本文整理汇总了Python中cryptography.x509.oid.NameOID.LOCALITY_NAME属性的典型用法代码示例。如果您正苦于以下问题:Python NameOID.LOCALITY_NAME属性的具体用法?Python NameOID.LOCALITY_NAME怎么用?Python NameOID.LOCALITY_NAME使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类cryptography.x509.oid.NameOID的用法示例。
在下文中一共展示了NameOID.LOCALITY_NAME属性的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: certificate
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def certificate(private_key: rsa.RSAPrivateKey) -> x509.Certificate:
b = x509.CertificateBuilder()
name = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Commandment"),
x509.NameAttribute(NameOID.COMMON_NAME, u"CA-CERTIFICATE"),
])
cer = b.subject_name(name).issuer_name(name).public_key(
private_key.public_key()
).serial_number(1).not_valid_before(
datetime.datetime.utcnow()
).not_valid_after(
datetime.datetime.utcnow() + datetime.timedelta(days=10)
).add_extension(
x509.BasicConstraints(ca=False, path_length=None), True
).sign(private_key, hashes.SHA256(), default_backend())
return cer 示例2: ca_certificate
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def ca_certificate(private_key: rsa.RSAPrivateKey) -> x509.Certificate:
b = x509.CertificateBuilder()
name = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Commandment"),
x509.NameAttribute(NameOID.COMMON_NAME, u"CA-CERTIFICATE"),
])
cert = b.serial_number(1).issuer_name(
name
).subject_name(
name
).public_key(
private_key.public_key()
).not_valid_before(
datetime.datetime.utcnow()
).not_valid_after(
datetime.datetime.utcnow() + datetime.timedelta(days=10)
).add_extension(
x509.BasicConstraints(ca=True, path_length=None), True
).sign(private_key, hashes.SHA256(), default_backend())
return cert 示例3: test_getitem
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def test_getitem(self):
self.assertEqual(Subject('/CN=example.com')['CN'], 'example.com')
self.assertEqual(Subject('/C=AT/CN=example.com')['C'], 'AT')
self.assertEqual(Subject('/C=AT/CN=example.com')['CN'], 'example.com')
# try NameOID:
self.assertEqual(Subject('/CN=example.com')[NameOID.COMMON_NAME], 'example.com')
self.assertEqual(Subject('/C=AT/CN=example.com')[NameOID.COUNTRY_NAME], 'AT')
self.assertEqual(Subject('/C=AT/CN=example.com')[NameOID.COMMON_NAME], 'example.com')
# OUs
self.assertEqual(Subject('/C=AT/OU=foo/CN=example.com')['OU'], ['foo'])
self.assertEqual(Subject('/C=AT/OU=foo/OU=bar/CN=example.com')['OU'], ['foo', 'bar'])
# test keyerror
with self.assertRaisesRegex(KeyError, r"^'L'$"):
Subject('/C=AT/OU=foo/CN=example.com')['L']
with self.assertRaisesRegex(KeyError, r"^'L'$"):
Subject('/C=AT/OU=foo/CN=example.com')[NameOID.LOCALITY_NAME] 示例4: test_get
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def test_get(self):
self.assertEqual(Subject('/CN=example.com').get('CN'), 'example.com')
self.assertEqual(Subject('/C=AT/CN=example.com').get('C'), 'AT')
self.assertEqual(Subject('/C=AT/CN=example.com').get('CN'), 'example.com')
# try NameOID:
self.assertEqual(Subject('/CN=example.com').get(NameOID.COMMON_NAME), 'example.com')
self.assertEqual(Subject('/C=AT/CN=example.com').get(NameOID.COUNTRY_NAME), 'AT')
self.assertEqual(Subject('/C=AT/CN=example.com').get(NameOID.COMMON_NAME), 'example.com')
# OUs
self.assertEqual(Subject('/C=AT/OU=foo/CN=example.com').get('OU'), ['foo'])
self.assertEqual(Subject('/C=AT/OU=foo/OU=bar/CN=example.com').get('OU'), ['foo', 'bar'])
# test that default doesn't overwrite anytying
self.assertEqual(Subject('/CN=example.com').get('CN', 'x'), 'example.com')
self.assertEqual(Subject('/C=AT/CN=example.com').get('C', 'x'), 'AT')
self.assertEqual(Subject('/C=AT/CN=example.com').get('CN', 'x'), 'example.com')
# test default value
self.assertIsNone(Subject('/C=AT/OU=foo/CN=example.com').get('L'))
self.assertEqual(Subject('/C=AT/OU=foo/CN=example.com').get('L', 'foo'), 'foo')
self.assertIsNone(Subject('/C=AT/OU=foo/CN=example.com').get(NameOID.LOCALITY_NAME))
self.assertEqual(Subject('/C=AT/OU=foo/CN=example.com').get(NameOID.LOCALITY_NAME, 'foo'), 'foo') 示例5: generate_csr
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def generate_csr(key, domainname):
private_key = serialization.load_pem_private_key(key, password=None,
backend=default_backend())
csr = x509.CertificateSigningRequestBuilder().subject_name(x509.Name([
# Provide various details about who we are.
x509.NameAttribute(NameOID.COUNTRY_NAME, u"BR"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"RJ"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"Rio de Janeiro"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"globo.com"),
x509.NameAttribute(NameOID.COMMON_NAME, domainname),
])).add_extension(
x509.SubjectAlternativeName([x509.DNSName(domainname)]),
critical=False,
).sign(private_key, hashes.SHA256(), default_backend())
return csr.public_bytes(serialization.Encoding.PEM) 示例6: serialize
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def serialize(self,
# password=None,
country=u"US",
state=u"CA",
city=u"San Francisco",
company=u"Lokey Examle",
common_name=u"example.com"):
# This should be handled already
# if not password:
# password = None
key = serialization.load_pem_private_key(
self.to('pem'),
password=None,
backend=default_backend())
subject = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, country),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, state),
x509.NameAttribute(NameOID.LOCALITY_NAME, city),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, company),
x509.NameAttribute(NameOID.COMMON_NAME, common_name),
])
cert = x509.CertificateSigningRequestBuilder().subject_name(
subject
).sign(key, hashes.SHA256(), default_backend())
return cert.public_bytes(serialization.Encoding.PEM) 示例7: csr
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def csr(private_key: rsa.RSAPrivateKey) -> x509.CertificateSigningRequest:
b = x509.CertificateSigningRequestBuilder()
req = b.subject_name(x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Commandment"),
x509.NameAttribute(NameOID.COMMON_NAME, u"Commandment"),
])).sign(private_key, hashes.SHA256(), default_backend())
return req 示例8: test_contains
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def test_contains(self):
self.assertIn('CN', Subject('/CN=example.com'))
self.assertIn(NameOID.COMMON_NAME, Subject('/CN=example.com'))
self.assertNotIn(NameOID.LOCALITY_NAME, Subject('/CN=example.com'))
self.assertNotIn(NameOID.COUNTRY_NAME, Subject('/CN=example.com'))
self.assertIn(NameOID.COUNTRY_NAME, Subject('/C=AT/CN=example.com'))
self.assertIn(NameOID.COMMON_NAME, Subject('/C=AT/CN=example.com')) 示例9: get_certificate_and_private_key
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def get_certificate_and_private_key(self):
private_key = rsa.generate_private_key(public_exponent=3,
key_size=1024,
backend=default_backend())
issuer = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"FI"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"Helsinki"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Some Company"),
x509.NameAttribute(NameOID.COMMON_NAME, u"Test Certificate"),
])
cert_builder = x509.CertificateBuilder(
issuer_name=issuer, subject_name=issuer,
public_key=private_key.public_key(),
serial_number=x509.random_serial_number(),
not_valid_before=datetime.utcnow(),
not_valid_after=datetime.utcnow() + timedelta(days=10)
)
cert = cert_builder.sign(private_key,
hashes.SHA256(),
default_backend())
cert_pem = cert.public_bytes(encoding=serialization.Encoding.PEM)
key_pem = private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption())
return cert_pem, key_pem 示例10: generate_x509_name
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def generate_x509_name(self, cn):
"""
For the given common name string, generate and return an x509.Name, with
attributes configured in the settings.
"""
name_attributes = [
x509.NameAttribute(NameOID.COMMON_NAME, cn),
]
if self.settings['csr_country_name']:
name_attributes.append(
x509.NameAttribute(
NameOID.COUNTRY_NAME,
self.settings['csr_country_name'],
)
)
if self.settings['csr_state_or_province_name']:
name_attributes.append(
x509.NameAttribute(
NameOID.STATE_OR_PROVINCE_NAME,
self.settings['csr_state_or_province_name'],
)
)
if self.settings['csr_locality_name']:
name_attributes.append(
x509.NameAttribute(
NameOID.LOCALITY_NAME,
self.settings['csr_locality_name'],
)
)
if self.settings['csr_organization_name']:
name_attributes.append(
x509.NameAttribute(
NameOID.ORGANIZATION_NAME,
self.settings['csr_organization_name'],
)
)
return x509.Name(name_attributes) 示例11: generate_key_and_cert
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def generate_key_and_cert():
signing_key = rsa.generate_private_key(
backend=crypto_default_backend(),
public_exponent=65537,
key_size=2048
)
subject = issuer = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"My Company"),
x509.NameAttribute(NameOID.COMMON_NAME, u"example.com"),
])
signing_cert = x509.CertificateBuilder().subject_name(
subject
).issuer_name(
issuer
).public_key(
signing_key.public_key()
).serial_number(
x509.random_serial_number()
).not_valid_before(
datetime.utcnow()
).not_valid_after(
# Our certificate will be valid for 10 days
datetime.utcnow() + timedelta(days=10)
# Sign our certificate with our private key
).sign(
signing_key, hashes.SHA256(), crypto_default_backend()
).public_bytes(crypto_serialization.Encoding.DER)
return signing_key, signing_cert 示例12: cert_name
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def cert_name(common_name):
"""
Create x509.Name
"""
return x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, "US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, "San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, "D2iQ, Inc."),
x509.NameAttribute(NameOID.COMMON_NAME, common_name),
]) 示例13: create_certificate
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def create_certificate(self):
self.private_key = self.generate_private_key()
subject = issuer = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"WA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"Seattle"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Amazon Alexa"),
x509.NameAttribute(
NameOID.COMMON_NAME, u"{}".format(self.PREPOPULATED_CERT_URL)),
])
self.mock_certificate = x509.CertificateBuilder().subject_name(
name=subject).issuer_name(
name=issuer).public_key(
key=self.private_key.public_key()).serial_number(
number=x509.random_serial_number()).not_valid_before(
time=datetime.utcnow() - timedelta(minutes=1)).not_valid_after(
time=datetime.utcnow() + timedelta(minutes=1)).add_extension(
extension=x509.SubjectAlternativeName(
[x509.DNSName(u"{}".format(CERT_CHAIN_DOMAIN))]),
critical=False).sign(
private_key=self.private_key,
algorithm=SHA1(),
backend=default_backend()
)
self.request_verifier._cert_cache[
self.PREPOPULATED_CERT_URL] = self.mock_certificate 示例14: generate_ca
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def generate_ca(cls):
key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
backend=default_backend()
)
subject = issuer = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"BR"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"RJ"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"Rio de Janeiro"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Tsuru Inc"),
x509.NameAttribute(NameOID.COMMON_NAME, u"tsuru.io"),
])
cert = x509.CertificateBuilder().subject_name(
subject
).issuer_name(
issuer
).public_key(
key.public_key()
).serial_number(
x509.random_serial_number()
).not_valid_before(
datetime.datetime.utcnow()
).not_valid_after(
datetime.datetime.utcnow() + datetime.timedelta(days=10)
).add_extension(
x509.SubjectAlternativeName([x509.DNSName(u"tsuru.io")]),
critical=False,
).sign(key, hashes.SHA256(), default_backend())
key = key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption(),
)
cert = cert.public_bytes(serialization.Encoding.PEM)
return key, cert 示例15: subject_name
# 需要导入模块: from cryptography.x509.oid import NameOID [as 别名]
# 或者: from cryptography.x509.oid.NameOID import LOCALITY_NAME [as 别名]
def subject_name(self):
attribute_list = []
if self.common_name:
attribute_list.append(
x509.NameAttribute(
NameOID.COMMON_NAME, text_type(self.common_name)
)
)
if self.organization:
attribute_list.append(
x509.NameAttribute(
NameOID.ORGANIZATION_NAME, text_type(self.organization)
)
)
if self.organizational_unit:
attribute_list.append(
x509.NameAttribute(
NameOID.ORGANIZATIONAL_UNIT_NAME,
text_type(self.organizational_unit),
)
)
if self.country:
attribute_list.append(
x509.NameAttribute(
NameOID.COUNTRY_NAME, text_type(self.country)
)
)
if self.state:
attribute_list.append(
x509.NameAttribute(
NameOID.STATE_OR_PROVINCE_NAME, text_type(self.state)
)
)
if self.city:
attribute_list.append(
x509.NameAttribute(NameOID.LOCALITY_NAME, text_type(self.city))
)
if self.email_id:
attribute_list.append(
x509.NameAttribute(
NameOID.EMAIL_ADDRESS, text_type(self.email_id)
)
)
return x509.Name(attribute_list)