當前位置: 首頁>>代碼示例>>Python>>正文

Python crypto.X509Req方法代碼示例

本文整理匯總了Python中OpenSSL.crypto.X509Req方法的典型用法代碼示例。如果您正苦於以下問題:Python crypto.X509Req方法的具體用法?Python crypto.X509Req怎麽用?Python crypto.X509Req使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在OpenSSL.crypto的用法示例。


在下文中一共展示了crypto.X509Req方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。

示例1: createCertRequest

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def createCertRequest(pkey, digest="md5", **name):
    """
    Create a certificate request.
    Arguments: pkey   - The key to associate with the request
               digest - Digestion method to use for signing, default is md5
               **name - The name of the subject of the request, possible
                        arguments are:
                          C     - Country name
                          ST    - State or province name
                          L     - Locality name
                          O     - Organization name
                          OU    - Organizational unit name
                          CN    - Common name
                          emailAddress - E-mail address
    Returns:   The certificate request in an X509Req object
    """
    req = crypto.X509Req()
    subj = req.get_subject()

    for (key,value) in name.items():
        setattr(subj, key, value)

    req.set_pubkey(pkey)
    req.sign(pkey, digest)
    return req
開發者ID:cea-hpc,項目名稱:pcocc,代碼行數:27,代碼來源:Tbon.py

示例2: __init__

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def __init__(self, country=None, state=None, locality=None,
                 organization=None, organization_unit=None,
                 name=None, email=None, digest="sha1", filename=None):
        if filename is None:
            req = crypto.X509Req()
            subject = req.get_subject()
            if country:
                subject.C = country
            if state:
                subject.ST = state
            if locality:
                subject.L = locality
            if organization:
                subject.O = organization
            if organization_unit:
                subject.OU = organization_unit
            if name:
                subject.CN = name
            if email:
                subject.emailAddress = email
        else:
            ftype, text = get_type_and_text(filename)
            req = crypto.load_certificate_request(ftype, text)
        self._req = req
開發者ID:kdart,項目名稱:pycopia,代碼行數:26,代碼來源:certs.py

示例3: generateCertificateObjects

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def generateCertificateObjects(organization, organizationalUnit):
    pkey = crypto.PKey()
    pkey.generate_key(crypto.TYPE_RSA, 512)
    req = crypto.X509Req()
    subject = req.get_subject()
    subject.O = organization
    subject.OU = organizationalUnit
    req.set_pubkey(pkey)
    req.sign(pkey, "md5")

    # Here comes the actual certificate
    cert = crypto.X509()
    cert.set_serial_number(1)
    cert.gmtime_adj_notBefore(0)
    cert.gmtime_adj_notAfter(60) # Testing certificates need not be long lived
    cert.set_issuer(req.get_subject())
    cert.set_subject(req.get_subject())
    cert.set_pubkey(req.get_pubkey())
    cert.sign(pkey, "md5")

    return pkey, req, cert
開發者ID:kenorb-contrib,項目名稱:BitTorrent,代碼行數:23,代碼來源:test_ssl.py

示例4: createCertRequest

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def createCertRequest(pkey, digest="sha256", **name):
    """
    Create a certificate request.
    Arguments: pkey   - The key to associate with the request
               digest - Digestion method to use for signing, default is sha256
               **name - The name of the subject of the request, possible
                        arguments are:
                          C     - Country name
                          ST    - State or province name
                          L     - Locality name
                          O     - Organization name
                          OU    - Organizational unit name
                          CN    - Common name
                          emailAddress - E-mail address
    Returns:   The certificate request in an X509Req object
    """
    req = crypto.X509Req()
    subj = req.get_subject()

    for key, value in name.items():
        setattr(subj, key, value)

    req.set_pubkey(pkey)
    req.sign(pkey, digest)
    return req
開發者ID:Tautulli,項目名稱:Tautulli,代碼行數:27,代碼來源:certgen.py

示例5: requestObject

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def requestObject(self, distinguishedName, digestAlgorithm='sha256'):
        req = crypto.X509Req()
        req.set_pubkey(self.original)
        distinguishedName._copyInto(req.get_subject())
        req.sign(self.original, digestAlgorithm)
        return CertificateRequest(req)
開發者ID:proxysh,項目名稱:Safejumper-for-Desktop,代碼行數:8,代碼來源:_sslverify.py

示例6: generateCertificateObjects

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def generateCertificateObjects(organization, organizationalUnit):
    """
    Create a certificate for given C{organization} and C{organizationalUnit}.

    @return: a tuple of (key, request, certificate) objects.
    """
    pkey = crypto.PKey()
    pkey.generate_key(crypto.TYPE_RSA, 512)
    req = crypto.X509Req()
    subject = req.get_subject()
    subject.O = organization
    subject.OU = organizationalUnit
    req.set_pubkey(pkey)
    req.sign(pkey, "md5")

    # Here comes the actual certificate
    cert = crypto.X509()
    cert.set_serial_number(1)
    cert.gmtime_adj_notBefore(0)
    cert.gmtime_adj_notAfter(60) # Testing certificates need not be long lived
    cert.set_issuer(req.get_subject())
    cert.set_subject(req.get_subject())
    cert.set_pubkey(req.get_pubkey())
    cert.sign(pkey, "md5")

    return pkey, req, cert
開發者ID:proxysh,項目名稱:Safejumper-for-Desktop,代碼行數:28,代碼來源:test_ssl.py

示例7: generate

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def generate(self, module):
        '''Generate the certificate signing request.'''

        if not os.path.exists(self.path) or self.force:
            req = crypto.X509Req()
            req.set_version(self.version)
            subject = req.get_subject()
            for (key, value) in self.subject.items():
                if value is not None:
                    setattr(subject, key, value)

            if self.subjectAltName is not None:
                req.add_extensions([crypto.X509Extension(
                    b"subjectAltName", False,
                    self.subjectAltName.encode('ascii'))])

            privatekey_content = open(self.privatekey_path).read()
            self.privatekey = crypto.load_privatekey(
                crypto.FILETYPE_PEM, privatekey_content)

            req.set_pubkey(self.privatekey)
            req.sign(self.privatekey, self.digest)
            self.request = req

            try:
                csr_file = open(self.path, 'wb')
                csr_file.write(crypto.dump_certificate_request(
                    crypto.FILETYPE_PEM, self.request))
                csr_file.close()
            except (IOError, OSError) as exc:
                raise CertificateSigningRequestError(exc)
        else:
            self.changed = False

        file_args = module.load_file_common_arguments(module.params)
        if module.set_fs_attributes_if_different(file_args, False):
            self.changed = True
開發者ID:mrlesmithjr,項目名稱:ansible-nginx-load-balancer,代碼行數:39,代碼來源:openssl_csr.py

示例8: generateCertificateObjects

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def generateCertificateObjects(organization, organizationalUnit):
    """
    Create a certificate for given C{organization} and C{organizationalUnit}.

    @return: a tuple of (key, request, certificate) objects.
    """
    pkey = crypto.PKey()
    pkey.generate_key(crypto.TYPE_RSA, 1024)
    req = crypto.X509Req()
    subject = req.get_subject()
    subject.O = organization
    subject.OU = organizationalUnit
    req.set_pubkey(pkey)
    req.sign(pkey, "md5")

    # Here comes the actual certificate
    cert = crypto.X509()
    cert.set_serial_number(1)
    cert.gmtime_adj_notBefore(0)
    cert.gmtime_adj_notAfter(60) # Testing certificates need not be long lived
    cert.set_issuer(req.get_subject())
    cert.set_subject(req.get_subject())
    cert.set_pubkey(req.get_pubkey())
    cert.sign(pkey, "md5")

    return pkey, req, cert
開發者ID:wistbean,項目名稱:learn_python3_spider,代碼行數:28,代碼來源:test_ssl.py

示例9: generateCSR

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def generateCSR(cn, c, st, l, o, ou, email, sans):
    # TODO: support different kind/size keys???
    key = crypto.PKey()
    key.generate_key(crypto.TYPE_RSA, 2048)

    csr = crypto.X509Req()
    csr.get_subject().CN = cn
    csr.get_subject().countryName = c
    csr.get_subject().stateOrProvinceName = st
    csr.get_subject().localityName = l
    csr.get_subject().organizationName = o
    csr.get_subject().organizationalUnitName = ou
    csr.get_subject().emailAddress = email
    # csr.get_subject().subjectAltName = 'test.example.com'

    x509_extensions = ([])

    # TODO: support "IP:" in addition to "DNS:" below
    sans_list = []
    for san in sans:
        sans_list.append("DNS: {0}".format(san))

    sans_list = ", ".join(sans_list).encode()

    if sans_list:
        x509_extensions.append(crypto.X509Extension("subjectAltName".encode(), False, sans_list))

    csr.add_extensions(x509_extensions)

    csr.set_pubkey(key)
    csr.sign(key, "sha256")

    csr_out = crypto.dump_certificate_request(crypto.FILETYPE_PEM, csr)
    key_out = crypto.dump_privatekey(crypto.FILETYPE_PEM, key)

    return key_out,csr_out
開發者ID:redhat-cop,項目名稱:infra-ansible,代碼行數:38,代碼來源:generate_csr.py

示例10: get_valid_csr_object

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def get_valid_csr_object():
    """Create a valid X509Req object"""
    key_pair = create_key_pair(crypto.TYPE_RSA, 2048)
    csr = crypto.X509Req()
    subject = csr.get_subject()
    setattr(subject, "CN", "host.example.net")
    csr.set_pubkey(key_pair)
    csr.sign(key_pair, "sha256")
    return csr
開發者ID:cloud-security-research,項目名稱:sgx-kms,代碼行數:11,代碼來源:certificate_utils.py

示例11: create_csr_that_has_not_been_signed

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def create_csr_that_has_not_been_signed():
    """Generate a CSR that has not been signed."""
    key_pair = create_key_pair(crypto.TYPE_RSA, 2048)
    csr = crypto.X509Req()
    subject = csr.get_subject()
    setattr(subject, "CN", "host.example.net")
    csr.set_pubkey(key_pair)
    pem = crypto.dump_certificate_request(crypto.FILETYPE_PEM, csr)
    return pem
開發者ID:cloud-security-research,項目名稱:sgx-kms,代碼行數:11,代碼來源:certificate_utils.py

示例12: create_csr_signed_with_wrong_key

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def create_csr_signed_with_wrong_key():
    """Generate a CSR that has been signed by the wrong key."""
    key_pair1 = create_key_pair(crypto.TYPE_RSA, 2048)
    key_pair2 = create_key_pair(crypto.TYPE_RSA, 2048)
    csr = crypto.X509Req()
    subject = csr.get_subject()
    setattr(subject, "CN", "host.example.net")
    # set public key from key pair 1
    csr.set_pubkey(key_pair1)
    # sign with public key from key pair 2
    csr.sign(key_pair2, "sha256")
    pem = crypto.dump_certificate_request(crypto.FILETYPE_PEM, csr)
    return pem
開發者ID:cloud-security-research,項目名稱:sgx-kms,代碼行數:15,代碼來源:certificate_utils.py

示例13: create_csr_with_bad_subject_dn

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def create_csr_with_bad_subject_dn():
    """Generate a CSR that has a bad subject dn."""
    key_pair = create_key_pair(crypto.TYPE_RSA, 2048)
    csr = crypto.X509Req()
    subject = csr.get_subject()
    # server certs require attribute 'CN'
    setattr(subject, "UID", "bar")
    csr.set_pubkey(key_pair)
    csr.sign(key_pair, "sha256")
    pem = crypto.dump_certificate_request(crypto.FILETYPE_PEM, csr)
    return pem
開發者ID:cloud-security-research,項目名稱:sgx-kms,代碼行數:13,代碼來源:certificate_utils.py

示例14: generate

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def generate(self, module):
        '''Generate the certificate signing request.'''

        if not os.path.exists(self.path) or self.force:
            req = crypto.X509Req()
            req.set_version(self.version)
            subject = req.get_subject()
            for (key, value) in self.subject.items():
                if value is not None:
                    setattr(subject, key, value)

            if self.subjectAltName is not None:
                req.add_extensions([crypto.X509Extension(b"subjectAltName", False, self.subjectAltName.encode('ascii'))])

            privatekey_content = open(self.privatekey_path).read()
            self.privatekey = crypto.load_privatekey(crypto.FILETYPE_PEM, privatekey_content)

            req.set_pubkey(self.privatekey)
            req.sign(self.privatekey, self.digest)
            self.request = req

            try:
                csr_file = open(self.path, 'wb')
                csr_file.write(crypto.dump_certificate_request(crypto.FILETYPE_PEM, self.request))
                csr_file.close()
            except (IOError, OSError) as exc:
                raise CertificateSigningRequestError(exc)
        else:
            self.changed = False

        file_args = module.load_file_common_arguments(module.params)
        if module.set_fs_attributes_if_different(file_args, False):
            self.changed = True
開發者ID:mrlesmithjr,項目名稱:Ansible,代碼行數:35,代碼來源:openssl_csr.py

示例15: create_request

# 需要導入模塊: from OpenSSL import crypto [as 別名]
# 或者: from OpenSSL.crypto import X509Req [as 別名]
def create_request(pk, common_name):
    """Create a certificate request."""
    rq = crypto.X509Req()
    subj = rq.get_subject()
    subj.CN = common_name
    rq.set_pubkey(pk)
    rq.sign(pk, 'sha256')
    return rq
開發者ID:lschoe,項目名稱:mpyc,代碼行數:10,代碼來源:generate-certificates.py


注:本文中的OpenSSL.crypto.X509Req方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。