本文整理汇总了Python中CertUtils.init_nss_db方法的典型用法代码示例。如果您正苦于以下问题:Python CertUtils.init_nss_db方法的具体用法?Python CertUtils.init_nss_db怎么用?Python CertUtils.init_nss_db使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类CertUtils的用法示例。
在下文中一共展示了CertUtils.init_nss_db方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: generate_certs
# 需要导入模块: import CertUtils [as 别名]
# 或者: from CertUtils import init_nss_db [as 别名]
def generate_certs():
[noise_file, pwd_file] = CertUtils.init_nss_db(srcdir)
generate_ca_cert(srcdir, srcdir, noise_file, 'ca')
generate_child_cert(srcdir, srcdir, noise_file, 'int', 'ca', False, '')
ocsp_url = "http://www.example.com:8080/"
generate_child_cert(srcdir, srcdir, noise_file, "a", 'int', True, ocsp_url)
generate_child_cert(srcdir, srcdir, noise_file, "b", 'int', True, ocsp_url)示例2: generate_certs
# 需要导入模块: import CertUtils [as 别名]
# 或者: from CertUtils import init_nss_db [as 别名]
def generate_certs():
[noise_file, pwd_file] = CertUtils.init_nss_db(db)
generate_ca(db, srcdir, noise_file, "v1_ca", 1, False )
generate_ca(db, srcdir, noise_file, "v1_ca_bc", 1, True)
generate_ca(db, srcdir, noise_file, "v2_ca", 2, False )
generate_ca(db, srcdir, noise_file, "v2_ca_bc", 2, True)
generate_ca(db, srcdir, noise_file, "v3_ca", 3, True )
generate_ca(db, srcdir, noise_file, "v3_ca_missing_bc", 3, False)示例3: generate_certs
# 需要导入模块: import CertUtils [as 别名]
# 或者: from CertUtils import init_nss_db [as 别名]
def generate_certs():
[noise_file, pwd_file] = CertUtils.init_nss_db(srcdir)
generate_ca_cert(srcdir, srcdir, noise_file, 'ca')
generate_child_cert(srcdir, srcdir, noise_file, 'int', 'ca', False, '')
nick_baseurl = { 'no-path-url': "http://www.example.com:8888",
'ftp-url': "ftp://www.example.com:8888/",
'no-scheme-url': "www.example.com:8888/",
'empty-scheme-url': "://www.example.com:8888/",
'no-host-url': "http://:8888/",
'hTTp-url': "hTTp://www.example.com:8888/hTTp-url",
'https-url': "https://www.example.com:8888/https-url",
'bad-scheme': "/www.example.com",
'empty-port': "http://www.example.com:/",
'unknown-scheme': "ttp://www.example.com",
'negative-port': "http://www.example.com:-1",
'no-scheme-host-port': "/" }
for nick, url in nick_baseurl.iteritems():
generate_child_cert(srcdir, srcdir, noise_file, nick, 'int', True, url)示例4: generate_and_import_cert
# 需要导入模块: import CertUtils [as 别名]
# 或者: from CertUtils import init_nss_db [as 别名]
ca_ext_text,
'',
'',
60)
[int_nick, int_key_file, int_cert_file] = generate_and_import_cert(
'int',
root_nick,
ca_ext_text,
root_key_file,
root_cert_file,
60)
generate_and_import_cert(
'ee',
int_nick,
'',
int_key_file,
int_cert_file,
ee_validity_months)
# Create a NSS DB for use by the OCSP responder.
[noise_file, pwd_file] = CertUtils.init_nss_db(src_dir)
generate_chain(39)
generate_chain(40)
# Remove unnecessary files
os.remove(noise_file)
os.remove(pwd_file)
示例5: generate_and_maybe_import_cert
# 需要导入模块: import CertUtils [as 别名]
# 或者: from CertUtils import init_nss_db [as 别名]
adequate_key_size,
generate_ev)
# Generate chain with an end entity cert that has an inadequate size
generate_and_maybe_import_cert(
key_type,
'ee',
intOK_nick,
ee_ext_text,
intOK_key,
intOK_cert,
inadequate_key_size,
generate_ev)
# Create a NSS DB for use by the OCSP responder.
CertUtils.init_nss_db(srcdir)
# TODO(bug 636807): SECKEY_PublicKeyStrengthInBits() rounds up the number of
# bits to the next multiple of 8 - therefore the highest key size less than 1024
# that can be tested is 1016, less than 2048 is 2040 and so on.
generate_certs('rsa', '1016', '1024', False)
generate_certs('rsa', '2040', '2048', True)
# Print a blank line and the information needed to enable EV for any roots
# generated by this script.
print
for cert_filename in generated_ev_root_filenames:
CertUtils.print_cert_info(cert_filename)
print ('You now MUST update the compiled test EV root information to match ' +
'the EV root information printed above.')
示例6: generate_certs
# 需要导入模块: import CertUtils [as 别名]
# 或者: from CertUtils import init_nss_db [as 别名]
def generate_certs():
ca_cert = 'evroot.der'
ca_key = 'evroot.key'
prefix = "ev-valid"
key_type = 'rsa'
ee_ext_text = (aia_prefix + prefix + aia_suffix +
endentity_crl + mozilla_testing_ev_policy)
int_ext_text = (CA_extensions + aia_prefix + "int-" + prefix + aia_suffix +
intermediate_crl + mozilla_testing_ev_policy)
CertUtils.init_nss_db(srcdir)
CertUtils.import_cert_and_pkcs12(srcdir, ca_cert, 'evroot.p12', 'evroot',
'C,C,C')
[int_key, int_cert, ee_key, ee_cert] = CertUtils.generate_int_and_ee(db,
srcdir,
ca_key,
ca_cert,
prefix,
int_ext_text,
ee_ext_text,
key_type)
pk12file = CertUtils.generate_pkcs12(db, db, int_cert, int_key,
"int-" + prefix)
CertUtils.import_cert_and_pkcs12(srcdir, int_cert, pk12file,
'int-' + prefix, ',,')
import_untrusted_cert(ee_cert, prefix)
# now we generate an end entity cert with an AIA with no OCSP URL
no_ocsp_url_ext_aia = ("authorityInfoAccess =" +
"caIssuers;URI:http://www.example.com/ca.html\n");
[no_ocsp_key, no_ocsp_cert] = CertUtils.generate_cert_generic(db,
srcdir,
random.randint(100, 40000000),
key_type,
'no-ocsp-url-cert',
no_ocsp_url_ext_aia + endentity_crl +
mozilla_testing_ev_policy,
int_key, int_cert);
import_untrusted_cert(no_ocsp_cert, 'no-ocsp-url-cert');
# add an ev cert whose intermediate has a anypolicy oid
prefix = "ev-valid-anypolicy-int"
ee_ext_text = (aia_prefix + prefix + aia_suffix +
endentity_crl + mozilla_testing_ev_policy)
int_ext_text = (CA_extensions + aia_prefix + "int-" + prefix + aia_suffix +
intermediate_crl + anypolicy_policy)
[int_key, int_cert, ee_key, ee_cert] = CertUtils.generate_int_and_ee(db,
srcdir,
ca_key,
ca_cert,
prefix,
int_ext_text,
ee_ext_text,
key_type)
pk12file = CertUtils.generate_pkcs12(db, db, int_cert, int_key,
"int-" + prefix)
CertUtils.import_cert_and_pkcs12(srcdir, int_cert, pk12file,
'int-' + prefix, ',,')
import_untrusted_cert(ee_cert, prefix)
[bad_ca_key, bad_ca_cert] = CertUtils.generate_cert_generic( db,
srcdir,
1,
'rsa',
'non-evroot-ca',
CA_extensions)
pk12file = CertUtils.generate_pkcs12(db, db, bad_ca_cert, bad_ca_key,
"non-evroot-ca")
CertUtils.import_cert_and_pkcs12(srcdir, bad_ca_cert, pk12file,
'non-evroot-ca', 'C,C,C')
prefix = "non-ev-root"
ee_ext_text = (aia_prefix + prefix + aia_suffix +
endentity_crl + mozilla_testing_ev_policy)
int_ext_text = (CA_extensions + aia_prefix + "int-" + prefix + aia_suffix +
intermediate_crl + mozilla_testing_ev_policy)
[int_key, int_cert, ee_key, ee_cert] = CertUtils.generate_int_and_ee(db,
srcdir,
bad_ca_key,
bad_ca_cert,
prefix,
int_ext_text,
ee_ext_text,
key_type)
pk12file = CertUtils.generate_pkcs12(db, db, int_cert, int_key,
"int-" + prefix)
CertUtils.import_cert_and_pkcs12(srcdir, int_cert, pk12file,
'int-' + prefix, ',,')
import_untrusted_cert(ee_cert, prefix)