当前位置: 首页>>代码示例>>Python>>正文


Python crypto.load_pkcs12方法代码示例

本文整理汇总了Python中OpenSSL.crypto.load_pkcs12方法的典型用法代码示例。如果您正苦于以下问题:Python crypto.load_pkcs12方法的具体用法?Python crypto.load_pkcs12怎么用?Python crypto.load_pkcs12使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在OpenSSL.crypto的用法示例。


在下文中一共展示了crypto.load_pkcs12方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: from_string

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def from_string(key, password='notasecret'):
      """Construct a Signer instance from a string.

      Args:
        key: string, private key in PKCS12 or PEM format.
        password: string, password for the private key file.

      Returns:
        Signer instance.

      Raises:
        OpenSSL.crypto.Error if the key can't be parsed.
      """
      parsed_pem_key = _parse_pem_key(key)
      if parsed_pem_key:
        pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, parsed_pem_key)
      else:
        pkey = crypto.load_pkcs12(key, password.encode('utf8')).get_privatekey()
      return OpenSSLSigner(pkey) 
开发者ID:mortcanty,项目名称:earthengine,代码行数:21,代码来源:crypt.py

示例2: from_string

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def from_string(key, password='notasecret'):
      """Construct a Signer instance from a string.

      Args:
        key: string, private key in PKCS12 or PEM format.
        password: string, password for the private key file.

      Returns:
        Signer instance.

      Raises:
        OpenSSL.crypto.Error if the key can't be parsed.
      """
      if key.startswith('-----BEGIN '):
        pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, key)
      else:
        pkey = crypto.load_pkcs12(key, password).get_privatekey()
      return OpenSSLSigner(pkey) 
开发者ID:splunk,项目名称:splunk-ref-pas-code,代码行数:20,代码来源:crypt.py

示例3: test_key_only

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def test_key_only(self):
        """
        A :py:obj:`PKCS12` with only a private key can be exported using
        :py:obj:`PKCS12.export` and loaded again using :py:obj:`load_pkcs12`.
        """
        passwd = b"blah"
        p12 = PKCS12()
        pkey = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM)
        p12.set_privatekey(pkey)
        self.assertEqual(None, p12.get_certificate())
        self.assertEqual(pkey, p12.get_privatekey())
        try:
            dumped_p12 = p12.export(passphrase=passwd, iter=2, maciter=3)
        except Error:
            # Some versions of OpenSSL will throw an exception
            # for this nearly useless PKCS12 we tried to generate:
            # [('PKCS12 routines', 'PKCS12_create', 'invalid null argument')]
            return
        p12 = load_pkcs12(dumped_p12, passwd)
        self.assertEqual(None, p12.get_ca_certificates())
        self.assertEqual(None, p12.get_certificate())

        # OpenSSL fails to bring the key back to us.  So sad.  Perhaps in the
        # future this will be improved.
        self.assertTrue(isinstance(p12.get_privatekey(), (PKey, type(None)))) 
开发者ID:aliyun,项目名称:oss-ftp,代码行数:27,代码来源:test_crypto.py

示例4: test_load_pkcs12_text_passphrase

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def test_load_pkcs12_text_passphrase(self):
        """
        A PKCS12 string generated using the openssl command line can be loaded
        with :py:obj:`load_pkcs12` and its components extracted and examined.
        Using text as passphrase instead of bytes. DeprecationWarning expected.
        """
        pem = client_key_pem + client_cert_pem
        passwd = b"whatever"
        p12_str = _runopenssl(pem, b"pkcs12", b"-export", b"-clcerts",
                              b"-passout", b"pass:" + passwd)
        with catch_warnings(record=True) as w:
            simplefilter("always")
            p12 = load_pkcs12(p12_str, passphrase=b"whatever".decode("ascii"))

            self.assertEqual(
                "{0} for passphrase is no longer accepted, use bytes".format(
                    WARNING_TYPE_EXPECTED
                ),
                str(w[-1].message)
            )
            self.assertIs(w[-1].category, DeprecationWarning)

        self.verify_pkcs12_container(p12) 
开发者ID:aliyun,项目名称:oss-ftp,代码行数:25,代码来源:test_crypto.py

示例5: test_load_without_mac

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def test_load_without_mac(self):
        """
        Loading a PKCS12 without a MAC does something other than crash.
        """
        passwd = b"Lake Michigan"
        p12 = self.gen_pkcs12(server_cert_pem, server_key_pem, root_cert_pem)
        dumped_p12 = p12.export(maciter=-1, passphrase=passwd, iter=2)
        try:
            recovered_p12 = load_pkcs12(dumped_p12, passwd)
            # The person who generated this PCKS12 should be flogged,
            # or better yet we should have a means to determine
            # whether a PCKS12 had a MAC that was verified.
            # Anyway, libopenssl chooses to allow it, so the
            # pyopenssl binding does as well.
            self.assertTrue(isinstance(recovered_p12, PKCS12))
        except Error:
            # Failing here with an exception is preferred as some openssl
            # versions do.
            pass 
开发者ID:aliyun,项目名称:oss-ftp,代码行数:21,代码来源:test_crypto.py

示例6: from_string

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def from_string(key, password=b'notasecret'):
        """Construct a Signer instance from a string.

        Args:
            key: string, private key in PKCS12 or PEM format.
            password: string, password for the private key file.

        Returns:
            Signer instance.

        Raises:
            OpenSSL.crypto.Error if the key can't be parsed.
        """
        key = _to_bytes(key)
        parsed_pem_key = _parse_pem_key(key)
        if parsed_pem_key:
            pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, parsed_pem_key)
        else:
            password = _to_bytes(password, encoding='utf-8')
            pkey = crypto.load_pkcs12(key, password).get_privatekey()
        return OpenSSLSigner(pkey) 
开发者ID:Deltares,项目名称:aqua-monitor,代码行数:23,代码来源:_openssl_crypt.py

示例7: test_sign

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def test_sign(self):
        root = parse_xml("data/unsigned-sample.xml")
        sign = root.xpath("//ds:Signature", namespaces={"ds": xmlsig.constants.DSigNs})[
            0
        ]
        policy = GenericPolicyId(
            "http://www.facturae.es/politica_de_firma_formato_facturae/"
            "politica_de_firma_formato_facturae_v3_1.pdf",
            u"Politica de Firma FacturaE v3.1",
            xmlsig.constants.TransformSha1,
        )
        ctx = XAdESContext(policy)
        with open(path.join(BASE_DIR, "data/keyStore.p12"), "rb") as key_file:
            ctx.load_pkcs12(crypto.load_pkcs12(key_file.read()))
        with patch("xades.policy.urllib.urlopen") as mock:
            mock.return_value = UrllibMock()
            ctx.sign(sign)
            ctx.verify(sign) 
开发者ID:etobella,项目名称:python-xades,代码行数:20,代码来源:test_xades.py

示例8: dump_pkcs12_cert

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def dump_pkcs12_cert(self, password: str):
        """Get the private key and cert from pkcs12 cert
        
        Args:
            password (str): Password for certificate
        
        Returns:
            Chepy: The Chepy object. 
        """
        if isinstance(password, str):
            password = password.encode()
        pk12 = _pyssl_crypto.load_pkcs12(self._convert_to_bytes(), password)
        self.state = {
            "private": _pyssl_crypto.dump_privatekey(
                _pyssl_crypto.FILETYPE_PEM, pk12.get_privatekey()
            ),
            "cert": _pyssl_crypto.dump_certificate(
                _pyssl_crypto.FILETYPE_PEM, pk12.get_certificate()
            ),
        }
        return self 
开发者ID:securisec,项目名称:chepy,代码行数:23,代码来源:publickey.py

示例9: from_string

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def from_string(key, password=b'notasecret'):
        """Construct a Signer instance from a string.

        Args:
            key: string, private key in PKCS12 or PEM format.
            password: string, password for the private key file.

        Returns:
            Signer instance.

        Raises:
            OpenSSL.crypto.Error if the key can't be parsed.
        """
        key = _helpers._to_bytes(key)
        parsed_pem_key = _helpers._parse_pem_key(key)
        if parsed_pem_key:
            pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, parsed_pem_key)
        else:
            password = _helpers._to_bytes(password, encoding='utf-8')
            pkey = crypto.load_pkcs12(key, password).get_privatekey()
        return OpenSSLSigner(pkey) 
开发者ID:fniephaus,项目名称:alfred-gmail,代码行数:23,代码来源:_openssl_crypt.py

示例10: extrair_certificado_a1

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def extrair_certificado_a1(self, arquivo, senha):
        '''
        Extrai o conteúdo do certificado A1
        @param arquivo:arquivo binário do certificado
        @param senha: senha do certificado.
        @return: dicionário com a string do certificado, chave privada, emissor, proprietario, data_inicio_validade e
        data_final_validade.
        '''
        
        conteudo_pkcs12 = crypto.load_pkcs12(arquivo, senha)
        key_str = crypto.dump_privatekey(crypto.FILETYPE_PEM, conteudo_pkcs12.get_privatekey())
        cert_str = crypto.dump_certificate(crypto.FILETYPE_PEM, conteudo_pkcs12.get_certificate())
        
        certificado = Certificado()
        certificado.prepara_certificado_txt(cert_str.decode('utf-8'))
        
        vals = {'cert': cert_str.decode('utf-8'),
                'key': key_str.decode('utf-8'),
                'emissor': certificado.emissor.get('OU'),
                'proprietario': certificado.proprietario.get('CN'),
                'data_inicio_validade': certificado.data_inicio_validade,
                'data_final_validade': certificado.data_fim_validade,
        }
        return vals 
开发者ID:thiagopena,项目名称:PySIGNFe,代码行数:26,代码来源:nota.py

示例11: _dump_pfx

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def _dump_pfx(self, pfx, cert_filename, key_filename):
        p12 = crypto.load_pkcs12(base64.decodestring(pfx))
        pk = crypto.dump_privatekey(crypto.FILETYPE_PEM, p12.get_privatekey())
        if os.getenv('DOWNLOAD_CA_CERTIFICATES','true').lower() == "true":
            certs = (p12.get_certificate(),) + (p12.get_ca_certificates() or ())
        else:     
            certs = (p12.get_certificate(),)

        if (cert_filename == key_filename):
            key_path = os.path.join(self._keys_output_folder, key_filename)
            cert_path = os.path.join(self._certs_output_folder, cert_filename)
        else:
            # write to certs_keys folder when cert_filename and key_filename specified
            key_path = os.path.join(self._cert_keys_output_folder, key_filename)
            cert_path = os.path.join(self._cert_keys_output_folder, cert_filename)

        _logger.info('Dumping key value to: %s', key_path)
        with open(key_path, 'w') as key_file:
            key_file.write(pk)

        _logger.info('Dumping certs to: %s', cert_path)
        with open(cert_path, 'w') as cert_file:
            for cert in certs:
                cert_file.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert)) 
开发者ID:Hexadite,项目名称:acs-keyvault-agent,代码行数:26,代码来源:main.py

示例12: test_key_only

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def test_key_only(self):
        """
        A `PKCS12` with only a private key can be exported using
        `PKCS12.export` and loaded again using `load_pkcs12`.
        """
        passwd = b"blah"
        p12 = PKCS12()
        pkey = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM)
        p12.set_privatekey(pkey)
        assert None is p12.get_certificate()
        assert pkey == p12.get_privatekey()
        try:
            dumped_p12 = p12.export(passphrase=passwd, iter=2, maciter=3)
        except Error:
            # Some versions of OpenSSL will throw an exception
            # for this nearly useless PKCS12 we tried to generate:
            # [('PKCS12 routines', 'PKCS12_create', 'invalid null argument')]
            return
        p12 = load_pkcs12(dumped_p12, passwd)
        assert None is p12.get_ca_certificates()
        assert None is p12.get_certificate()

        # OpenSSL fails to bring the key back to us.  So sad.  Perhaps in the
        # future this will be improved.
        assert isinstance(p12.get_privatekey(), (PKey, type(None))) 
开发者ID:pyca,项目名称:pyopenssl,代码行数:27,代码来源:test_crypto.py

示例13: test_load_pkcs12

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def test_load_pkcs12(self):
        """
        A PKCS12 string generated using the openssl command line can be loaded
        with `load_pkcs12` and its components extracted and examined.
        """
        passwd = b"whatever"
        pem = client_key_pem + client_cert_pem
        p12_str = _runopenssl(
            pem,
            b"pkcs12",
            b"-export",
            b"-clcerts",
            b"-passout",
            b"pass:" + passwd
        )
        p12 = load_pkcs12(p12_str, passphrase=passwd)
        self.verify_pkcs12_container(p12) 
开发者ID:pyca,项目名称:pyopenssl,代码行数:19,代码来源:test_crypto.py

示例14: test_load_pkcs12_text_passphrase

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def test_load_pkcs12_text_passphrase(self):
        """
        A PKCS12 string generated using the openssl command line can be loaded
        with `load_pkcs12` and its components extracted and examined.
        Using text as passphrase instead of bytes. DeprecationWarning expected.
        """
        pem = client_key_pem + client_cert_pem
        passwd = b"whatever"
        p12_str = _runopenssl(pem, b"pkcs12", b"-export", b"-clcerts",
                              b"-passout", b"pass:" + passwd)
        with pytest.warns(DeprecationWarning) as w:
            simplefilter("always")
            p12 = load_pkcs12(p12_str, passphrase=b"whatever".decode("ascii"))
            assert (
                "{0} for passphrase is no longer accepted, use bytes".format(
                    WARNING_TYPE_EXPECTED
                ) == str(w[-1].message))

        self.verify_pkcs12_container(p12) 
开发者ID:pyca,项目名称:pyopenssl,代码行数:21,代码来源:test_crypto.py

示例15: test_load_without_mac

# 需要导入模块: from OpenSSL import crypto [as 别名]
# 或者: from OpenSSL.crypto import load_pkcs12 [as 别名]
def test_load_without_mac(self):
        """
        Loading a PKCS12 without a MAC does something other than crash.
        """
        passwd = b"Lake Michigan"
        p12 = self.gen_pkcs12(server_cert_pem, server_key_pem, root_cert_pem)
        dumped_p12 = p12.export(maciter=-1, passphrase=passwd, iter=2)
        try:
            recovered_p12 = load_pkcs12(dumped_p12, passwd)
            # The person who generated this PCKS12 should be flogged,
            # or better yet we should have a means to determine
            # whether a PCKS12 had a MAC that was verified.
            # Anyway, libopenssl chooses to allow it, so the
            # pyopenssl binding does as well.
            assert isinstance(recovered_p12, PKCS12)
        except Error:
            # Failing here with an exception is preferred as some openssl
            # versions do.
            pass 
开发者ID:pyca,项目名称:pyopenssl,代码行数:21,代码来源:test_crypto.py


注:本文中的OpenSSL.crypto.load_pkcs12方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。