本文整理匯總了Python中sfa.trust.gid.GID.set_intermediate_ca方法的典型用法代碼示例。如果您正苦於以下問題:Python GID.set_intermediate_ca方法的具體用法?Python GID.set_intermediate_ca怎麽用?Python GID.set_intermediate_ca使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類sfa.trust.gid.GID的用法示例。
在下文中一共展示了GID.set_intermediate_ca方法的2個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: create_cert
# 需要導入模塊: from sfa.trust.gid import GID [as 別名]
# 或者: from sfa.trust.gid.GID import set_intermediate_ca [as 別名]
def create_cert(urn, issuer_key=None, issuer_cert=None, intermediate=False):
'''Create a new certificate and return it and the associated keys.
If issuer cert and key are given, they sign the certificate. Otherwise
it is a self-signed certificate.
If intermediate then mark this
as an intermediate CA certificate (can sign).
Certificate URN must be supplied.
CN of the cert will be dotted notation authority.type.name from the URN.
'''
# Note the below throws a ValueError if it wasnt a valid URN
c_urn = URN(urn=urn)
dotted = '%s.%s.%s' % (c_urn.getAuthority(), c_urn.getType(), c_urn.getName())
newgid = GID(create=True, subject=dotted[:64],
urn=urn)
keys = Keypair(create=True)
newgid.set_pubkey(keys)
if intermediate:
# This cert will be able to sign certificates
newgid.set_intermediate_ca(intermediate)
if issuer_key and issuer_cert:
# the given issuer will issue this cert
if isinstance(issuer_key,str):
issuer_key = Keypair(filename=issuer_key)
if isinstance(issuer_cert,str):
issuer_cert = GID(filename=issuer_cert)
newgid.set_issuer(issuer_key, cert=issuer_cert)
newgid.set_parent(issuer_cert)
else:
# create a self-signed cert
newgid.set_issuer(keys, subject=dotted)
newgid.encode()
newgid.sign()
return newgid, keys示例2: create_gid
# 需要導入模塊: from sfa.trust.gid import GID [as 別名]
# 或者: from sfa.trust.gid.GID import set_intermediate_ca [as 別名]
def create_gid(self, xrn, uuid, pkey, CA=False, email=None):
hrn, type = urn_to_hrn(xrn)
if not type:
type = 'authority'
parent_hrn = get_authority(hrn)
# Using hrn_to_urn() here to make sure the urn is in the right format
# If xrn was a hrn instead of a urn, then the gid's urn will be
# of type None
urn = hrn_to_urn(hrn, type)
gid = GID(subject=hrn, uuid=uuid, hrn=hrn, urn=urn, email=email)
# is this a CA cert
if hrn == self.config.SFA_INTERFACE_HRN or not parent_hrn:
# root or sub authority
gid.set_intermediate_ca(True)
elif type and 'authority' in type:
# authority type
gid.set_intermediate_ca(True)
elif CA:
gid.set_intermediate_ca(True)
else:
gid.set_intermediate_ca(False)
# set issuer
if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
gid.set_issuer(pkey, hrn)
else:
# we need the parent's private key in order to sign this GID
parent_auth_info = self.get_auth_info(parent_hrn)
gid.set_issuer(parent_auth_info.get_pkey_object(), parent_auth_info.hrn)
gid.set_parent(parent_auth_info.get_gid_object())
gid.set_pubkey(pkey)
gid.encode()
gid.sign()
return gid