mirror of
https://github.com/laurivosandi/certidude
synced 2024-12-23 00:25:18 +00:00
Add preliminary PKCS#12 bundle generation
This commit is contained in:
parent
449dcea821
commit
d38a9a8103
@ -0,0 +1,6 @@
|
|||||||
|
|
||||||
|
try:
|
||||||
|
from future.standard_library import install_aliases
|
||||||
|
install_aliases()
|
||||||
|
except ImportError:
|
||||||
|
pass
|
@ -146,6 +146,31 @@ def delete_request(common_name):
|
|||||||
requests.delete(config.PUSH_PUBLISH % request_sha1sum,
|
requests.delete(config.PUSH_PUBLISH % request_sha1sum,
|
||||||
headers={"User-Agent": "Certidude API"})
|
headers={"User-Agent": "Certidude API"})
|
||||||
|
|
||||||
|
def generate_p12_bundle(common_name):
|
||||||
|
# Construct private key
|
||||||
|
click.echo("Generating 4096-bit RSA key...")
|
||||||
|
key = crypto.PKey()
|
||||||
|
key.generate_key(crypto.TYPE_RSA, 512)
|
||||||
|
|
||||||
|
# Construct CSR
|
||||||
|
csr = crypto.X509Req()
|
||||||
|
csr.set_version(2) # Corresponds to X.509v3
|
||||||
|
csr.set_pubkey(key)
|
||||||
|
csr.get_subject().CN = common_name
|
||||||
|
buf = crypto.dump_certificate_request(crypto.FILETYPE_PEM, csr).decode("utf-8")
|
||||||
|
|
||||||
|
# Sign CSR
|
||||||
|
cert = sign(Request(buf), overwrite=True)
|
||||||
|
|
||||||
|
# Generate P12
|
||||||
|
ca_certs = crypto.load_certificate(crypto.FILETYPE_PEM, open(config.AUTHORITY_CERTIFICATE_PATH).read()),
|
||||||
|
p12 = crypto.PKCS12()
|
||||||
|
p12.set_privatekey( key )
|
||||||
|
p12.set_certificate( cert._obj )
|
||||||
|
p12.set_ca_certificates( ca_certs )
|
||||||
|
return p12.export()
|
||||||
|
|
||||||
|
|
||||||
@publish_certificate
|
@publish_certificate
|
||||||
def sign(req, overwrite=False, delete=True):
|
def sign(req, overwrite=False, delete=True):
|
||||||
"""
|
"""
|
||||||
|
@ -23,8 +23,6 @@ from jinja2 import Environment, PackageLoader
|
|||||||
from time import sleep
|
from time import sleep
|
||||||
from setproctitle import setproctitle
|
from setproctitle import setproctitle
|
||||||
from OpenSSL import crypto
|
from OpenSSL import crypto
|
||||||
from future.standard_library import install_aliases
|
|
||||||
install_aliases()
|
|
||||||
|
|
||||||
env = Environment(loader=PackageLoader("certidude", "templates"), trim_blocks=True)
|
env = Environment(loader=PackageLoader("certidude", "templates"), trim_blocks=True)
|
||||||
|
|
||||||
|
@ -199,7 +199,7 @@ class Request(CertificateBase):
|
|||||||
self.path = NotImplemented
|
self.path = NotImplemented
|
||||||
self.created = NotImplemented
|
self.created = NotImplemented
|
||||||
|
|
||||||
if isinstance(mixed, file):
|
if hasattr(mixed, "read"):
|
||||||
self.path = mixed.name
|
self.path = mixed.name
|
||||||
_, _, _, _, _, _, _, _, mtime, _ = os.stat(self.path)
|
_, _, _, _, _, _, _, _, mtime, _ = os.stat(self.path)
|
||||||
self.created = datetime.fromtimestamp(mtime)
|
self.created = datetime.fromtimestamp(mtime)
|
||||||
@ -248,7 +248,7 @@ class Certificate(CertificateBase):
|
|||||||
self.path = NotImplemented
|
self.path = NotImplemented
|
||||||
self.changed = NotImplemented
|
self.changed = NotImplemented
|
||||||
|
|
||||||
if isinstance(mixed, file):
|
if hasattr(mixed, "read"):
|
||||||
self.path = mixed.name
|
self.path = mixed.name
|
||||||
_, _, _, _, _, _, _, _, mtime, _ = os.stat(self.path)
|
_, _, _, _, _, _, _, _, mtime, _ = os.stat(self.path)
|
||||||
self.changed = datetime.fromtimestamp(mtime)
|
self.changed = datetime.fromtimestamp(mtime)
|
||||||
|
Loading…
Reference in New Issue
Block a user