85 lines
2.1 KiB
Python
85 lines
2.1 KiB
Python
|
#
|
||
|
# ---------- header -----------------------------------------------------------
|
||
|
#
|
||
|
# project kaneton
|
||
|
#
|
||
|
# license kaneton
|
||
|
#
|
||
|
# file /home/mycure/KANETON-TEST-SYSTEM/packages/ktp/certificate.py
|
||
|
#
|
||
|
# created julien quintard [mon oct 25 20:01:03 2010]
|
||
|
# updated julien quintard [wed oct 27 13:10:06 2010]
|
||
|
#
|
||
|
|
||
|
#
|
||
|
# ---------- packages ---------------------------------------------------------
|
||
|
#
|
||
|
|
||
|
from OpenSSL import crypto
|
||
|
|
||
|
#
|
||
|
# ---------- definitions ------------------------------------------------------
|
||
|
#
|
||
|
|
||
|
Extension = ".crt"
|
||
|
|
||
|
#
|
||
|
# ---------- functions --------------------------------------------------------
|
||
|
#
|
||
|
|
||
|
#
|
||
|
# this function returns a certificate request.
|
||
|
#
|
||
|
def Request(key,
|
||
|
digest = "md5",
|
||
|
**attributes):
|
||
|
request = crypto.X509Req()
|
||
|
|
||
|
subject = request.get_subject()
|
||
|
|
||
|
for (k, v) in attributes.items():
|
||
|
setattr(subject, k, v)
|
||
|
|
||
|
request.set_pubkey(key)
|
||
|
request.sign(key, digest)
|
||
|
|
||
|
return request
|
||
|
|
||
|
#
|
||
|
# this function creates a certificate according to the given
|
||
|
# certificate request.
|
||
|
#
|
||
|
def Create(request,
|
||
|
issuer,
|
||
|
serial,
|
||
|
timestamp,
|
||
|
digest = "md5"):
|
||
|
issuer_certificate = None
|
||
|
issuer_key = None
|
||
|
timestamp_notbefore = None
|
||
|
timestamp_notafter = None
|
||
|
|
||
|
(issuer_certificate, issuer_key) = issuer
|
||
|
(timestamp_notbefore, timestamp_notafter) = timestamp
|
||
|
|
||
|
certificate = crypto.X509()
|
||
|
|
||
|
certificate.set_serial_number(serial)
|
||
|
certificate.gmtime_adj_notBefore(timestamp_notbefore)
|
||
|
certificate.gmtime_adj_notAfter(timestamp_notafter)
|
||
|
certificate.set_issuer(issuer_certificate.get_subject())
|
||
|
certificate.set_subject(request.get_subject())
|
||
|
certificate.set_pubkey(request.get_pubkey())
|
||
|
|
||
|
certificate.sign(issuer_key, digest)
|
||
|
|
||
|
return certificate
|
||
|
|
||
|
#
|
||
|
# this function stores the given certificate on the file system.
|
||
|
#
|
||
|
def Store(path,
|
||
|
certificate):
|
||
|
open(path,
|
||
|
'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, certificate))
|