當前位置: 首頁>>代碼示例>>Python>>正文


Python x509.NameAttribute方法代碼示例

本文整理匯總了Python中cryptography.x509.NameAttribute方法的典型用法代碼示例。如果您正苦於以下問題:Python x509.NameAttribute方法的具體用法?Python x509.NameAttribute怎麽用?Python x509.NameAttribute使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在cryptography.x509的用法示例。


在下文中一共展示了x509.NameAttribute方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。

示例1: build_csr

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def build_csr(self, hostname, **kwargs):
        realm = self.plugin.ipa.env.realm
        builder = x509.CertificateSigningRequestBuilder()
        builder = builder.subject_name(
            x509.Name([
                x509.NameAttribute(oid.NameOID.COMMON_NAME, hostname),
                x509.NameAttribute(oid.NameOID.ORGANIZATION_NAME, realm),
            ])
        )
        build = builder.add_extension(
            x509.BasicConstraints(ca=False, path_length=None), critical=True,
        )
        build = builder.add_extension(
            x509.ExtendedKeyUsage([TLS_SERVERAUTH]), critical=True
        )
        builder = build.add_extension(
            x509.SubjectAlternativeName([x509.DNSName(hostname)]),
            critical=False
        )
        return builder

    # pylint: disable=arguments-differ 
開發者ID:latchset,項目名稱:custodia,代碼行數:24,代碼來源:certrequest.py

示例2: generate_csr

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def generate_csr(common_name, dnsnames, ips, keysize):
    key = rsa.generate_private_key(
        public_exponent=65537,
        key_size=keysize,
        backend=default_backend()
    )

    key_pem = key.private_bytes(
        encoding=serialization.Encoding.PEM,
        format=serialization.PrivateFormat.TraditionalOpenSSL,
        encryption_algorithm=serialization.NoEncryption(),
    )

    csr = x509.CertificateSigningRequestBuilder()
    csr = csr.subject_name(x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, common_name)]))
    csr = csr.add_extension(
        x509.SubjectAlternativeName(dnsnames + ips),
        critical=False,
    )
    csr = csr.sign(key, hashes.SHA256(), default_backend())

    csr_pem = csr.public_bytes(serialization.Encoding.PEM)

    return key_pem, csr_pem 
開發者ID:python,項目名稱:pypi-infra,代碼行數:26,代碼來源:requestor.py

示例3: create_csr

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def create_csr(key, domains, must_staple=False):
    """
    Creates a CSR in DER format for the specified key and domain names.
    """
    assert domains
    name = x509.Name([
        x509.NameAttribute(NameOID.COMMON_NAME, domains[0]),
    ])
    san = x509.SubjectAlternativeName([x509.DNSName(domain) for domain in domains])
    csr = x509.CertificateSigningRequestBuilder().subject_name(name) \
        .add_extension(san, critical=False)
    if must_staple:
        ocsp_must_staple = x509.TLSFeature(features=[x509.TLSFeatureType.status_request])
        csr = csr.add_extension(ocsp_must_staple, critical=False)
    csr = csr.sign(key, hashes.SHA256(), default_backend())
    return export_csr_for_acme(csr) 
開發者ID:veeti,項目名稱:manuale,代碼行數:18,代碼來源:crypto.py

示例4: create_self_signed_certificate

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def create_self_signed_certificate(subject_name, private_key, days_valid=365):
    subject = x509.Name([
        x509.NameAttribute(x509.NameOID.ORGANIZATION_NAME, u"Test, Inc."),
        x509.NameAttribute(x509.NameOID.COMMON_NAME, subject_name)
    ])
    certificate = x509.CertificateBuilder().subject_name(
        subject
    ).issuer_name(
        subject
    ).public_key(
        private_key.public_key()
    ).serial_number(
        x509.random_serial_number()
    ).add_extension(
        x509.BasicConstraints(ca=True, path_length=None), critical=True
    ).not_valid_before(
        datetime.datetime.utcnow()
    ).not_valid_after(
        datetime.datetime.utcnow() + datetime.timedelta(days=days_valid)
    ).sign(private_key, hashes.SHA256(), backends.default_backend())

    return certificate 
開發者ID:OpenKMIP,項目名稱:PyKMIP,代碼行數:24,代碼來源:create_certificates.py

示例5: certificate

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def certificate(private_key: rsa.RSAPrivateKey) -> x509.Certificate:
    b = x509.CertificateBuilder()
    name = x509.Name([
        x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
        x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
        x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
        x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Commandment"),
        x509.NameAttribute(NameOID.COMMON_NAME, u"CA-CERTIFICATE"),
    ])

    cer = b.subject_name(name).issuer_name(name).public_key(
        private_key.public_key()
    ).serial_number(1).not_valid_before(
        datetime.datetime.utcnow()
    ).not_valid_after(
        datetime.datetime.utcnow() + datetime.timedelta(days=10)
    ).add_extension(
        x509.BasicConstraints(ca=False, path_length=None), True
    ).sign(private_key, hashes.SHA256(), default_backend())

    return cer 
開發者ID:cmdmnt,項目名稱:commandment,代碼行數:23,代碼來源:conftest.py

示例6: ca_certificate

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def ca_certificate(private_key: rsa.RSAPrivateKey) -> x509.Certificate:
    b = x509.CertificateBuilder()
    name = x509.Name([
        x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
        x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
        x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
        x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Commandment"),
        x509.NameAttribute(NameOID.COMMON_NAME, u"CA-CERTIFICATE"),
    ])

    cert = b.serial_number(1).issuer_name(
        name
    ).subject_name(
        name
    ).public_key(
        private_key.public_key()
    ).not_valid_before(
        datetime.datetime.utcnow()
    ).not_valid_after(
        datetime.datetime.utcnow() + datetime.timedelta(days=10)
    ).add_extension(
        x509.BasicConstraints(ca=True, path_length=None), True
    ).sign(private_key, hashes.SHA256(), default_backend())

    return cert 
開發者ID:cmdmnt,項目名稱:commandment,代碼行數:27,代碼來源:conftest.py

示例7: format_relative_name

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def format_relative_name(name):
    """Convert a relative name (RDN) into a canonical form.

    Examples::

        >>> format_relative_name([('C', 'AT'), ('CN', 'example.com')])
        '/C=AT/CN=example.com'
        >>> format_relative_name(x509.RelativeDistinguishedName([
        ...     x509.NameAttribute(NameOID.COMMON_NAME, u'example.com')
        ... ]))
        '/CN=example.com'
    """
    if isinstance(name, x509.RelativeDistinguishedName):
        name = [(OID_NAME_MAPPINGS[s.oid], s.value) for s in name]

    return '/%s' % ('/'.join(['%s=%s' % (force_text(k), force_text(v)) for k, v in name])) 
開發者ID:mathiasertl,項目名稱:django-ca,代碼行數:18,代碼來源:utils.py

示例8: x509_relative_name

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def x509_relative_name(name):
    """Parse a relative name (RDN) into a :py:class:`~cg:cryptography.x509.RelativeDistinguishedName`.

    >>> x509_relative_name('/CN=example.com')
    <RelativeDistinguishedName(CN=example.com)>
    >>> x509_relative_name([('CN', 'example.com')])
    <RelativeDistinguishedName(CN=example.com)>
    """
    if isinstance(name, x509.RelativeDistinguishedName):
        return name
    elif isinstance(name, str):
        name = parse_name(name)

    return x509.RelativeDistinguishedName([
        x509.NameAttribute(NAME_OID_MAPPINGS[typ], force_text(value)) for typ, value in name
    ]) 
開發者ID:mathiasertl,項目名稱:django-ca,代碼行數:18,代碼來源:utils.py

示例9: test_export_pem

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def test_export_pem(self):
        """
        If not passed a format, ``CRL.export`` returns a "PEM" format string
        representing a serial number, a revoked reason, and certificate issuer
        information.
        """
        # PEM format
        dumped_crl = self._get_crl().export(
            self.cert, self.pkey, days=20, digest=b"sha256"
        )
        crl = x509.load_pem_x509_crl(dumped_crl, backend)
        revoked = crl.get_revoked_certificate_by_serial_number(0x03AB)
        assert revoked is not None
        assert crl.issuer == x509.Name([
            x509.NameAttribute(x509.NameOID.COUNTRY_NAME, u"US"),
            x509.NameAttribute(x509.NameOID.STATE_OR_PROVINCE_NAME, u"IL"),
            x509.NameAttribute(x509.NameOID.LOCALITY_NAME, u"Chicago"),
            x509.NameAttribute(x509.NameOID.ORGANIZATION_NAME, u"Testing"),
            x509.NameAttribute(x509.NameOID.COMMON_NAME, u"Testing Root CA"),
        ]) 
開發者ID:pyca,項目名稱:pyopenssl,代碼行數:22,代碼來源:test_crypto.py

示例10: test_export_der

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def test_export_der(self):
        """
        If passed ``FILETYPE_ASN1`` for the format, ``CRL.export`` returns a
        "DER" format string representing a serial number, a revoked reason, and
        certificate issuer information.
        """
        crl = self._get_crl()

        # DER format
        dumped_crl = self._get_crl().export(
            self.cert, self.pkey, FILETYPE_ASN1, digest=b"md5"
        )
        crl = x509.load_der_x509_crl(dumped_crl, backend)
        revoked = crl.get_revoked_certificate_by_serial_number(0x03AB)
        assert revoked is not None
        assert crl.issuer == x509.Name([
            x509.NameAttribute(x509.NameOID.COUNTRY_NAME, u"US"),
            x509.NameAttribute(x509.NameOID.STATE_OR_PROVINCE_NAME, u"IL"),
            x509.NameAttribute(x509.NameOID.LOCALITY_NAME, u"Chicago"),
            x509.NameAttribute(x509.NameOID.ORGANIZATION_NAME, u"Testing"),
            x509.NameAttribute(x509.NameOID.COMMON_NAME, u"Testing Root CA"),
        ])

    # Flaky because we compare the output of running commands which sometimes
    # varies by 1 second 
開發者ID:pyca,項目名稱:pyopenssl,代碼行數:27,代碼來源:test_crypto.py

示例11: generate_csr

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def generate_csr(key, domainname):
    private_key = serialization.load_pem_private_key(key, password=None,
                                                     backend=default_backend())
    csr = x509.CertificateSigningRequestBuilder().subject_name(x509.Name([
        # Provide various details about who we are.
        x509.NameAttribute(NameOID.COUNTRY_NAME, u"BR"),
        x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"RJ"),
        x509.NameAttribute(NameOID.LOCALITY_NAME, u"Rio de Janeiro"),
        x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"globo.com"),
        x509.NameAttribute(NameOID.COMMON_NAME, domainname),
    ])).add_extension(
        x509.SubjectAlternativeName([x509.DNSName(domainname)]),
        critical=False,
    ).sign(private_key, hashes.SHA256(), default_backend())

    return csr.public_bytes(serialization.Encoding.PEM) 
開發者ID:tsuru,項目名稱:rpaas,代碼行數:18,代碼來源:sslutils.py

示例12: _generate_csr

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def _generate_csr(cls, cn, private_key, passphrase=None):
        pk = serialization.load_pem_private_key(
            data=private_key, password=passphrase,
            backend=backends.default_backend())
        csr = x509.CertificateSigningRequestBuilder().subject_name(
            x509.Name([
                x509.NameAttribute(x509.oid.NameOID.COMMON_NAME, cn),
            ])
        )
        csr = csr.add_extension(
            x509.BasicConstraints(
                ca=False,
                path_length=None
            ),
            critical=True
        )
        csr = csr.add_extension(
            x509.KeyUsage(
                digital_signature=True,
                key_encipherment=True,
                data_encipherment=True,
                key_agreement=True,
                content_commitment=False,
                key_cert_sign=False,
                crl_sign=False,
                encipher_only=False,
                decipher_only=False
            ),
            critical=True
        )
        csr = csr.add_extension(
            x509.SubjectAlternativeName([x509.DNSName(cn)]),
            critical=False
        )
        signed_csr = csr.sign(
            pk,
            getattr(hashes, CONF.certificates.signing_digest.upper())(),
            backends.default_backend())
        return signed_csr.public_bytes(serialization.Encoding.PEM) 
開發者ID:openstack,項目名稱:octavia,代碼行數:41,代碼來源:local.py

示例13: setUp

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def setUp(self):
        self.signing_digest = "sha256"

        # Set up CSR data
        csr_key = rsa.generate_private_key(
            public_exponent=65537,
            key_size=2048,
            backend=backends.default_backend()
        )
        csr = x509.CertificateSigningRequestBuilder().subject_name(
            x509.Name([
                x509.NameAttribute(x509.oid.NameOID.COMMON_NAME, u"test"),
            ])).sign(csr_key, hashes.SHA256(), backends.default_backend())
        self.certificate_signing_request = csr.public_bytes(
            serialization.Encoding.PEM)

        # Set up keys
        self.ca_key = rsa.generate_private_key(
            public_exponent=65537,
            key_size=2048,
            backend=backends.default_backend()
        )

        self.ca_private_key_passphrase = b"Testing"
        self.ca_private_key = self.ca_key.private_bytes(
            encoding=serialization.Encoding.PEM,
            format=serialization.PrivateFormat.TraditionalOpenSSL,
            encryption_algorithm=serialization.BestAvailableEncryption(
                self.ca_private_key_passphrase),
        )

        super(BaseLocalCSRTestCase, self).setUp() 
開發者ID:openstack,項目名稱:octavia,代碼行數:34,代碼來源:local_csr.py

示例14: setUp

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def setUp(self):
        super(TestLocalGenerator, self).setUp()
        self.signing_digest = "sha256"

        # Setup CA data

        ca_cert = x509.CertificateBuilder()
        valid_from_datetime = datetime.datetime.utcnow()
        valid_until_datetime = (datetime.datetime.utcnow() +
                                datetime.timedelta(
            seconds=2 * 365 * 24 * 60 * 60))
        ca_cert = ca_cert.not_valid_before(valid_from_datetime)
        ca_cert = ca_cert.not_valid_after(valid_until_datetime)
        ca_cert = ca_cert.serial_number(1)
        subject_name = x509.Name([
            x509.NameAttribute(x509.oid.NameOID.COUNTRY_NAME, u"US"),
            x509.NameAttribute(x509.oid.NameOID.STATE_OR_PROVINCE_NAME,
                               u"Oregon"),
            x509.NameAttribute(x509.oid.NameOID.LOCALITY_NAME, u"Springfield"),
            x509.NameAttribute(x509.oid.NameOID.ORGANIZATION_NAME,
                               u"Springfield Nuclear Power Plant"),
            x509.NameAttribute(x509.oid.NameOID.COMMON_NAME, u"maggie1"),
        ])
        ca_cert = ca_cert.subject_name(subject_name)
        ca_cert = ca_cert.issuer_name(subject_name)
        ca_cert = ca_cert.public_key(self.ca_key.public_key())
        signed_cert = ca_cert.sign(private_key=self.ca_key,
                                   algorithm=hashes.SHA256(),
                                   backend=backends.default_backend())

        self.ca_certificate = signed_cert.public_bytes(
            encoding=serialization.Encoding.PEM)

        self.cert_generator = local_cert_gen.LocalCertGenerator 
開發者ID:openstack,項目名稱:octavia,代碼行數:36,代碼來源:test_local.py

示例15: serialize

# 需要導入模塊: from cryptography import x509 [as 別名]
# 或者: from cryptography.x509 import NameAttribute [as 別名]
def serialize(self,
                  # password=None,
                  country=u"US",
                  state=u"CA",
                  city=u"San Francisco",
                  company=u"Lokey Examle",
                  common_name=u"example.com"):
        # This should be handled already
        # if not password:
        #     password = None
        key = serialization.load_pem_private_key(
            self.to('pem'),
            password=None,
            backend=default_backend())

        subject = x509.Name([
            x509.NameAttribute(NameOID.COUNTRY_NAME, country),
            x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, state),
            x509.NameAttribute(NameOID.LOCALITY_NAME, city),
            x509.NameAttribute(NameOID.ORGANIZATION_NAME, company),
            x509.NameAttribute(NameOID.COMMON_NAME, common_name),
        ])
        cert = x509.CertificateSigningRequestBuilder().subject_name(
            subject
        ).sign(key, hashes.SHA256(), default_backend())
        return cert.public_bytes(serialization.Encoding.PEM) 
開發者ID:jpf,項目名稱:lokey,代碼行數:28,代碼來源:__init__.py


注:本文中的cryptography.x509.NameAttribute方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。