1
0
mirror of https://github.com/laurivosandi/certidude synced 2024-12-23 00:25:18 +00:00

Add preliminary PKCS#12 bundle generation

This commit is contained in:
Lauri Võsandi 2016-03-01 11:01:53 +02:00
parent 449dcea821
commit d38a9a8103
4 changed files with 33 additions and 4 deletions

View File

@ -0,0 +1,6 @@
try:
from future.standard_library import install_aliases
install_aliases()
except ImportError:
pass

View File

@ -146,6 +146,31 @@ def delete_request(common_name):
requests.delete(config.PUSH_PUBLISH % request_sha1sum, requests.delete(config.PUSH_PUBLISH % request_sha1sum,
headers={"User-Agent": "Certidude API"}) headers={"User-Agent": "Certidude API"})
def generate_p12_bundle(common_name):
# Construct private key
click.echo("Generating 4096-bit RSA key...")
key = crypto.PKey()
key.generate_key(crypto.TYPE_RSA, 512)
# Construct CSR
csr = crypto.X509Req()
csr.set_version(2) # Corresponds to X.509v3
csr.set_pubkey(key)
csr.get_subject().CN = common_name
buf = crypto.dump_certificate_request(crypto.FILETYPE_PEM, csr).decode("utf-8")
# Sign CSR
cert = sign(Request(buf), overwrite=True)
# Generate P12
ca_certs = crypto.load_certificate(crypto.FILETYPE_PEM, open(config.AUTHORITY_CERTIFICATE_PATH).read()),
p12 = crypto.PKCS12()
p12.set_privatekey( key )
p12.set_certificate( cert._obj )
p12.set_ca_certificates( ca_certs )
return p12.export()
@publish_certificate @publish_certificate
def sign(req, overwrite=False, delete=True): def sign(req, overwrite=False, delete=True):
""" """

View File

@ -23,8 +23,6 @@ from jinja2 import Environment, PackageLoader
from time import sleep from time import sleep
from setproctitle import setproctitle from setproctitle import setproctitle
from OpenSSL import crypto from OpenSSL import crypto
from future.standard_library import install_aliases
install_aliases()
env = Environment(loader=PackageLoader("certidude", "templates"), trim_blocks=True) env = Environment(loader=PackageLoader("certidude", "templates"), trim_blocks=True)

View File

@ -199,7 +199,7 @@ class Request(CertificateBase):
self.path = NotImplemented self.path = NotImplemented
self.created = NotImplemented self.created = NotImplemented
if isinstance(mixed, file): if hasattr(mixed, "read"):
self.path = mixed.name self.path = mixed.name
_, _, _, _, _, _, _, _, mtime, _ = os.stat(self.path) _, _, _, _, _, _, _, _, mtime, _ = os.stat(self.path)
self.created = datetime.fromtimestamp(mtime) self.created = datetime.fromtimestamp(mtime)
@ -248,7 +248,7 @@ class Certificate(CertificateBase):
self.path = NotImplemented self.path = NotImplemented
self.changed = NotImplemented self.changed = NotImplemented
if isinstance(mixed, file): if hasattr(mixed, "read"):
self.path = mixed.name self.path = mixed.name
_, _, _, _, _, _, _, _, mtime, _ = os.stat(self.path) _, _, _, _, _, _, _, _, mtime, _ = os.stat(self.path)
self.changed = datetime.fromtimestamp(mtime) self.changed = datetime.fromtimestamp(mtime)