本文整理汇总了Python中sfa.trust.gid.GID.set_is_ca方法的典型用法代码示例。如果您正苦于以下问题:Python GID.set_is_ca方法的具体用法?Python GID.set_is_ca怎么用?Python GID.set_is_ca使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类sfa.trust.gid.GID的用法示例。
在下文中一共展示了GID.set_is_ca方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: create_cert
# 需要导入模块: from sfa.trust.gid import GID [as 别名]
# 或者: from sfa.trust.gid.GID import set_is_ca [as 别名]
def create_cert(urn, issuer_key=None, issuer_cert=None, ca=False,
public_key=None, lifeDays=1825, email=None):
'''Create a new certificate and return it and the associated keys.
If issuer cert and key are given, they sign the certificate. Otherwise
it is a self-signed certificate.
If ca then mark this as a CA certificate (can sign other certs).
lifeDays is the lifetime of the supplied cert - default is 1825 (5 years).
Certificate URN must be supplied.
CN of the cert will be dotted notation authority.type.name from the URN.
'''
# Note the below throws a ValueError if it wasnt a valid URN
c_urn = URN(urn=urn)
dotted = '%s.%s.%s' % (c_urn.getAuthority(), c_urn.getType(), c_urn.getName())
subject = dict()
subject['CN'] = dotted[:64]
if email:
subject['emailAddress'] = email
newgid = GID(create=True, subject=subject, urn=urn, lifeDays=lifeDays)
if public_key is None:
# create a new key pair
keys = Keypair(create=True)
else:
# use the specified public key file
keys = Keypair()
keys.load_pubkey_from_file(public_key)
newgid.set_pubkey(keys)
newgid.set_is_ca(ca)
if issuer_key and issuer_cert:
# the given issuer will issue this cert
if isinstance(issuer_key,str):
issuer_key = Keypair(filename=issuer_key)
if isinstance(issuer_cert,str):
issuer_cert = GID(filename=issuer_cert)
newgid.set_issuer(issuer_key, cert=issuer_cert)
newgid.set_parent(issuer_cert)
else:
# create a self-signed cert
newgid.set_issuer(keys, subject=dotted)
newgid.encode()
newgid.sign()
return newgid, keys