Python OpenSSL.crypto 模块,FILETYPE_TEXT 实例源码
我们从Python开源项目中,提取了以下47个代码示例,用于说明如何使用OpenSSL.crypto.FILETYPE_TEXT。
def test_dump_certificate(self):
"""
L{dump_certificate} writes PEM,DER,and text.
"""
pemData = cleartextCertificatePEM + cleartextPrivateKeyPEM
cert = load_certificate(FILETYPE_PEM, pemData)
dumped_pem = dump_certificate(FILETYPE_PEM, cert)
self.assertEqual(dumped_pem, cleartextCertificatePEM)
dumped_der = dump_certificate(FILETYPE_ASN1, cert)
good_der = _runopenssl(dumped_pem, "x509", "-outform", "DER")
self.assertEqual(dumped_der, good_der)
cert2 = load_certificate(FILETYPE_ASN1, dumped_der)
dumped_pem2 = dump_certificate(FILETYPE_PEM, cert2)
self.assertEqual(dumped_pem2, cleartextCertificatePEM)
dumped_text = dump_certificate(FILETYPE_TEXT, cert)
good_text = _runopenssl(dumped_pem, "-noout", "-text")
self.assertEqual(dumped_text, good_text)
def test_dump_certificate_request(self):
"""
L{dump_certificate_request} writes a PEM,and text.
"""
req = load_certificate_request(FILETYPE_PEM, cleartextCertificateRequestPEM)
dumped_pem = dump_certificate_request(FILETYPE_PEM, req)
self.assertEqual(dumped_pem, cleartextCertificateRequestPEM)
dumped_der = dump_certificate_request(FILETYPE_ASN1, req)
good_der = _runopenssl(dumped_pem, "req", good_der)
req2 = load_certificate_request(FILETYPE_ASN1, dumped_der)
dumped_pem2 = dump_certificate_request(FILETYPE_PEM, req2)
self.assertEqual(dumped_pem2, cleartextCertificateRequestPEM)
dumped_text = dump_certificate_request(FILETYPE_TEXT, req)
good_text = _runopenssl(dumped_pem, good_text)
def test_dump_certificate(self):
"""
:py:obj:`dump_certificate` writes PEM, b"x509", b"-outform", b"DER")
self.assertEqual(dumped_der, b"-noout", b"-text")
self.assertEqual(dumped_text, good_text)
def test_dump_certificate_request(self):
"""
:py:obj:`dump_certificate_request` writes a PEM, b"req", good_text)
self.assertRaises(ValueError, dump_certificate_request, 100, req)
def test_export_text(self):
"""
If passed ``FILETYPE_TEXT`` for the format,``CRL.export`` returns a
text format string like the one produced by the openssl command line
tool.
"""
crl = self._get_crl()
dumped_crl = crl.export(self.cert, self.pkey, FILETYPE_ASN1)
text = _runopenssl(
dumped_crl, b"crl", b"-text", b"-inform", b"DER"
)
# text format
dumped_text = crl.export(self.cert, type=FILETYPE_TEXT)
self.assertEqual(text, dumped_text)
def test_dump_certificate(self):
"""
:py:obj:`dump_certificate` writes PEM, good_text)
def test_dump_certificate_request(self):
"""
:py:obj:`dump_certificate_request` writes a PEM, req)
def test_export_text(self):
"""
If passed ``FILETYPE_TEXT`` for the format, dumped_text)
def test_dump_certificate(self):
"""
L{dump_certificate} writes PEM, good_text)
def test_dump_privatekey(self):
"""
L{dump_privatekey} writes a PEM,and text.
"""
key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM)
self.assertTrue(key.check())
dumped_pem = dump_privatekey(FILETYPE_PEM, key)
self.assertEqual(dumped_pem, cleartextPrivateKeyPEM)
dumped_der = dump_privatekey(FILETYPE_ASN1, key)
# XXX This OpenSSL call writes "writing RSA key" to standard out. Sad.
good_der = _runopenssl(dumped_pem, "rsa", good_der)
key2 = load_privatekey(FILETYPE_ASN1, dumped_der)
dumped_pem2 = dump_privatekey(FILETYPE_PEM, key2)
self.assertEqual(dumped_pem2, cleartextPrivateKeyPEM)
dumped_text = dump_privatekey(FILETYPE_TEXT, key)
good_text = _runopenssl(dumped_pem, good_text)
def test_dump_certificate_request(self):
"""
L{dump_certificate_request} writes a PEM, req)
def test_unused_subject(self):
"""
The C{subject} parameter to L{X509Extension} may be provided for an
extension which does not use it and is ignored in this case.
"""
ext1 = X509Extension('basicConstraints', False, 'CA:TRUE', subject=self.x509)
self.x509.add_extensions([ext1])
self.x509.sign(self.pkey, 'sha1')
# This is a little lame. Can we think of a better way?
text = dump_certificate(FILETYPE_TEXT, self.x509)
self.assertTrue('X509v3 Basic Constraints:' in text)
self.assertTrue('CA:TRUE' in text)
def test_subject(self):
"""
If an extension requires a subject,the C{subject} parameter to
L{X509Extension} provides its value.
"""
ext3 = X509Extension('subjectKeyIdentifier', 'hash', subject=self.x509)
self.x509.add_extensions([ext3])
self.x509.sign(self.pkey, 'sha1')
text = dump_certificate(FILETYPE_TEXT, self.x509)
self.assertTrue('X509v3 Subject Key Identifier:' in text)
def test_unused_issuer(self):
"""
The C{issuer} parameter to L{X509Extension} may be provided for an
extension which does not use it and is ignored in this case.
"""
ext1 = X509Extension('basicConstraints', issuer=self.x509)
self.x509.add_extensions([ext1])
self.x509.sign(self.pkey, self.x509)
self.assertTrue('X509v3 Basic Constraints:' in text)
self.assertTrue('CA:TRUE' in text)
def test_issuer(self):
"""
If an extension requires a issuer,the C{issuer} parameter to
L{X509Extension} provides its value.
"""
ext2 = X509Extension(
'authorityKeyIdentifier', 'issuer:always',
issuer=self.x509)
self.x509.add_extensions([ext2])
self.x509.sign(self.pkey, self.x509)
self.assertTrue('X509v3 Authority Key Identifier:' in text)
self.assertTrue('DirName:/CN=Yoda root CA' in text)
def test_dump_certificate_request(self):
"""
L{dump_certificate_request} writes a PEM, good_text)
def test_unused_subject(self, x509_data):
"""
The `subject` parameter to `X509Extension` may be provided for an
extension which does not use it and is ignored in this case.
"""
pkey, x509 = x509_data
ext1 = X509Extension(
b'basicConstraints', b'CA:TRUE', subject=x509)
x509.add_extensions([ext1])
x509.sign(pkey, x509)
assert b'X509v3 Basic Constraints:' in text
assert b'CA:TRUE' in text
def test_subject(self, x509_data):
"""
If an extension requires a subject,the `subject` parameter to
`X509Extension` provides its value.
"""
pkey, x509 = x509_data
ext3 = X509Extension(
b'subjectKeyIdentifier', b'hash', subject=x509)
x509.add_extensions([ext3])
x509.sign(pkey, x509)
assert b'X509v3 Subject Key Identifier:' in text
def test_unused_issuer(self, x509_data):
"""
The `issuer` parameter to `X509Extension` may be provided for an
extension which does not use it and is ignored in this case.
"""
pkey, issuer=x509)
x509.add_extensions([ext1])
x509.sign(pkey, x509)
assert b'X509v3 Basic Constraints:' in text
assert b'CA:TRUE' in text
def test_issuer(self, x509_data):
"""
If an extension requires an issuer,the `issuer` parameter to
`X509Extension` provides its value.
"""
pkey, x509 = x509_data
ext2 = X509Extension(
b'authorityKeyIdentifier', b'issuer:always',
issuer=x509)
x509.add_extensions([ext2])
x509.sign(pkey, x509)
assert b'X509v3 Authority Key Identifier:' in text
assert b'DirName:/CN=Yoda root CA' in text
def test_invalid_type(self):
"""
load_publickey doesn't support FILETYPE_TEXT.
"""
with pytest.raises(ValueError):
load_publickey(FILETYPE_TEXT, cleartextPublicKeyPEM)
def test_dump_privatekey_invalid_pkey(self):
with pytest.raises(TypeError):
dump_privatekey(FILETYPE_TEXT, object())
def test_dump_certificate(self):
"""
`dump_certificate` writes PEM, cert)
assert dumped_pem == cleartextCertificatePEM
dumped_der = dump_certificate(FILETYPE_ASN1, b"DER")
assert dumped_der == good_der
cert2 = load_certificate(FILETYPE_ASN1, cert2)
assert dumped_pem2 == cleartextCertificatePEM
dumped_text = dump_certificate(FILETYPE_TEXT, cert)
good_text = _runopenssl(
dumped_pem, b"-nameopt", b"")
assert dumped_text == good_text
def test_dump_privatekey_text(self):
"""
`dump_privatekey` writes a text
"""
key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM)
dumped_pem = dump_privatekey(FILETYPE_PEM, key)
dumped_text = dump_privatekey(FILETYPE_TEXT, b"rsa", b"-text")
assert dumped_text == good_text
def test_dump_publickey_invalid_type(self):
"""
dump_publickey doesn't support FILETYPE_TEXT.
"""
key = load_publickey(FILETYPE_PEM, cleartextPublicKeyPEM)
with pytest.raises(ValueError):
dump_publickey(FILETYPE_TEXT, key)
def test_dump_certificate_request(self):
"""
`dump_certificate_request` writes a PEM,and text.
"""
req = load_certificate_request(
FILETYPE_PEM, req)
assert dumped_pem == cleartextCertificateRequestPEM
dumped_der = dump_certificate_request(FILETYPE_ASN1, b"DER")
assert dumped_der == good_der
req2 = load_certificate_request(FILETYPE_ASN1, req2)
assert dumped_pem2 == cleartextCertificateRequestPEM
dumped_text = dump_certificate_request(FILETYPE_TEXT, req)
good_text = _runopenssl(
dumped_pem, b"")
assert dumped_text == good_text
with pytest.raises(ValueError):
dump_certificate_request(100, req)
def test_export_unknown_filetype(self):
"""
Calling `OpenSSL.CRL.export` with a file type other than
`FILETYPE_PEM`,`FILETYPE_ASN1`,or
`FILETYPE_TEXT` results in a `ValueError` being raised.
"""
crl = CRL()
with pytest.raises(ValueError):
crl.export(self.cert, 10, digest=b"sha256")
def test_unused_subject(self):
"""
The C{subject} parameter to L{X509Extension} may be provided for an
extension which does not use it and is ignored in this case.
"""
ext1 = X509Extension('basicConstraints', self.x509)
self.assertTrue('X509v3 Basic Constraints:' in text)
self.assertTrue('CA:TRUE' in text)
def test_subject(self):
"""
If an extension requires a subject, self.x509)
self.assertTrue('X509v3 Subject Key Identifier:' in text)
def test_unused_issuer(self):
"""
The C{issuer} parameter to L{X509Extension} may be provided for an
extension which does not use it and is ignored in this case.
"""
ext1 = X509Extension('basicConstraints', self.x509)
self.assertTrue('X509v3 Basic Constraints:' in text)
self.assertTrue('CA:TRUE' in text)
def test_issuer(self):
"""
If an extension requires a issuer, self.x509)
self.assertTrue('X509v3 Authority Key Identifier:' in text)
self.assertTrue('DirName:/CN=Yoda root CA' in text)
def test_dump_certificate(self):
"""
L{dump_certificate} writes PEM, good_text)
def test_unused_subject(self):
"""
The :py:data:`subject` parameter to :py:class:`X509Extension` may be provided for an
extension which does not use it and is ignored in this case.
"""
ext1 = X509Extension(
b('basicConstraints'), b('CA:TRUE'), self.x509)
self.assertTrue(b('X509v3 Basic Constraints:') in text)
self.assertTrue(b('CA:TRUE') in text)
def test_subject(self):
"""
If an extension requires a subject,the :py:data:`subject` parameter to
:py:class:`X509Extension` provides its value.
"""
ext3 = X509Extension(
b('subjectKeyIdentifier'), b('hash'), self.x509)
self.assertTrue(b('X509v3 Subject Key Identifier:') in text)
def test_unused_issuer(self):
"""
The :py:data:`issuer` parameter to :py:class:`X509Extension` may be provided for an
extension which does not use it and is ignored in this case.
"""
ext1 = X509Extension(
b('basicConstraints'), self.x509)
self.assertTrue(b('X509v3 Basic Constraints:') in text)
self.assertTrue(b('CA:TRUE') in text)
def test_issuer(self):
"""
If an extension requires an issuer,the :py:data:`issuer` parameter to
:py:class:`X509Extension` provides its value.
"""
ext2 = X509Extension(
b('authorityKeyIdentifier'), b('issuer:always'), self.x509)
self.assertTrue(b('X509v3 Authority Key Identifier:') in text)
self.assertTrue(b('DirName:/CN=Yoda root CA') in text)
def test_export_unknown_filetype(self):
"""
Calling :py:obj:`OpenSSL.CRL.export` with a file type other than
:py:obj:`FILETYPE_PEM`,:py:obj:`FILETYPE_ASN1`,or :py:obj:`FILETYPE_TEXT` results
in a :py:obj:`ValueError` being raised.
"""
crl = CRL()
self.assertRaises(ValueError, crl.export, self.cert, 10)
def test_unused_subject(self):
"""
The :py:data:`subject` parameter to :py:class:`X509Extension` may be provided for an
extension which does not use it and is ignored in this case.
"""
ext1 = X509Extension(
b('basicConstraints'), self.x509)
self.assertTrue(b('X509v3 Basic Constraints:') in text)
self.assertTrue(b('CA:TRUE') in text)
def test_subject(self):
"""
If an extension requires a subject, self.x509)
self.assertTrue(b('X509v3 Subject Key Identifier:') in text)
def test_unused_issuer(self):
"""
The :py:data:`issuer` parameter to :py:class:`X509Extension` may be provided for an
extension which does not use it and is ignored in this case.
"""
ext1 = X509Extension(
b('basicConstraints'), self.x509)
self.assertTrue(b('X509v3 Basic Constraints:') in text)
self.assertTrue(b('CA:TRUE') in text)
def test_issuer(self):
"""
If an extension requires an issuer, self.x509)
self.assertTrue(b('X509v3 Authority Key Identifier:') in text)
self.assertTrue(b('DirName:/CN=Yoda root CA') in text)
def test_export_unknown_filetype(self):
"""
Calling :py:obj:`OpenSSL.CRL.export` with a file type other than
:py:obj:`FILETYPE_PEM`, 10)
def test_unused_subject(self):
"""
The C{subject} parameter to L{X509Extension} may be provided for an
extension which does not use it and is ignored in this case.
"""
ext1 = X509Extension(
b('basicConstraints'), self.x509)
self.assertTrue(b('X509v3 Basic Constraints:') in text)
self.assertTrue(b('CA:TRUE') in text)
def test_subject(self):
"""
If an extension requires a subject,the C{subject} parameter to
L{X509Extension} provides its value.
"""
ext3 = X509Extension(
b('subjectKeyIdentifier'), self.x509)
self.assertTrue(b('X509v3 Subject Key Identifier:') in text)
def test_issuer(self):
"""
If an extension requires a issuer,the C{issuer} parameter to
L{X509Extension} provides its value.
"""
ext2 = X509Extension(
b('authorityKeyIdentifier'), self.x509)
self.assertTrue(b('X509v3 Authority Key Identifier:') in text)
self.assertTrue(b('DirName:/CN=Yoda root CA') in text)
def test_export(self):
"""
Use python to create a simple CRL with a revocation,and export
the CRL in formats of PEM,DER and text. Those outputs are verified
with the openssl program.
"""
crl = CRL()
revoked = Revoked()
now = b(datetime.now().strftime("%Y%m%d%H%M%SZ"))
revoked.set_rev_date(now)
revoked.set_serial(b('3ab'))
revoked.set_reason(b('sUpErSeDEd'))
crl.add_revoked(revoked)
# PEM format
dumped_crl = crl.export(self.cert, days=20)
text = _runopenssl(dumped_crl, "crl", "-text")
text.index(b('Serial Number: 03AB'))
text.index(b('Superseded'))
text.index(b('Issuer: /C=US/ST=IL/L=Chicago/O=Testing/CN=Testing Root CA'))
# DER format
dumped_crl = crl.export(self.cert, FILETYPE_ASN1)
text = _runopenssl(dumped_crl, "-text", "-inform", "DER")
text.index(b('Serial Number: 03AB'))
text.index(b('Superseded'))
text.index(b('Issuer: /C=US/ST=IL/L=Chicago/O=Testing/CN=Testing Root CA'))
# text format
dumped_text = crl.export(self.cert, dumped_text)
def le_cert_p12(self, caminho, senha):
p12 = load_pkcs12(open(caminho, 'rb').read(), senha)
return dump_certificate(FILETYPE_TEXT, p12.get_certificate()).decode()
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。