本文整理汇总了Python中asn1crypto.x509.Certificate方法的典型用法代码示例。如果您正苦于以下问题:Python x509.Certificate方法的具体用法?Python x509.Certificate怎么用?Python x509.Certificate使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类asn1crypto.x509的用法示例。
在下文中一共展示了x509.Certificate方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: __init__
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def __init__(self, certificate, issuer):
"""
:param certificate:
An asn1crypto.x509.Certificate or oscrypto.asymmetric.Certificate
object to create the request for
:param issuer:
An asn1crypto.x509.Certificate or oscrypto.asymmetric.Certificate
object for the issuer of the certificate
"""
self.certificate = certificate
self.issuer = issuer
self._key_hash_algo = 'sha1'
self._hash_algo = 'sha256'
self._request_extensions = {}
self._tbs_request_extensions = {} 示例2: certificate
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def certificate(self, value):
"""
An asn1crypto.x509.Certificate or oscrypto.asymmetric.Certificate object
of the certificate to create the request for.
"""
is_oscrypto = isinstance(value, asymmetric.Certificate)
if not is_oscrypto and not isinstance(value, x509.Certificate):
raise TypeError(_pretty_message(
'''
certificate must be an instance of asn1crypto.x509.Certificate
or oscrypto.asymmetric.Certificate, not %s
''',
_type_name(value)
))
if is_oscrypto:
value = value.asn1
self._certificate = value 示例3: issuer
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def issuer(self, value):
"""
An asn1crypto.x509.Certificate or oscrypto.asymmetric.Certificate object
of the issuer.
"""
is_oscrypto = isinstance(value, asymmetric.Certificate)
if not is_oscrypto and not isinstance(value, x509.Certificate):
raise TypeError(_pretty_message(
'''
issuer must be an instance of asn1crypto.x509.Certificate or
oscrypto.asymmetric.Certificate, not %s
''',
_type_name(value)
))
if is_oscrypto:
value = value.asn1
self._issuer = value 示例4: retrieve_by_key_identifier
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def retrieve_by_key_identifier(self, key_identifier):
"""
Retrieves a cert via its key identifier
:param key_identifier:
A byte string of the key identifier
:return:
None or an asn1crypto.x509.Certificate object
"""
if not isinstance(key_identifier, byte_cls):
raise TypeError(pretty_message(
'''
key_identifier must be a byte string, not %s
''',
type_name(key_identifier)
))
return self._key_identifier_map.get(key_identifier) 示例5: _possible_issuers
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def _possible_issuers(self, cert):
"""
Returns a generator that will list all possible issuers for the cert
:param cert:
An asn1crypto.x509.Certificate object to find the issuer of
"""
issuer_hashable = cert.issuer.hashable
if issuer_hashable not in self._subject_map:
return
for issuer in self._subject_map[issuer_hashable]:
# Info from the authority key identifier extension can be used to
# eliminate possible options when multiple keys with the same
# subject exist, such as during a transition, or with cross-signing.
if cert.authority_key_identifier and issuer.key_identifier:
if cert.authority_key_identifier != issuer.key_identifier:
continue
elif cert.authority_issuer_serial:
if cert.authority_issuer_serial != issuer.issuer_serial:
continue
yield issuer 示例6: find_issuer
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def find_issuer(self, cert):
"""
Return the issuer of the cert specified, as defined by this path
:param cert:
An asn1crypto.x509.Certificate object to get the issuer of
:raises:
LookupError - when the issuer of the certificate could not be found
:return:
An asn1crypto.x509.Certificate object of the issuer
"""
for entry in self:
if entry.subject == cert.issuer:
if entry.key_identifier and cert.authority_key_identifier:
if entry.key_identifier == cert.authority_key_identifier:
return entry
else:
return entry
raise LookupError('Unable to find the issuer of the certificate specified') 示例7: _load_x509
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def _load_x509(certificate):
"""
Loads an ASN.1 object of an x509 certificate into a Certificate object
:param certificate:
An asn1crypto.x509.Certificate object
:return:
A Certificate object
"""
source = certificate.dump()
cf_source = None
try:
cf_source = CFHelpers.cf_data_from_bytes(source)
sec_key_ref = Security.SecCertificateCreateWithData(CoreFoundation.kCFAllocatorDefault, cf_source)
return Certificate(sec_key_ref, certificate)
finally:
if cf_source:
CoreFoundation.CFRelease(cf_source) 示例8: rsa_oaep_encrypt
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def rsa_oaep_encrypt(certificate_or_public_key, data):
"""
Encrypts a byte string using an RSA public key or certificate. Uses PKCS#1
OAEP padding with SHA1.
:param certificate_or_public_key:
A PublicKey or Certificate object
:param data:
A byte string, with a maximum length 41 bytes (or more) less than the
key length (in bytes)
:raises:
ValueError - when any of the parameters contain an invalid value
TypeError - when any of the parameters are of the wrong type
OSError - when an error is returned by the OS crypto library
:return:
A byte string of the encrypted data
"""
return _encrypt(certificate_or_public_key, data, Security.kSecPaddingOAEPKey) 示例9: rsa_pkcs1v15_encrypt
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def rsa_pkcs1v15_encrypt(certificate_or_public_key, data):
"""
Encrypts a byte string using an RSA public key or certificate. Uses PKCS#1
v1.5 padding.
:param certificate_or_public_key:
A PublicKey or Certificate object
:param data:
A byte string, with a maximum length 11 bytes less than the key length
(in bytes)
:raises:
ValueError - when any of the parameters contain an invalid value
TypeError - when any of the parameters are of the wrong type
OSError - when an error is returned by the OS crypto library
:return:
A byte string of the encrypted data
"""
return _encrypt(certificate_or_public_key, data) 示例10: rsa_oaep_encrypt
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def rsa_oaep_encrypt(certificate_or_public_key, data):
"""
Encrypts a byte string using an RSA public key or certificate. Uses PKCS#1
OAEP padding with SHA1.
:param certificate_or_public_key:
A PublicKey or Certificate object
:param data:
A byte string, with a maximum length 41 bytes (or more) less than the
key length (in bytes)
:raises:
ValueError - when any of the parameters contain an invalid value
TypeError - when any of the parameters are of the wrong type
OSError - when an error is returned by the OS crypto library
:return:
A byte string of the encrypted data
"""
return _encrypt(certificate_or_public_key, data, rsa_oaep_padding=True) 示例11: issuer
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def issuer(self, value):
"""
An asn1crypto.x509.Certificate object of the issuer. Used to populate
both the issuer field, but also the authority key identifier extension.
"""
is_oscrypto = isinstance(value, asymmetric.Certificate)
if not isinstance(value, x509.Certificate) and not is_oscrypto:
raise TypeError(_pretty_message(
'''
issuer must be an instance of asn1crypto.x509.Certificate or
oscrypto.asymmetric.Certificate, not %s
''',
_type_name(value)
))
if is_oscrypto:
value = value.asn1
self._issuer = value.subject
self._key_identifier = self._subject_public_key.sha1
self._authority_key_identifier = x509.AuthorityKeyIdentifier({
'key_identifier': value.public_key.sha1
}) 示例12: crl_url
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def crl_url(self):
"""
Location of the certificate revocation list (CRL) for the certificate.
Will be one of the following types:
- None for no CRL
- A unicode string of the URL to the CRL for this certificate
- A 2-element tuple of (unicode string URL,
asn1crypto.x509.Certificate object of CRL issuer) for an indirect
CRL
"""
if self._crl_distribution_points is None:
return None
return self._get_crl_url(self._crl_distribution_points) 示例13: delta_crl_url
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def delta_crl_url(self):
"""
Location of the delta CRL for the certificate. Will be one of the
following types:
- None for no delta CRL
- A unicode string of the URL to the delta CRL for this certificate
- A 2-element tuple of (unicode string URL,
asn1crypto.x509.Certificate object of CRL issuer) for an indirect
delta CRL
"""
if self._freshest_crl is None:
return None
return self._get_crl_url(self._freshest_crl) 示例14: tls_connect
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def tls_connect(self, hostname, port):
session = None
if hostname == 'dh1024.badtls.io':
session = tls.TLSSession(extra_trust_roots=[badtls_ca_path])
connection = tls.TLSSocket(hostname, port, session=session)
self.assertEqual(hostname, connection.hostname)
self.assertIsInstance(connection.hostname, str_cls)
self.assertIsInstance(connection.cipher_suite, str_cls)
self.assertIsInstance(connection.certificate, x509.Certificate)
self.assertLess(10, len(connection.cipher_suite))
self.assertEqual(port, connection.port)
connection.write(b'GET / HTTP/1.1\r\nHost: ' + hostname.encode('utf-8') + b'\r\n\r\n')
html = connection.read_until(re.compile(b'</html>', re.I))
self.assertNotEqual(None, re.search(b'</html>', html, re.I)) 示例15: test_get_list
# 需要导入模块: from asn1crypto import x509 [as 别名]
# 或者: from asn1crypto.x509 import Certificate [as 别名]
def test_get_list(self):
trust_list.clear_cache()
certs = trust_list.get_list()
self.assertIsInstance(certs, list)
self.assertLess(10, len(certs))
for cert, trust_oids, reject_oids in certs:
self.assertIsInstance(cert, x509.Certificate)
self.assertIsInstance(trust_oids, set)
self.assertIsInstance(reject_oids, set)
cert.native