当前位置: 首页>>代码示例>>Python>>正文

Python asymmetric.load_certificate方法代码示例

本文整理汇总了Python中oscrypto.asymmetric.load_certificate方法的典型用法代码示例。如果您正苦于以下问题:Python asymmetric.load_certificate方法的具体用法?Python asymmetric.load_certificate怎么用?Python asymmetric.load_certificate使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在oscrypto.asymmetric的用法示例。


在下文中一共展示了asymmetric.load_certificate方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: test_build_no_certificate

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def test_build_no_certificate(self):
        issuer_key = asymmetric.load_private_key(os.path.join(fixtures_dir, 'test.key'))
        issuer_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test.crt'))
        subject_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test-inter.crt'))

        with self.assertRaisesRegex(ValueError, 'must be set if the response_status is "successful"'):
            builder = OCSPResponseBuilder('successful', subject_cert, 'good')
            builder.certificate = None
            builder.build(issuer_key, issuer_cert)

        with self.assertRaisesRegex(ValueError, 'must be set if the response_status is "successful"'):
            builder = OCSPResponseBuilder('successful', subject_cert, 'good')
            builder.certificate_status = None
            builder.build(issuer_key, issuer_cert)

        with self.assertRaisesRegex(ValueError, 'must be set if the response_status is "successful"'):
            builder = OCSPResponseBuilder('successful', subject_cert)
            builder.build(issuer_key, issuer_cert)

        with self.assertRaisesRegex(ValueError, 'must be set if the response_status is "successful"'):
            builder = OCSPResponseBuilder('successful', None, 'good')
            builder.build(issuer_key, issuer_cert)
开发者ID:wbond,项目名称:ocspbuilder,代码行数:24,代码来源:test_ocsp_response_builder.py

示例2: test_build_revoked_no_reason

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def test_build_revoked_no_reason(self):
        issuer_key = asymmetric.load_private_key(os.path.join(fixtures_dir, 'test.key'))
        issuer_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test.crt'))
        subject_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test-inter.crt'))

        revoked_time = datetime(2015, 9, 1, 12, 0, 0, tzinfo=timezone.utc)
        builder = OCSPResponseBuilder('successful', subject_cert, 'revoked', revoked_time)
        ocsp_response = builder.build(issuer_key, issuer_cert)
        der_bytes = ocsp_response.dump()

        new_response = asn1crypto.ocsp.OCSPResponse.load(der_bytes)
        basic_response = new_response['response_bytes']['response'].parsed
        response_data = basic_response['tbs_response_data']
        cert_response = response_data['responses'][0]

        self.assertEqual('revoked', cert_response['cert_status'].name)
        self.assertEqual(revoked_time, cert_response['cert_status'].chosen['revocation_time'].native)
        self.assertEqual('unspecified', cert_response['cert_status'].chosen['revocation_reason'].native)
开发者ID:wbond,项目名称:ocspbuilder,代码行数:20,代码来源:test_ocsp_response_builder.py

示例3: load_verify_cert

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def load_verify_cert(self):
        if self.validate_certs:
            # Convert the certificate to DER format
            cert = pem_to_der(self.verify_cert, return_multiple=False)

            # Convert the ca certificate to DER format
            if self.verify_cert_ca:
                trust_roots = pem_to_der(self.verify_cert_ca)
            else:
                trust_roots = []

            # Verify the certificate against the trusted roots
            verify_certificate_chain(
                cert, trust_roots, ignore_self_signed=self.ignore_self_signed
            )

        return asymmetric.load_certificate(self.verify_cert)
开发者ID:abhishek-ram,项目名称:pyas2-lib,代码行数:19,代码来源:as2.py

示例4: load_encrypt_cert

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def load_encrypt_cert(self):
        if self.validate_certs:
            # Convert the certificate to DER format
            cert = pem_to_der(self.encrypt_cert, return_multiple=False)

            # Convert the ca certificate to DER format
            if self.encrypt_cert_ca:
                trust_roots = pem_to_der(self.encrypt_cert_ca)
            else:
                trust_roots = []

            # Verify the certificate against the trusted roots
            verify_certificate_chain(
                cert, trust_roots, ignore_self_signed=self.ignore_self_signed
            )

        return asymmetric.load_certificate(self.encrypt_cert)
开发者ID:abhishek-ram,项目名称:pyas2-lib,代码行数:19,代码来源:as2.py

示例5: test_cert_attributes

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def test_cert_attributes(self):
        cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'keys/test.crt'))
        self.assertEqual(2048, cert.bit_size)
        self.assertEqual(256, cert.byte_size)
        self.assertEqual('rsa', cert.algorithm)
开发者ID:wbond,项目名称:oscrypto,代码行数:7,代码来源:test_asymmetric.py

示例6: test_cert_ec_attributes

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def test_cert_ec_attributes(self):
        cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'keys/test-ec-named.crt'))
        self.assertEqual(256, cert.bit_size)
        self.assertEqual(32, cert.byte_size)
        self.assertEqual('secp256r1', cert.curve)
        self.assertEqual('ec', cert.algorithm)
开发者ID:wbond,项目名称:oscrypto,代码行数:8,代码来源:test_asymmetric.py

示例7: test_dump_certificate

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def test_dump_certificate(self):
        cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'keys/test.crt'))
        pem_serialized = asymmetric.dump_certificate(cert)
        cert_reloaded = asymmetric.load_certificate(pem_serialized)
        self.assertIsInstance(cert_reloaded, asymmetric.Certificate)
        self.assertEqual('rsa', cert_reloaded.algorithm)
开发者ID:wbond,项目名称:oscrypto,代码行数:8,代码来源:test_asymmetric.py

示例8: test_build_good_response

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def test_build_good_response(self):
        issuer_key = asymmetric.load_private_key(os.path.join(fixtures_dir, 'test.key'))
        issuer_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test.crt'))
        subject_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test-inter.crt'))

        builder = OCSPResponseBuilder('successful', subject_cert, 'good')
        ocsp_response = builder.build(issuer_key, issuer_cert)
        der_bytes = ocsp_response.dump()

        new_response = asn1crypto.ocsp.OCSPResponse.load(der_bytes)
        basic_response = new_response['response_bytes']['response'].parsed
        response_data = basic_response['tbs_response_data']

        self.assertEqual('sha256', basic_response['signature_algorithm'].hash_algo)
        self.assertEqual('rsassa_pkcs1v15', basic_response['signature_algorithm'].signature_algo)
        self.assertEqual('v1', response_data['version'].native)
        self.assertEqual('by_key', response_data['responder_id'].name)
        self.assertEqual(
            issuer_cert.asn1.public_key.sha1,
            response_data['responder_id'].chosen.native
        )
        self.assertGreaterEqual(datetime.now(timezone.utc), response_data['produced_at'].native)
        self.assertEqual(1, len(response_data['responses']))
        self.assertEqual(0, len(response_data['response_extensions']))

        cert_response = response_data['responses'][0]

        self.assertEqual('sha1', cert_response['cert_id']['hash_algorithm']['algorithm'].native)
        self.assertEqual(issuer_cert.asn1.subject.sha1, cert_response['cert_id']['issuer_name_hash'].native)
        self.assertEqual(issuer_cert.asn1.public_key.sha1, cert_response['cert_id']['issuer_key_hash'].native)
        self.assertEqual(subject_cert.asn1.serial_number, cert_response['cert_id']['serial_number'].native)

        self.assertEqual('good', cert_response['cert_status'].name)
        self.assertGreaterEqual(datetime.now(timezone.utc), cert_response['this_update'].native)
        self.assertGreaterEqual(set(), cert_response.critical_extensions)
开发者ID:wbond,项目名称:ocspbuilder,代码行数:37,代码来源:test_ocsp_response_builder.py

示例9: test_build_revoked_response

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def test_build_revoked_response(self):
        issuer_key = asymmetric.load_private_key(os.path.join(fixtures_dir, 'test.key'))
        issuer_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test.crt'))
        subject_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test-inter.crt'))

        revoked_time = datetime(2015, 9, 1, 12, 0, 0, tzinfo=timezone.utc)
        builder = OCSPResponseBuilder('successful', subject_cert, 'key_compromise', revoked_time)
        ocsp_response = builder.build(issuer_key, issuer_cert)
        der_bytes = ocsp_response.dump()

        new_response = asn1crypto.ocsp.OCSPResponse.load(der_bytes)
        basic_response = new_response['response_bytes']['response'].parsed
        response_data = basic_response['tbs_response_data']

        self.assertEqual('sha256', basic_response['signature_algorithm'].hash_algo)
        self.assertEqual('rsassa_pkcs1v15', basic_response['signature_algorithm'].signature_algo)
        self.assertEqual('v1', response_data['version'].native)
        self.assertEqual('by_key', response_data['responder_id'].name)
        self.assertEqual(
            issuer_cert.asn1.public_key.sha1,
            response_data['responder_id'].chosen.native
        )
        self.assertGreaterEqual(datetime.now(timezone.utc), response_data['produced_at'].native)
        self.assertEqual(1, len(response_data['responses']))
        self.assertEqual(0, len(response_data['response_extensions']))

        cert_response = response_data['responses'][0]

        self.assertEqual('sha1', cert_response['cert_id']['hash_algorithm']['algorithm'].native)
        self.assertEqual(issuer_cert.asn1.subject.sha1, cert_response['cert_id']['issuer_name_hash'].native)
        self.assertEqual(issuer_cert.asn1.public_key.sha1, cert_response['cert_id']['issuer_key_hash'].native)
        self.assertEqual(subject_cert.asn1.serial_number, cert_response['cert_id']['serial_number'].native)

        self.assertEqual('revoked', cert_response['cert_status'].name)
        self.assertEqual(revoked_time, cert_response['cert_status'].chosen['revocation_time'].native)
        self.assertEqual('key_compromise', cert_response['cert_status'].chosen['revocation_reason'].native)
        self.assertGreaterEqual(datetime.now(timezone.utc), cert_response['this_update'].native)
        self.assertGreaterEqual(set(), cert_response.critical_extensions)
开发者ID:wbond,项目名称:ocspbuilder,代码行数:40,代码来源:test_ocsp_response_builder.py

示例10: test_build_delegated_good_response

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def test_build_delegated_good_response(self):
        responder_key = asymmetric.load_private_key(os.path.join(fixtures_dir, 'test-ocsp.key'), 'password')
        responder_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test-ocsp.crt'))
        issuer_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test.crt'))
        subject_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test-inter.crt'))

        builder = OCSPResponseBuilder('successful', subject_cert, 'good')
        builder.certificate_issuer = issuer_cert
        ocsp_response = builder.build(responder_key, responder_cert)
        der_bytes = ocsp_response.dump()

        new_response = asn1crypto.ocsp.OCSPResponse.load(der_bytes)
        basic_response = new_response['response_bytes']['response'].parsed
        response_data = basic_response['tbs_response_data']

        self.assertEqual('sha256', basic_response['signature_algorithm'].hash_algo)
        self.assertEqual('rsassa_pkcs1v15', basic_response['signature_algorithm'].signature_algo)
        self.assertEqual('v1', response_data['version'].native)
        self.assertEqual('by_key', response_data['responder_id'].name)
        self.assertEqual(
            responder_cert.asn1.public_key.sha1,
            response_data['responder_id'].chosen.native
        )
        self.assertGreaterEqual(datetime.now(timezone.utc), response_data['produced_at'].native)
        self.assertEqual(1, len(response_data['responses']))
        self.assertEqual(0, len(response_data['response_extensions']))

        cert_response = response_data['responses'][0]

        self.assertEqual('sha1', cert_response['cert_id']['hash_algorithm']['algorithm'].native)
        self.assertEqual(issuer_cert.asn1.subject.sha1, cert_response['cert_id']['issuer_name_hash'].native)
        self.assertEqual(issuer_cert.asn1.public_key.sha1, cert_response['cert_id']['issuer_key_hash'].native)
        self.assertEqual(subject_cert.asn1.serial_number, cert_response['cert_id']['serial_number'].native)

        self.assertEqual('good', cert_response['cert_status'].name)
        self.assertGreaterEqual(datetime.now(timezone.utc), cert_response['this_update'].native)
        self.assertGreaterEqual(set(), cert_response.critical_extensions)
开发者ID:wbond,项目名称:ocspbuilder,代码行数:39,代码来源:test_ocsp_response_builder.py

示例11: test_build_basic_request

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def test_build_basic_request(self):
        issuer_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test.crt'))
        subject_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test-inter.crt'))

        builder = OCSPRequestBuilder(subject_cert, issuer_cert)
        ocsp_request = builder.build()
        der_bytes = ocsp_request.dump()

        new_request = asn1crypto.ocsp.OCSPRequest.load(der_bytes)
        tbs_request = new_request['tbs_request']

        self.assertEqual(None, new_request['optional_signature'].native)
        self.assertEqual('v1', tbs_request['version'].native)
        self.assertEqual(None, tbs_request['requestor_name'].native)
        self.assertEqual(1, len(tbs_request['request_list']))

        request = tbs_request['request_list'][0]
        self.assertEqual('sha1', request['req_cert']['hash_algorithm']['algorithm'].native)
        self.assertEqual(issuer_cert.asn1.subject.sha1, request['req_cert']['issuer_name_hash'].native)
        self.assertEqual(issuer_cert.asn1.public_key.sha1, request['req_cert']['issuer_key_hash'].native)
        self.assertEqual(subject_cert.asn1.serial_number, request['req_cert']['serial_number'].native)
        self.assertEqual(0, len(request['single_request_extensions']))

        self.assertEqual(1, len(tbs_request['request_extensions']))
        extn = tbs_request['request_extensions'][0]

        self.assertEqual('nonce', extn['extn_id'].native)
        self.assertEqual(16, len(extn['extn_value'].parsed.native))
开发者ID:wbond,项目名称:ocspbuilder,代码行数:30,代码来源:test_ocsp_request_builder.py

示例12: test_build_signed_request

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def test_build_signed_request(self):
        issuer_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test.crt'))
        subject_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test-inter.crt'))

        requestor_cert = asymmetric.load_certificate(os.path.join(fixtures_dir, 'test-third.crt'))
        requestor_key = asymmetric.load_private_key(os.path.join(fixtures_dir, 'test-third.key'))

        builder = OCSPRequestBuilder(subject_cert, issuer_cert)
        ocsp_request = builder.build(requestor_key, requestor_cert, [subject_cert, issuer_cert])
        der_bytes = ocsp_request.dump()

        new_request = asn1crypto.ocsp.OCSPRequest.load(der_bytes)
        tbs_request = new_request['tbs_request']
        signature = new_request['optional_signature']

        self.assertEqual('sha256', signature['signature_algorithm'].hash_algo)
        self.assertEqual('rsassa_pkcs1v15', signature['signature_algorithm'].signature_algo)
        self.assertEqual(3, len(signature['certs']))
        self.assertEqual('v1', tbs_request['version'].native)
        self.assertEqual(requestor_cert.asn1.subject, tbs_request['requestor_name'].chosen)
        self.assertEqual(1, len(tbs_request['request_list']))

        request = tbs_request['request_list'][0]
        self.assertEqual('sha1', request['req_cert']['hash_algorithm']['algorithm'].native)
        self.assertEqual(issuer_cert.asn1.subject.sha1, request['req_cert']['issuer_name_hash'].native)
        self.assertEqual(issuer_cert.asn1.public_key.sha1, request['req_cert']['issuer_key_hash'].native)
        self.assertEqual(subject_cert.asn1.serial_number, request['req_cert']['serial_number'].native)
        self.assertEqual(0, len(request['single_request_extensions']))

        self.assertEqual(1, len(tbs_request['request_extensions']))
        extn = tbs_request['request_extensions'][0]

        self.assertEqual('nonce', extn['extn_id'].native)
        self.assertEqual(16, len(extn['extn_value'].parsed.native))
开发者ID:wbond,项目名称:ocspbuilder,代码行数:36,代码来源:test_ocsp_request_builder.py

示例13: load_key

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def load_key(key_str: bytes, key_pass: str):
        """Function to load password protected key file in p12 or pem format."""

        try:
            # First try to parse as a p12 file
            key, cert, _ = asymmetric.load_pkcs12(key_str, key_pass)
        except ValueError as e:
            # If it fails due to invalid password raise error here
            if e.args[0] == "Password provided is invalid":
                raise AS2Exception("Password not valid for Private Key.")

            # if not try to parse as a pem file
            key, cert = None, None
            for kc in split_pem(key_str):
                try:
                    cert = asymmetric.load_certificate(kc)
                except (ValueError, TypeError):
                    try:
                        key = asymmetric.load_private_key(kc, key_pass)
                    except OSError:
                        raise AS2Exception(
                            "Invalid Private Key or password is not correct."
                        )

        if not key or not cert:
            raise AS2Exception("Invalid Private key file or Public key not included.")

        return key, cert
开发者ID:abhishek-ram,项目名称:pyas2-lib,代码行数:30,代码来源:as2.py

示例14: test_signing

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def test_signing():
    """Test the signing and verification functions."""
    # Load the signature key
    with open(os.path.join(TEST_DIR, "cert_test.p12"), "rb") as fp:
        sign_key = Organization.load_key(fp.read(), "test")
    with open(os.path.join(TEST_DIR, "cert_test_public.pem"), "rb") as fp:
        verify_cert = asymmetric.load_certificate(fp.read())

    # Test failure of signature verification
    with pytest.raises(IntegrityError):
        cms.verify_message(b"data", INVALID_DATA, None)

    # Test signature without signed attributes
    cms.sign_message(
        b"data", digest_alg="sha256", sign_key=sign_key, use_signed_attributes=False
    )

    # Test pss signature and verification
    signature = cms.sign_message(
        b"data", digest_alg="sha256", sign_key=sign_key, sign_alg="rsassa_pss"
    )
    cms.verify_message(b"data", signature, verify_cert)

    # Test unsupported signature alg
    with pytest.raises(AS2Exception):
        cms.sign_message(
            b"data", digest_alg="sha256", sign_key=sign_key, sign_alg="rsassa_pssa"
        )

    # Test unsupported digest alg
    with pytest.raises(AS2Exception):
        cms.sign_message(
            b"data",
            digest_alg="sha-256",
            sign_key=sign_key,
            use_signed_attributes=False,
        )
开发者ID:abhishek-ram,项目名称:pyas2-lib,代码行数:39,代码来源:test_cms.py

示例15: test_encryption

# 需要导入模块: from oscrypto import asymmetric [as 别名]
# 或者: from oscrypto.asymmetric import load_certificate [as 别名]
def test_encryption():
    """Test the encryption and decryption functions."""
    with open(os.path.join(TEST_DIR, "cert_test.p12"), "rb") as fp:
        decrypt_key = Organization.load_key(fp.read(), "test")
    with open(os.path.join(TEST_DIR, "cert_test_public.pem"), "rb") as fp:
        encrypt_cert = asymmetric.load_certificate(fp.read())

    with pytest.raises(DecryptionError):
        cms.decrypt_message(INVALID_DATA, None)

    # Test all the encryption algorithms
    enc_algorithms = [
        "rc2_128_cbc",
        "rc4_128_cbc",
        "aes_128_cbc",
        "aes_192_cbc",
        "aes_256_cbc",
    ]
    for enc_algorithm in enc_algorithms:
        encrypted_data = cms.encrypt_message(b"data", enc_algorithm, encrypt_cert)
        _, decrypted_data = cms.decrypt_message(encrypted_data, decrypt_key)
        assert decrypted_data == b"data"

    # Test no encryption algorithm
    with pytest.raises(AS2Exception):
        cms.encrypt_message(b"data", "rc5_128_cbc", encrypt_cert)

    # Test no encryption algorithm on decrypt
    encrypted_data = cms.encrypt_message(b"data", "des_64_cbc", encrypt_cert)
    with pytest.raises(AS2Exception):
        cms.decrypt_message(encrypted_data, decrypt_key)
开发者ID:abhishek-ram,项目名称:pyas2-lib,代码行数:33,代码来源:test_cms.py


注:本文中的oscrypto.asymmetric.load_certificate方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。