本文整理汇总了Python中cryptography.x509.oid.NameOID.COUNTRY_NAME属性的典型用法代码示例。如果您正苦于以下问题:Python NameOID.COUNTRY_NAME属性的具体用法?Python NameOID.COUNTRY_NAME怎么用?Python NameOID.COUNTRY_NAME使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类cryptography.x509.oid.NameOID的用法示例。
在下文中一共展示了NameOID.COUNTRY_NAME属性的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _encode_name
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def _encode_name(backend, attributes):
"""
The X509_NAME created will not be gc'd. Use _encode_name_gc if needed.
"""
subject = backend._lib.X509_NAME_new()
for attribute in attributes:
value = attribute.value.encode('utf8')
obj = _txt2obj_gc(backend, attribute.oid.dotted_string)
if attribute.oid == NameOID.COUNTRY_NAME:
# Per RFC5280 Appendix A.1 countryName should be encoded as
# PrintableString, not UTF8String
type = backend._lib.MBSTRING_ASC
else:
type = backend._lib.MBSTRING_UTF8
res = backend._lib.X509_NAME_add_entry_by_OBJ(
subject, obj, type, value, -1, -1, 0,
)
backend.openssl_assert(res == 1)
return subject 示例2: __init__
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def __init__(self, oid, value):
if not isinstance(oid, ObjectIdentifier):
raise TypeError(
"oid argument must be an ObjectIdentifier instance."
)
if not isinstance(value, six.text_type):
raise TypeError(
"value argument must be a text type."
)
if oid == NameOID.COUNTRY_NAME and len(value.encode("utf8")) != 2:
raise ValueError(
"Country name must be a 2 character country code"
)
self._oid = oid
self._value = value 示例3: certificate
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def certificate(private_key: rsa.RSAPrivateKey) -> x509.Certificate:
b = x509.CertificateBuilder()
name = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Commandment"),
x509.NameAttribute(NameOID.COMMON_NAME, u"CA-CERTIFICATE"),
])
cer = b.subject_name(name).issuer_name(name).public_key(
private_key.public_key()
).serial_number(1).not_valid_before(
datetime.datetime.utcnow()
).not_valid_after(
datetime.datetime.utcnow() + datetime.timedelta(days=10)
).add_extension(
x509.BasicConstraints(ca=False, path_length=None), True
).sign(private_key, hashes.SHA256(), default_backend())
return cer 示例4: ca_certificate
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def ca_certificate(private_key: rsa.RSAPrivateKey) -> x509.Certificate:
b = x509.CertificateBuilder()
name = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Commandment"),
x509.NameAttribute(NameOID.COMMON_NAME, u"CA-CERTIFICATE"),
])
cert = b.serial_number(1).issuer_name(
name
).subject_name(
name
).public_key(
private_key.public_key()
).not_valid_before(
datetime.datetime.utcnow()
).not_valid_after(
datetime.datetime.utcnow() + datetime.timedelta(days=10)
).add_extension(
x509.BasicConstraints(ca=True, path_length=None), True
).sign(private_key, hashes.SHA256(), default_backend())
return cert 示例5: test_getitem
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def test_getitem(self):
self.assertEqual(Subject('/CN=example.com')['CN'], 'example.com')
self.assertEqual(Subject('/C=AT/CN=example.com')['C'], 'AT')
self.assertEqual(Subject('/C=AT/CN=example.com')['CN'], 'example.com')
# try NameOID:
self.assertEqual(Subject('/CN=example.com')[NameOID.COMMON_NAME], 'example.com')
self.assertEqual(Subject('/C=AT/CN=example.com')[NameOID.COUNTRY_NAME], 'AT')
self.assertEqual(Subject('/C=AT/CN=example.com')[NameOID.COMMON_NAME], 'example.com')
# OUs
self.assertEqual(Subject('/C=AT/OU=foo/CN=example.com')['OU'], ['foo'])
self.assertEqual(Subject('/C=AT/OU=foo/OU=bar/CN=example.com')['OU'], ['foo', 'bar'])
# test keyerror
with self.assertRaisesRegex(KeyError, r"^'L'$"):
Subject('/C=AT/OU=foo/CN=example.com')['L']
with self.assertRaisesRegex(KeyError, r"^'L'$"):
Subject('/C=AT/OU=foo/CN=example.com')[NameOID.LOCALITY_NAME] 示例6: test_get
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def test_get(self):
self.assertEqual(Subject('/CN=example.com').get('CN'), 'example.com')
self.assertEqual(Subject('/C=AT/CN=example.com').get('C'), 'AT')
self.assertEqual(Subject('/C=AT/CN=example.com').get('CN'), 'example.com')
# try NameOID:
self.assertEqual(Subject('/CN=example.com').get(NameOID.COMMON_NAME), 'example.com')
self.assertEqual(Subject('/C=AT/CN=example.com').get(NameOID.COUNTRY_NAME), 'AT')
self.assertEqual(Subject('/C=AT/CN=example.com').get(NameOID.COMMON_NAME), 'example.com')
# OUs
self.assertEqual(Subject('/C=AT/OU=foo/CN=example.com').get('OU'), ['foo'])
self.assertEqual(Subject('/C=AT/OU=foo/OU=bar/CN=example.com').get('OU'), ['foo', 'bar'])
# test that default doesn't overwrite anytying
self.assertEqual(Subject('/CN=example.com').get('CN', 'x'), 'example.com')
self.assertEqual(Subject('/C=AT/CN=example.com').get('C', 'x'), 'AT')
self.assertEqual(Subject('/C=AT/CN=example.com').get('CN', 'x'), 'example.com')
# test default value
self.assertIsNone(Subject('/C=AT/OU=foo/CN=example.com').get('L'))
self.assertEqual(Subject('/C=AT/OU=foo/CN=example.com').get('L', 'foo'), 'foo')
self.assertIsNone(Subject('/C=AT/OU=foo/CN=example.com').get(NameOID.LOCALITY_NAME))
self.assertEqual(Subject('/C=AT/OU=foo/CN=example.com').get(NameOID.LOCALITY_NAME, 'foo'), 'foo') 示例7: generate_csr
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def generate_csr(key, domainname):
private_key = serialization.load_pem_private_key(key, password=None,
backend=default_backend())
csr = x509.CertificateSigningRequestBuilder().subject_name(x509.Name([
# Provide various details about who we are.
x509.NameAttribute(NameOID.COUNTRY_NAME, u"BR"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"RJ"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"Rio de Janeiro"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"globo.com"),
x509.NameAttribute(NameOID.COMMON_NAME, domainname),
])).add_extension(
x509.SubjectAlternativeName([x509.DNSName(domainname)]),
critical=False,
).sign(private_key, hashes.SHA256(), default_backend())
return csr.public_bytes(serialization.Encoding.PEM) 示例8: serialize
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def serialize(self,
# password=None,
country=u"US",
state=u"CA",
city=u"San Francisco",
company=u"Lokey Examle",
common_name=u"example.com"):
# This should be handled already
# if not password:
# password = None
key = serialization.load_pem_private_key(
self.to('pem'),
password=None,
backend=default_backend())
subject = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, country),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, state),
x509.NameAttribute(NameOID.LOCALITY_NAME, city),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, company),
x509.NameAttribute(NameOID.COMMON_NAME, common_name),
])
cert = x509.CertificateSigningRequestBuilder().subject_name(
subject
).sign(key, hashes.SHA256(), default_backend())
return cert.public_bytes(serialization.Encoding.PEM) 示例9: _encode_name_entry
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def _encode_name_entry(backend, attribute):
value = attribute.value.encode('utf8')
obj = _txt2obj_gc(backend, attribute.oid.dotted_string)
if attribute.oid == NameOID.COUNTRY_NAME:
# Per RFC5280 Appendix A.1 countryName should be encoded as
# PrintableString, not UTF8String
type = backend._lib.MBSTRING_ASC
else:
type = backend._lib.MBSTRING_UTF8
name_entry = backend._lib.X509_NAME_ENTRY_create_by_OBJ(
backend._ffi.NULL, obj, type, value, -1
)
return name_entry 示例10: __init__
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def __init__(self, oid, value, _type=_SENTINEL):
if not isinstance(oid, ObjectIdentifier):
raise TypeError(
"oid argument must be an ObjectIdentifier instance."
)
if not isinstance(value, six.text_type):
raise TypeError(
"value argument must be a text type."
)
if (
oid == NameOID.COUNTRY_NAME or
oid == NameOID.JURISDICTION_COUNTRY_NAME
):
if len(value.encode("utf8")) != 2:
raise ValueError(
"Country name must be a 2 character country code"
)
if len(value) == 0:
raise ValueError("Value cannot be an empty string")
# The appropriate ASN1 string type varies by OID and is defined across
# multiple RFCs including 2459, 3280, and 5280. In general UTF8String
# is preferred (2459), but 3280 and 5280 specify several OIDs with
# alternate types. This means when we see the sentinel value we need
# to look up whether the OID has a non-UTF8 type. If it does, set it
# to that. Otherwise, UTF8!
if _type == _SENTINEL:
_type = _NAMEOID_DEFAULT_TYPE.get(oid, _ASN1Type.UTF8String)
if not isinstance(_type, _ASN1Type):
raise TypeError("_type must be from the _ASN1Type enum")
self._oid = oid
self._value = value
self._type = _type 示例11: __init__
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def __init__(self, oid, value, _type=_SENTINEL):
if not isinstance(oid, ObjectIdentifier):
raise TypeError(
"oid argument must be an ObjectIdentifier instance."
)
if not isinstance(value, six.text_type):
raise TypeError(
"value argument must be a text type."
)
if (
oid == NameOID.COUNTRY_NAME or
oid == NameOID.JURISDICTION_COUNTRY_NAME
):
if len(value.encode("utf8")) != 2:
raise ValueError(
"Country name must be a 2 character country code"
)
# The appropriate ASN1 string type varies by OID and is defined across
# multiple RFCs including 2459, 3280, and 5280. In general UTF8String
# is preferred (2459), but 3280 and 5280 specify several OIDs with
# alternate types. This means when we see the sentinel value we need
# to look up whether the OID has a non-UTF8 type. If it does, set it
# to that. Otherwise, UTF8!
if _type == _SENTINEL:
_type = _NAMEOID_DEFAULT_TYPE.get(oid, _ASN1Type.UTF8String)
if not isinstance(_type, _ASN1Type):
raise TypeError("_type must be from the _ASN1Type enum")
self._oid = oid
self._value = value
self._type = _type 示例12: csr
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def csr(private_key: rsa.RSAPrivateKey) -> x509.CertificateSigningRequest:
b = x509.CertificateSigningRequestBuilder()
req = b.subject_name(x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Commandment"),
x509.NameAttribute(NameOID.COMMON_NAME, u"Commandment"),
])).sign(private_key, hashes.SHA256(), default_backend())
return req 示例13: test_dirname
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def test_dirname(self):
self.assertEqual(parse_general_name('/CN=example.com'), x509.DirectoryName(x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, 'example.com'),
])))
self.assertEqual(parse_general_name('dirname:/CN=example.com'), x509.DirectoryName(x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, 'example.com'),
])))
self.assertEqual(parse_general_name('dirname:/C=AT/CN=example.com'), x509.DirectoryName(x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, 'AT'),
x509.NameAttribute(NameOID.COMMON_NAME, 'example.com'),
]))) 示例14: test_init_name
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def test_init_name(self):
name = x509.Name(attributes=[
x509.NameAttribute(oid=NameOID.COUNTRY_NAME, value=u'AT'),
x509.NameAttribute(oid=NameOID.COMMON_NAME, value=u'example.com'),
])
self.assertEqual(str(Subject(name)), '/C=AT/CN=example.com') 示例15: test_contains
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import COUNTRY_NAME [as 别名]
def test_contains(self):
self.assertIn('CN', Subject('/CN=example.com'))
self.assertIn(NameOID.COMMON_NAME, Subject('/CN=example.com'))
self.assertNotIn(NameOID.LOCALITY_NAME, Subject('/CN=example.com'))
self.assertNotIn(NameOID.COUNTRY_NAME, Subject('/CN=example.com'))
self.assertIn(NameOID.COUNTRY_NAME, Subject('/C=AT/CN=example.com'))
self.assertIn(NameOID.COMMON_NAME, Subject('/C=AT/CN=example.com'))