本文整理汇总了Python中OpenSSL.crypto.dump_certificate_request方法的典型用法代码示例。如果您正苦于以下问题:Python crypto.dump_certificate_request方法的具体用法?Python crypto.dump_certificate_request怎么用?Python crypto.dump_certificate_request使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类OpenSSL.crypto
的用法示例。
在下文中一共展示了crypto.dump_certificate_request方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_dump_certificate_request
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def test_dump_certificate_request(self):
"""
:py:obj:`dump_certificate_request` writes a PEM, DER, and text.
"""
req = load_certificate_request(FILETYPE_PEM, cleartextCertificateRequestPEM)
dumped_pem = dump_certificate_request(FILETYPE_PEM, req)
self.assertEqual(dumped_pem, cleartextCertificateRequestPEM)
dumped_der = dump_certificate_request(FILETYPE_ASN1, req)
good_der = _runopenssl(dumped_pem, b"req", b"-outform", b"DER")
self.assertEqual(dumped_der, good_der)
req2 = load_certificate_request(FILETYPE_ASN1, dumped_der)
dumped_pem2 = dump_certificate_request(FILETYPE_PEM, req2)
self.assertEqual(dumped_pem2, cleartextCertificateRequestPEM)
dumped_text = dump_certificate_request(FILETYPE_TEXT, req)
good_text = _runopenssl(dumped_pem, b"req", b"-noout", b"-text")
self.assertEqual(dumped_text, good_text)
self.assertRaises(ValueError, dump_certificate_request, 100, req)
示例2: test_dump_certificate_request
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def test_dump_certificate_request(self):
"""
`dump_certificate_request` writes a PEM, DER, and text.
"""
req = load_certificate_request(
FILETYPE_PEM, cleartextCertificateRequestPEM)
dumped_pem = dump_certificate_request(FILETYPE_PEM, req)
assert dumped_pem == cleartextCertificateRequestPEM
dumped_der = dump_certificate_request(FILETYPE_ASN1, req)
good_der = _runopenssl(dumped_pem, b"req", b"-outform", b"DER")
assert dumped_der == good_der
req2 = load_certificate_request(FILETYPE_ASN1, dumped_der)
dumped_pem2 = dump_certificate_request(FILETYPE_PEM, req2)
assert dumped_pem2 == cleartextCertificateRequestPEM
dumped_text = dump_certificate_request(FILETYPE_TEXT, req)
good_text = _runopenssl(
dumped_pem, b"req", b"-noout", b"-text", b"-nameopt", b"")
assert dumped_text == good_text
with pytest.raises(ValueError):
dump_certificate_request(100, req)
示例3: dump
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def dump(self, format=crypto.FILETYPE_ASN1):
return crypto.dump_certificate_request(format, self.original)
示例4: generateCertificateFiles
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def generateCertificateFiles(basename, organization, organizationalUnit):
"""
Create certificate files key, req and cert prefixed by C{basename} for
given C{organization} and C{organizationalUnit}.
"""
pkey, req, cert = generateCertificateObjects(organization, organizationalUnit)
for ext, obj, dumpFunc in [
('key', pkey, crypto.dump_privatekey),
('req', req, crypto.dump_certificate_request),
('cert', cert, crypto.dump_certificate)]:
fName = os.extsep.join((basename, ext)).encode("utf-8")
FilePath(fName).setContent(dumpFunc(crypto.FILETYPE_PEM, obj))
示例5: emit
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def emit(self, fo, filetype="pem"):
fo.write(crypto.dump_certificate_request(_FILETYPES[filetype],
self._req))
示例6: get_pem
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def get_pem(self):
return crypto.dump_certificate_request(crypto.FILETYPE_PEM, self._req)
示例7: generate
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def generate(self, module):
'''Generate the certificate signing request.'''
if not os.path.exists(self.path) or self.force:
req = crypto.X509Req()
req.set_version(self.version)
subject = req.get_subject()
for (key, value) in self.subject.items():
if value is not None:
setattr(subject, key, value)
if self.subjectAltName is not None:
req.add_extensions([crypto.X509Extension(
b"subjectAltName", False,
self.subjectAltName.encode('ascii'))])
privatekey_content = open(self.privatekey_path).read()
self.privatekey = crypto.load_privatekey(
crypto.FILETYPE_PEM, privatekey_content)
req.set_pubkey(self.privatekey)
req.sign(self.privatekey, self.digest)
self.request = req
try:
csr_file = open(self.path, 'wb')
csr_file.write(crypto.dump_certificate_request(
crypto.FILETYPE_PEM, self.request))
csr_file.close()
except (IOError, OSError) as exc:
raise CertificateSigningRequestError(exc)
else:
self.changed = False
file_args = module.load_file_common_arguments(module.params)
if module.set_fs_attributes_if_different(file_args, False):
self.changed = True
示例8: generateCSR
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def generateCSR(cn, c, st, l, o, ou, email, sans):
# TODO: support different kind/size keys???
key = crypto.PKey()
key.generate_key(crypto.TYPE_RSA, 2048)
csr = crypto.X509Req()
csr.get_subject().CN = cn
csr.get_subject().countryName = c
csr.get_subject().stateOrProvinceName = st
csr.get_subject().localityName = l
csr.get_subject().organizationName = o
csr.get_subject().organizationalUnitName = ou
csr.get_subject().emailAddress = email
# csr.get_subject().subjectAltName = 'test.example.com'
x509_extensions = ([])
# TODO: support "IP:" in addition to "DNS:" below
sans_list = []
for san in sans:
sans_list.append("DNS: {0}".format(san))
sans_list = ", ".join(sans_list).encode()
if sans_list:
x509_extensions.append(crypto.X509Extension("subjectAltName".encode(), False, sans_list))
csr.add_extensions(x509_extensions)
csr.set_pubkey(key)
csr.sign(key, "sha256")
csr_out = crypto.dump_certificate_request(crypto.FILETYPE_PEM, csr)
key_out = crypto.dump_privatekey(crypto.FILETYPE_PEM, key)
return key_out,csr_out
示例9: test_issue_certificate_request
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def test_issue_certificate_request(self):
req = certificate_utils.get_valid_csr_object()
req_enc = crypto.dump_certificate_request(crypto.FILETYPE_PEM, req)
req_enc = base64.b64encode(req_enc)
order_meta = {'request_data': req_enc}
resp = self.plugin.issue_certificate_request(self.order_id,
order_meta, {},
self.barbican_meta_dto)
crypto.load_certificate(
crypto.FILETYPE_PEM, resp.certificate.decode('base64'))
示例10: test_issue_certificate_request_with_ca_id
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def test_issue_certificate_request_with_ca_id(self):
req = certificate_utils.get_valid_csr_object()
req_enc = crypto.dump_certificate_request(crypto.FILETYPE_PEM, req)
req_enc = base64.b64encode(req_enc)
order_meta = {'request_data': req_enc}
plugin_meta = {'plugin_ca_id': self.plugin.get_default_ca_name()}
self.barbican_meta_dto.plugin_ca_id = self.plugin.get_default_ca_name()
resp = self.plugin.issue_certificate_request(self.order_id,
order_meta,
plugin_meta,
self.barbican_meta_dto)
crypto.load_certificate(
crypto.FILETYPE_PEM, resp.certificate.decode('base64'))
示例11: test_issue_raises_with_invalid_ca_id
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def test_issue_raises_with_invalid_ca_id(self):
req = certificate_utils.get_valid_csr_object()
req_enc = crypto.dump_certificate_request(crypto.FILETYPE_PEM, req)
req_enc = base64.b64encode(req_enc)
order_meta = {'request_data': req_enc}
plugin_meta = {'plugin_ca_id': "invalid_ca_id"}
self.barbican_meta_dto.plugin_ca_id = "invalid_ca_id"
self.assertRaises(
cm.CertificateGeneralException,
self.plugin.issue_certificate_request,
self.order_id,
order_meta,
plugin_meta,
self.barbican_meta_dto)
示例12: test_issue_certificate_request_set_subject
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def test_issue_certificate_request_set_subject(self):
req = certificate_utils.get_valid_csr_object()
subj = req.get_subject()
subj.countryName = 'US'
subj.stateOrProvinceName = 'OR'
subj.localityName = 'Testlandia'
subj.organizationName = 'Testers Anon'
subj.organizationalUnitName = 'Testers OU'
subj.commonName = 'Testing'
req_enc = crypto.dump_certificate_request(crypto.FILETYPE_PEM, req)
req_enc = base64.b64encode(req_enc)
order_meta = {'request_data': req_enc}
resp = self.plugin.issue_certificate_request(self.order_id,
order_meta, {},
self.barbican_meta_dto)
cert = crypto.load_certificate(
crypto.FILETYPE_PEM, resp.certificate.decode('base64'))
cert_subj = cert.get_subject()
self.assertEqual('US', cert_subj.C)
self.assertEqual('OR', cert_subj.ST)
self.assertEqual('Testlandia', cert_subj.L)
self.assertEqual('Testers Anon', cert_subj.O)
self.assertEqual('Testers OU', cert_subj.OU)
self.assertEqual('Testing', cert_subj.CN)
示例13: test_issue_certificate_request_stored_key
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def test_issue_certificate_request_stored_key(self):
req = certificate_utils.get_valid_csr_object()
req_enc = crypto.dump_certificate_request(crypto.FILETYPE_PEM, req)
self.barbican_meta_dto.generated_csr = req_enc
resp = self.plugin.issue_certificate_request(
self.order_id, {}, {}, self.barbican_meta_dto)
crypto.load_certificate(
crypto.FILETYPE_PEM, resp.certificate.decode('base64'))
示例14: create_good_csr
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def create_good_csr():
"""Generate a CSR that will pass validation."""
csr = get_valid_csr_object()
pem = crypto.dump_certificate_request(crypto.FILETYPE_PEM, csr)
return pem
示例15: create_csr_that_has_not_been_signed
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_certificate_request [as 别名]
def create_csr_that_has_not_been_signed():
"""Generate a CSR that has not been signed."""
key_pair = create_key_pair(crypto.TYPE_RSA, 2048)
csr = crypto.X509Req()
subject = csr.get_subject()
setattr(subject, "CN", "host.example.net")
csr.set_pubkey(key_pair)
pem = crypto.dump_certificate_request(crypto.FILETYPE_PEM, csr)
return pem