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import X509 [as 别名]
def signRequestObject(self,
issuerDistinguishedName,
requestObject,
serialNumber,
secondsToExpiry=60 * 60 * 24 * 365, # One year
digestAlgorithm='sha256'):
"""
Sign a CertificateRequest instance, returning a Certificate instance.
"""
req = requestObject.original
cert = crypto.X509()
issuerDistinguishedName._copyInto(cert.get_issuer())
cert.set_subject(req.get_subject())
cert.set_pubkey(req.get_pubkey())
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(secondsToExpiry)
cert.set_serial_number(serialNumber)
cert.sign(self.original, digestAlgorithm)
return Certificate(cert)
示例6: makeCertificate
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import X509 [as 别名]
def makeCertificate(**kw):
keypair = PKey()
keypair.generate_key(TYPE_RSA, 768)
certificate = X509()
certificate.gmtime_adj_notBefore(0)
certificate.gmtime_adj_notAfter(60 * 60 * 24 * 365) # One year
for xname in certificate.get_issuer(), certificate.get_subject():
for (k, v) in kw.items():
setattr(xname, k, nativeString(v))
certificate.set_serial_number(counter())
certificate.set_pubkey(keypair)
certificate.sign(keypair, "md5")
return keypair, certificate
示例7: test_trustRootFromCertificatesOpenSSLObjects
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import X509 [as 别名]
def test_trustRootFromCertificatesOpenSSLObjects(self):
"""
L{trustRootFromCertificates} rejects any L{OpenSSL.crypto.X509}
instances in the list passed to it.
"""
private = sslverify.PrivateCertificate.loadPEM(A_KEYPAIR)
certX509 = private.original
exception = self.assertRaises(
TypeError,
sslverify.trustRootFromCertificates, [certX509],
)
self.assertEqual(
"certificates items must be twisted.internet.ssl.CertBase "
"instances",
exception.args[0],
)
示例8: generate_keypair
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import X509 [as 别名]
def generate_keypair(uuid):
hostname = socket.gethostname()
# create a key pair
keypair = crypto.PKey()
keypair.generate_key(crypto.TYPE_RSA, 2048)
# create a self-signed cert
cert = crypto.X509()
cert.set_version(2)
cert.get_subject().CN = str(uuid)+"/"+hostname
cert.get_issuer().CN = str(uuid)+"/"+hostname
cert.set_serial_number(1000)
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(10*365*24*60*60)
cert.set_pubkey(keypair)
cert.sign(keypair, 'sha256')
certificate = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
privatekey = crypto.dump_privatekey(crypto.FILETYPE_PEM, keypair)
return certificate, privatekey