本文整理汇总了Python中OpenSSL.crypto.dump_privatekey方法的典型用法代码示例。如果您正苦于以下问题:Python crypto.dump_privatekey方法的具体用法?Python crypto.dump_privatekey怎么用?Python crypto.dump_privatekey使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类OpenSSL.crypto的用法示例。
在下文中一共展示了crypto.dump_privatekey方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: generate_adhoc_ssl_context
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def generate_adhoc_ssl_context():
"""Generates an adhoc SSL context for the development server."""
crypto = _get_openssl_crypto_module()
import tempfile
import atexit
cert, pkey = generate_adhoc_ssl_pair()
cert_handle, cert_file = tempfile.mkstemp()
pkey_handle, pkey_file = tempfile.mkstemp()
atexit.register(os.remove, pkey_file)
atexit.register(os.remove, cert_file)
os.write(cert_handle, crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
os.write(pkey_handle, crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
os.close(cert_handle)
os.close(pkey_handle)
ctx = load_ssl_context(cert_file, pkey_file)
return ctx 示例2: gen_cert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def gen_cert(self, cn, key_size=2048, days=9999):
logging.debug("Generating cert for " + cn)
cacert = crypto.load_certificate(crypto.FILETYPE_PEM, self.cert)
cakey = crypto.load_privatekey(crypto.FILETYPE_PEM, self.key)
pkey = createKeyPair(crypto.TYPE_RSA, key_size)
req = createCertRequest(pkey, CN=cn)
cert = createCertificate(req, (cacert, cakey), 1, (0, 60*60*24*days))
key_data = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
cert_data = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
return Cert(key_data, cert_data, self.cert)
#
# Multi-Threaded Generator Plumbing
# 示例3: generate_cert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def generate_cert(project_name):
"""Generate a self signed cerficate."""
# Defer imports to avoid issues on Python 2.
from OpenSSL import crypto
key = crypto.PKey()
key.generate_key(crypto.TYPE_RSA, 2048)
cert = crypto.X509()
cert.get_subject().C = 'US'
cert.get_subject().CN = '*' + untrusted.internal_network_domain()
cert.get_subject().O = project_name
cert.set_serial_number(9001)
cert.set_notBefore(b'20000101000000Z')
cert.set_notAfter(b'21000101000000Z')
cert.set_issuer(cert.get_subject())
cert.set_pubkey(key)
cert.sign(key, 'sha256')
cert_contents = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
key_contents = crypto.dump_privatekey(crypto.FILETYPE_PEM, key)
return cert_contents, key_contents 示例4: test_dump_privatekey_passphraseCallback
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def test_dump_privatekey_passphraseCallback(self):
"""
:py:obj:`dump_privatekey` writes an encrypted PEM when given a callback which
returns the correct passphrase.
"""
passphrase = b("foo")
called = []
def cb(writing):
called.append(writing)
return passphrase
key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM)
pem = dump_privatekey(FILETYPE_PEM, key, GOOD_CIPHER, cb)
self.assertTrue(isinstance(pem, binary_type))
self.assertEqual(called, [True])
loadedKey = load_privatekey(FILETYPE_PEM, pem, passphrase)
self.assertTrue(isinstance(loadedKey, PKeyType))
self.assertEqual(loadedKey.type(), key.type())
self.assertEqual(loadedKey.bits(), key.bits()) 示例5: generate_keypair
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def generate_keypair(uuid):
hostname = socket.gethostname()
# create a key pair
keypair = crypto.PKey()
keypair.generate_key(crypto.TYPE_RSA, 2048)
# create a self-signed cert
cert = crypto.X509()
cert.set_version(2)
cert.get_subject().CN = str(uuid)+"/"+hostname
cert.get_issuer().CN = str(uuid)+"/"+hostname
cert.set_serial_number(1000)
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(10*365*24*60*60)
cert.set_pubkey(keypair)
cert.sign(keypair, 'sha256')
certificate = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
privatekey = crypto.dump_privatekey(crypto.FILETYPE_PEM, keypair)
return certificate, privatekey 示例6: test_certificate_matches_private_key
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def test_certificate_matches_private_key(self):
"""
A certificate matches the private key it is meant to
be paired with.
"""
path = FilePath(self.mktemp())
path.makedirs()
ca = RootCredential.initialize(path, b"mycluster")
priv = ca.credential.keypair.keypair.original
pub = ca.credential.certificate.getPublicKey().original
pub_asn1 = crypto.dump_privatekey(crypto.FILETYPE_ASN1, pub)
priv_asn1 = crypto.dump_privatekey(crypto.FILETYPE_ASN1, priv)
pub_der = asn1.DerSequence()
pub_der.decode(pub_asn1)
priv_der = asn1.DerSequence()
priv_der.decode(priv_asn1)
pub_modulus = pub_der[1]
priv_modulus = priv_der[1]
self.assertEqual(pub_modulus, priv_modulus) 示例7: SelfSignedCertificate
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def SelfSignedCertificate():
# create a key pair
k = crypto.PKey()
k.generate_key(crypto.TYPE_RSA, 1024)
# create a self-signed cert
cert = crypto.X509()
cert.get_subject().C = "IL"
cert.get_subject().ST = "Jerusalem"
cert.get_subject().L = "Jerusalem"
cert.get_subject().OU = "DevOps Loft"
cert.get_subject().CN = gethostname()
cert.set_serial_number(1000)
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(10*365*24*60*60)
cert.set_issuer(cert.get_subject())
cert.set_pubkey(k)
cert.sign(k, 'sha1')
with open(CERT_FILE, "wb") as cert_f:
cert_f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
with open(KEY_FILE, "wb") as key_f:
key_f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, k)) 示例8: create_self_signed_cert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def create_self_signed_cert(name="localhost"):
from OpenSSL import crypto
# create key pair
key = crypto.PKey()
key.generate_key(crypto.TYPE_RSA, 2048)
# create self-signed certificate
cert = crypto.X509()
cert.get_subject().CN = name
cert.set_serial_number(1000)
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(10 * 365 * 86400)
cert.set_issuer(cert.get_subject())
cert.set_pubkey(key)
cert.sign(key, "sha1")
with open(CERT_FILE, "wb") as fp:
fp.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
with open(KEY_FILE, "wb") as fp:
fp.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, key)) 示例9: dump_pkcs12_cert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def dump_pkcs12_cert(self, password: str):
"""Get the private key and cert from pkcs12 cert
Args:
password (str): Password for certificate
Returns:
Chepy: The Chepy object.
"""
if isinstance(password, str):
password = password.encode()
pk12 = _pyssl_crypto.load_pkcs12(self._convert_to_bytes(), password)
self.state = {
"private": _pyssl_crypto.dump_privatekey(
_pyssl_crypto.FILETYPE_PEM, pk12.get_privatekey()
),
"cert": _pyssl_crypto.dump_certificate(
_pyssl_crypto.FILETYPE_PEM, pk12.get_certificate()
),
}
return self 示例10: generateImpacketCert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def generateImpacketCert(certname='/tmp/impacket.crt'):
# Create a private key
pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, 2048)
# Create the certificate
cert = crypto.X509()
cert.gmtime_adj_notBefore(0)
# Valid for 5 years
cert.gmtime_adj_notAfter(60*60*24*365*5)
subj = cert.get_subject()
subj.CN = 'impacket'
cert.set_pubkey(pkey)
cert.sign(pkey, "sha256")
# We write both from the same file
with open(certname, 'w') as certfile:
certfile.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey).decode('utf-8'))
certfile.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode('utf-8'))
LOG.debug('Wrote certificate to %s' % certname)
# Class to wrap the client socket in SSL when serving as a SOCKS server 示例11: gen_cert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def gen_cert(self):
key_pair = crypto.PKey()
key_pair.generate_key(crypto.TYPE_RSA, 2048)
cert = crypto.X509()
cert.get_subject().O = 'Loki'
cert.get_subject().CN = 'Sami'
cert.get_subject().OU = 'Pure-L0G1C'
cert.get_subject().C = 'US'
cert.get_subject().L = 'Los Santos'
cert.get_subject().ST = 'California'
cert.set_serial_number(SystemRandom().randint(2048 ** 8, 4096 ** 8))
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(256 * 409600)
cert.set_issuer(cert.get_subject())
cert.set_pubkey(key_pair)
cert.sign(key_pair, 'sha256')
with open(const.CERT_FILE, 'wb') as f:
f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
with open(const.KEY_FILE, 'wb') as f:
f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, key_pair)) 示例12: make_ssl_devcert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def make_ssl_devcert(base_path, host=None, cn=None):
"""Creates an SSL key for development. This should be used instead of
the ``'adhoc'`` key which generates a new cert on each server start.
It accepts a path for where it should store the key and cert and
either a host or CN. If a host is given it will use the CN
``*.host/CN=host``.
For more information see :func:`run_simple`.
.. versionadded:: 0.9
:param base_path: the path to the certificate and key. The extension
``.crt`` is added for the certificate, ``.key`` is
added for the key.
:param host: the name of the host. This can be used as an alternative
for the `cn`.
:param cn: the `CN` to use.
"""
from OpenSSL import crypto
if host is not None:
cn = "*.%s/CN=%s" % (host, host)
cert, pkey = generate_adhoc_ssl_pair(cn=cn)
cert_file = base_path + ".crt"
pkey_file = base_path + ".key"
with open(cert_file, "wb") as f:
f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
with open(pkey_file, "wb") as f:
f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
return cert_file, pkey_file 示例13: make_ssl_devcert
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def make_ssl_devcert(base_path, host=None, cn=None):
"""Creates an SSL key for development. This should be used instead of
the ``'adhoc'`` key which generates a new cert on each server start.
It accepts a path for where it should store the key and cert and
either a host or CN. If a host is given it will use the CN
``*.host/CN=host``.
For more information see :func:`run_simple`.
.. versionadded:: 0.9
:param base_path: the path to the certificate and key. The extension
``.crt`` is added for the certificate, ``.key`` is
added for the key.
:param host: the name of the host. This can be used as an alternative
for the `cn`.
:param cn: the `CN` to use.
"""
from OpenSSL import crypto
if host is not None:
cn = '*.%s/CN=%s' % (host, host)
cert, pkey = generate_adhoc_ssl_pair(cn=cn)
cert_file = base_path + '.crt'
pkey_file = base_path + '.key'
with open(cert_file, 'wb') as f:
f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
with open(pkey_file, 'wb') as f:
f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
return cert_file, pkey_file 示例14: new
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def new(cls, key_size=2048, days=9999):
logging.debug("Generating CA cert...")
cakey = createKeyPair(crypto.TYPE_RSA, key_size)
careq = createCertRequest(cakey, CN='PcoccUserCA')
cacert = createCertificate(careq, (careq, cakey), 0, (0, 60*60*24*days))
ca_key_data = crypto.dump_privatekey(crypto.FILETYPE_PEM, cakey)
ca_cert_data = crypto.dump_certificate(crypto.FILETYPE_PEM, cacert)
logging.debug("Done generating CA cert")
return cls(ca_key_data, ca_cert_data) 示例15: _store_temp_files
# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import dump_privatekey [as 别名]
def _store_temp_files(self):
"""
Requests library requires string path to PKey and Cert - therefore we save those into
temporary files on the file system.
:return: None
"""
self.cert_temp = tempfile.NamedTemporaryFile(delete=False)
self.cert_temp.write(crypto.dump_certificate(crypto.FILETYPE_PEM, self.p12.get_certificate()))
self.cert_temp.flush()
self.pkey_temp = tempfile.NamedTemporaryFile(delete=False)
self.pkey_temp.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, self.p12.get_privatekey()))
self.pkey_temp.flush()