Ejemplo n.º 1
0
def make_certs(cfg):
    cname = 'Microsoft CNTK Demo'
    cakey = createKeyPair(crypto.TYPE_RSA, 2048)
    careq = createCertRequest(cakey, CN=cname)
    # CA certificate is valid for five years.
    cacert = createCertificate(careq, (careq, cakey), 0,
                               (0, 60 * 60 * 24 * 365 * 5))

    # print('Creating Certificate Authority private key in "%s"' % cfg.SSL_KEY)
    # with open(cfg.SSL_KEY, 'w') as capkey:
    #     capkey.write(
    #         crypto.dump_privatekey(crypto.FILETYPE_PEM, cakey).decode('utf-8')
    #     )

    # print('Creating Certificate Authority certificate in "%s"' % cfg.SSL_CERT)
    # with open(cfg.SSL_CERT, 'w') as ca:
    #     ca.write(
    #         crypto.dump_certificate(crypto.FILETYPE_PEM, cacert).decode('utf-8')
    #     )

    pkey = createKeyPair(crypto.TYPE_RSA, 2048)
    req = createCertRequest(pkey, CN=cname)
    # Certificates are valid for five years.
    cert = createCertificate(req, (cacert, cakey), 1,
                             (0, 60 * 60 * 24 * 365 * 5))

    with open(cfg.SSL_KEY, 'w') as leafpkey:
        leafpkey.write(
            crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey).decode('utf-8'))
    print('[SUCCESS] Created Certificate private key in "%s"' % cfg.SSL_KEY)

    with open(cfg.SSL_CERT, 'w') as leafcert:
        leafcert.write(
            crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode('utf-8'))
    print('[SUCCESS] Created Certificate certificate in "%s"' % cfg.SSL_CERT)
Ejemplo n.º 2
0
def create_https_certificates(ssl_cert, ssl_key):
    """
    Create a pair of self-signed HTTPS certificares and store in them in
    'ssl_cert' and 'ssl_key'. Method assumes pyOpenSSL is installed.

    This code is stolen from SickBeard (http://github.com/midgetspy/Sick-Beard).
    """

    from plexpy import logger

    from OpenSSL import crypto
    from certgen import createKeyPair, createCertRequest, createCertificate, \
        TYPE_RSA, serial

    # Create the CA Certificate
    cakey = createKeyPair(TYPE_RSA, 2048)
    careq = createCertRequest(cakey, CN="Certificate Authority")
    cacert = createCertificate(careq, (careq, cakey), serial, (0, 60 * 60 * 24 * 365 * 10)) # ten years

    pkey = createKeyPair(TYPE_RSA, 2048)
    req = createCertRequest(pkey, CN="PlexPy")
    cert = createCertificate(req, (cacert, cakey), serial, (0, 60 * 60 * 24 * 365 * 10)) # ten years

    # Save the key and certificate to disk
    try:
        with open(ssl_key, "w") as fp:
            fp.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
        with open(ssl_cert, "w") as fp:
            fp.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
    except IOError as e:
        logger.error("Error creating SSL key and certificate: %s", e)
        return False

    return True
Ejemplo n.º 3
0
def create_https_certificates(ssl_cert, ssl_key):
    """
    Create a pair of self-signed HTTPS certificares and store in them in
    'ssl_cert' and 'ssl_key'. Method assumes pyOpenSSL is installed.

    This code is stolen from SickBeard (http://github.com/midgetspy/Sick-Beard).
    """

    from plexcs import logger

    from OpenSSL import crypto
    from certgen import createKeyPair, createCertRequest, createCertificate, \
        TYPE_RSA, serial

    # Create the CA Certificate
    cakey = createKeyPair(TYPE_RSA, 2048)
    careq = createCertRequest(cakey, CN="Certificate Authority")
    cacert = createCertificate(careq, (careq, cakey), serial, (0, 60 * 60 * 24 * 365 * 10)) # ten years

    pkey = createKeyPair(TYPE_RSA, 2048)
    req = createCertRequest(pkey, CN="Plex:CS")
    cert = createCertificate(req, (cacert, cakey), serial, (0, 60 * 60 * 24 * 365 * 10)) # ten years

    # Save the key and certificate to disk
    try:
        with open(ssl_key, "w") as fp:
            fp.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
        with open(ssl_cert, "w") as fp:
            fp.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
    except IOError as e:
        logger.error("Error creating SSL key and certificate: %s", e)
        return False

    return True
Ejemplo n.º 4
0
def create_https_certificates(ssl_cert, ssl_key):
    """
    Create self-signed HTTPS certificares and store in paths 'ssl_cert' and 'ssl_key'
    """
    try:
        from OpenSSL import crypto
        from certgen import createKeyPair, createCertRequest, createCertificate, TYPE_RSA, serial
    except ImportError:
        log.error("pyopenssl module missing, please install for https access\n try\n $ easy_install PyOpenSSL")
        return False

    # Create the CA Certificate
    cakey = createKeyPair(TYPE_RSA, 1024)
    careq = createCertRequest(cakey, CN='Certificate Authority')
    cacert = createCertificate(careq, (careq, cakey), serial, (0, 60 * 60 * 24 * 365 * 10)) # ten years

    cname = 'XDM'
    pkey = createKeyPair(TYPE_RSA, 1024)
    req = createCertRequest(pkey, CN=cname)
    cert = createCertificate(req, (cacert, cakey), serial, (0, 60 * 60 * 24 * 365 * 10)) # ten years

    # Save the key and certificate to disk
    try:
        open(ssl_key, 'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
        open(ssl_cert, 'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
    except:
        log("Error creating SSL key and certificate")
        return False

    return True
Ejemplo n.º 5
0
def generateIn(directory):
    cakey = createKeyPair(TYPE_RSA, 1024)
    careq = createCertRequest(cakey, CN='Certificate Authority')
    cacert = createCertificate(careq, (careq, cakey), 0, (0, 60*60*24*365*5)) # five years
    #open(join(directory, 'CA.pkey'), 'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, cakey))
    #open(join(directory, 'CA.cert'), 'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cacert))


    CN = raw_input("CN: ").strip()
    O = raw_input("O: ").strip()
    pkey = createKeyPair(TYPE_RSA, 1024)
    req = createCertRequest(pkey, CN=CN, O=O)
    cert = createCertificate(req, (cacert, cakey), 1, (0, 60*60*24*365*5)) # five years
    open(join(directory, 'server.pkey'), 'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
    open(join(directory, 'server.cert'), 'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
Ejemplo n.º 6
0
def gen_ca(params={}):

    try:  # read from existing CA files
        if 'gen_new' in params and params['gen_new']:
            raise ValueError  # skip reading from file

        with open("CA.pkey", 'r') as CA_key:
            cakey = crypto.load_privatekey(crypto.FILETYPE_PEM, CA_key.read())
        with open("CA.cert", 'r') as CA_cert:
            cacert = crypto.load_certificate(crypto.FILETYPE_PEM,
                                             CA_cert.read())
        return cacert, cakey

    except:
        if 'SN' not in params:
            params['SN'] = 0

        cakey = createKeyPair()

        not_before_offset, not_after_offset = get_time_offset(params)

        careq = createCertRequest(cakey, CN='Certificate Authority')
        cacert = createCertificate(careq, (careq, cakey), params['SN'],
                                   (not_before_offset, not_after_offset))

        if 'gen_new' not in params:
            if write_ca_to_disk(cacert, False) and write_ca_to_disk(
                    cakey, True):
                return cacert, cakey
            else:
                print("Failed to write CA files to disk")
                import sys
                sys.exit(1)
        else:
            return cacert, cakey
Ejemplo n.º 7
0
def create_https_certificates(ssl_cert, ssl_key):
    """
    Create a self-signed HTTPS certificate and store in it in
    'ssl_cert' and 'ssl_key'. Method assumes pyOpenSSL is installed.

    This code is stolen from SickBeard (http://github.com/midgetspy/Sick-Beard).
    """
    from OpenSSL import crypto
    from certgen import createKeyPair, createSelfSignedCertificate, TYPE_RSA

    serial = int(time.time())
    domains = [
        'DNS:' + d.strip() for d in plexpy.CONFIG.HTTPS_DOMAIN.split(',') if d
    ]
    ips = ['IP:' + d.strip() for d in plexpy.CONFIG.HTTPS_IP.split(',') if d]
    altNames = ','.join(domains + ips)

    # Create the self-signed Tautulli certificate
    logger.debug(u"Generating self-signed SSL certificate.")
    pkey = createKeyPair(TYPE_RSA, 2048)
    cert = createSelfSignedCertificate(("Tautulli", pkey), serial,
                                       (0, 60 * 60 * 24 * 365 * 10),
                                       altNames)  # ten years

    # Save the key and certificate to disk
    try:
        with open(ssl_cert, "w") as fp:
            fp.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
        with open(ssl_key, "w") as fp:
            fp.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
    except IOError as e:
        logger.error("Error creating SSL key and certificate: %s", e)
        return False

    return True
Ejemplo n.º 8
0
def create_https_certificates(ssl_cert, ssl_key):
    """
    Create a self-signed HTTPS certificate and store in it in
    'ssl_cert' and 'ssl_key'. Method assumes pyOpenSSL is installed.

    This code is stolen from SickBeard (http://github.com/midgetspy/Sick-Beard).
    """
    from OpenSSL import crypto
    from certgen import createKeyPair, createSelfSignedCertificate, TYPE_RSA

    serial = int(time.time())
    domains = ['DNS:' + d.strip() for d in plexpy.CONFIG.HTTPS_DOMAIN.split(',') if d]
    ips = ['IP:' + d.strip() for d in plexpy.CONFIG.HTTPS_IP.split(',') if d]
    altNames = ','.join(domains + ips)

    # Create the self-signed PlexPy certificate
    logger.debug(u"Generating self-signed SSL certificate.")
    pkey = createKeyPair(TYPE_RSA, 2048)
    cert = createSelfSignedCertificate(("PlexPy", pkey), serial, (0, 60 * 60 * 24 * 365 * 10), altNames) # ten years

    # Save the key and certificate to disk
    try:
        with open(ssl_cert, "w") as fp:
            fp.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
        with open(ssl_key, "w") as fp:
            fp.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
    except IOError as e:
        logger.error("Error creating SSL key and certificate: %s", e)
        return False

    return True
Ejemplo n.º 9
0
def generateIn(directory):
    cakey = createKeyPair(TYPE_RSA, 1024)
    careq = createCertRequest(cakey, CN='Certificate Authority')
    cacert = createCertificate(careq, (careq, cakey), 0,
                               (0, 60 * 60 * 24 * 365 * 5))  # five years
    #open(join(directory, 'CA.pkey'), 'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, cakey))
    #open(join(directory, 'CA.cert'), 'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cacert))

    CN = raw_input("CN: ").strip()
    O = raw_input("O: ").strip()
    pkey = createKeyPair(TYPE_RSA, 1024)
    req = createCertRequest(pkey, CN=CN, O=O)
    cert = createCertificate(req, (cacert, cakey), 1,
                             (0, 60 * 60 * 24 * 365 * 5))  # five years
    open(join(directory, 'server.pkey'),
         'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
    open(join(directory, 'server.cert'),
         'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
Ejemplo n.º 10
0
Archivo: helper.py Proyecto: pannal/XDM
def create_https_certificates(ssl_cert, ssl_key):
    """
    Create self-signed HTTPS certificares and store in paths 'ssl_cert' and 'ssl_key'
    """
    try:
        from OpenSSL import crypto
        from certgen import createKeyPair, createCertRequest, createCertificate, TYPE_RSA, serial
    except ImportError:
        log.error(
            "pyopenssl module missing, please install for https access\n try\n $ easy_install PyOpenSSL"
        )
        return False

    # Create the CA Certificate
    cakey = createKeyPair(TYPE_RSA, 1024)
    careq = createCertRequest(cakey, CN='Certificate Authority')
    cacert = createCertificate(careq, (careq, cakey), serial,
                               (0, 60 * 60 * 24 * 365 * 10))  # ten years

    cname = 'XDM'
    pkey = createKeyPair(TYPE_RSA, 1024)
    req = createCertRequest(pkey, CN=cname)
    cert = createCertificate(req, (cacert, cakey), serial,
                             (0, 60 * 60 * 24 * 365 * 10))  # ten years

    # Save the key and certificate to disk
    try:
        open(ssl_key,
             'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
        open(ssl_cert,
             'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
    except:
        log("Error creating SSL key and certificate")
        return False

    return True
Ejemplo n.º 11
0
def create_https_certificates(ssl_cert, ssl_key):
    """
    Create a self-signed HTTPS certificate and store in it in
    'ssl_cert' and 'ssl_key'. Method assumes pyOpenSSL is installed.

    This code is stolen from SickBeard (http://github.com/midgetspy/Sick-Beard).
    """
    try:
        from OpenSSL import crypto
    except ImportError:
        logger.error(
            "Unable to generate self-signed certificates: Missing OpenSSL module."
        )
        return False
    from certgen import createKeyPair, createSelfSignedCertificate, TYPE_RSA

    issuer = common.PRODUCT
    serial = timestamp()
    not_before = 0
    not_after = 60 * 60 * 24 * 365 * 10  # ten years
    domains = [
        'DNS:' + d.strip() for d in plexpy.CONFIG.HTTPS_DOMAIN.split(',') if d
    ]
    ips = ['IP:' + d.strip() for d in plexpy.CONFIG.HTTPS_IP.split(',') if d]
    alt_names = ','.join(domains + ips).encode('utf-8')

    # Create the self-signed Tautulli certificate
    logger.debug("Generating self-signed SSL certificate.")
    pkey = createKeyPair(TYPE_RSA, 2048)
    cert = createSelfSignedCertificate(issuer, pkey, serial, not_before,
                                       not_after, alt_names)

    # Save the key and certificate to disk
    try:
        with open(ssl_cert, "w") as fp:
            fp.write(
                crypto.dump_certificate(crypto.FILETYPE_PEM,
                                        cert).decode('utf-8'))
        with open(ssl_key, "w") as fp:
            fp.write(
                crypto.dump_privatekey(crypto.FILETYPE_PEM,
                                       pkey).decode('utf-8'))
    except IOError as e:
        logger.error("Error creating SSL key and certificate: %s", e)
        return False

    return True
Ejemplo n.º 12
0
def gen_leaf_cert(level, signing_cert, signing_key, params={}, accurate=False):
    global certs

    if len(certs[level]['leafs']) > 0:
        sn = int(max(certs[level]['leafs'].keys())) + 1
    else:
        sn = 11

    params['CN'] = "Leaf cert signed by intermediate with SN: {}".format(
        get_serial_number(signing_cert))
    params['SN'] = sn

    leafkey = createKeyPair()
    leafcert = gen_cert(leafkey, signing_cert, signing_key, params)

    certs[level]['leafs'][sn] = (leafcert, leafkey, accurate)
    return leafcert, leafkey
Ejemplo n.º 13
0
def gen_intermediate(level, cacert, cakey, params={}):
    global certs

    if len(certs[level]['intermediates']) > 0:
        sn = int(max(certs[level]['intermediates'].keys())) + 1
    else:
        sn = 1

    params['CN'] = "Intermediate of CA with SN: {}".format(
        get_serial_number(cacert))
    params['SN'] = sn

    intkey = createKeyPair()
    intcert = gen_cert(intkey, cacert, cakey, params)

    certs[level]['intermediates'][sn] = (intcert, intkey)
    return intcert, intkey
Ejemplo n.º 14
0
def create_https_certificates(ssl_cert, ssl_key):
    '''
    Create self-signed HTTPS certificares and store in paths 'ssl_cert' and 'ssl_key'
    '''
    try:
        from OpenSSL import crypto
        from certgen import createKeyPair, createCertRequest, createCertificate, TYPE_RSA, serial

    except Exception, e:
        logger.error(e)
        logger.error('You need pyopenssl and OpenSSL to make a cert')
        return False

    # Create the CA Certificate
    cakey = createKeyPair(TYPE_RSA, 2048)
    careq = createCertRequest(cakey, CN='Certificate Authority')
    cacert = createCertificate(careq, (careq, cakey), serial,
                               (0, 60 * 60 * 24 * 365 * 10))  # ten years

    cname = 'Htpc-Manager'
    pkey = createKeyPair(TYPE_RSA, 2048)
    req = createCertRequest(pkey, CN=cname)
    cert = createCertificate(req, (cacert, cakey), serial,
                             (0, 60 * 60 * 24 * 365 * 10))  # ten years

    # Save the key and certificate to disk
    try:
        open(ssl_key,
             'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
        open(ssl_cert,
Ejemplo n.º 15
0
    with open(fname + '.skey', 'w') as f:
        f.write(
            crypto.dump_privatekey(crypto.FILETYPE_PEM, key).decode('utf-8'))
    with open(fname + '.cert', 'w') as f:
        f.write(
            crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode('utf-8'))
    return


if __name__ == "__main__":

    AA_keysize = 2048
    cert_authority = 'Adhoc Authority'

    # creates the keypair of size 1024
    AA_key = createKeyPair(TYPE_RSA, AA_keysize)

    # creates the cert request with the key and name
    AA_req = createCertRequest(AA_key, CN=cert_authority)

    # creates the cert for 5 years
    valid_dur = 60 * 60 * 24 * 365 * 5

    # certificate generation
    # Adhoc Authority signs its own key (self signed)
    AA_cert = createCertificate(AA_req, (AA_req, AA_key), 0, (0, valid_dur))

    write_certkey_pem('AA', AA_key, AA_cert)

    # now AA issues (or don't) to some parties
    AA_issue = (AA_cert, AA_key)
Ejemplo n.º 16
0
def create_https_certificates(ssl_cert, ssl_key):
    '''
    Create self-signed HTTPS certificares and store in paths 'ssl_cert' and 'ssl_key'
    '''
    try:
        from OpenSSL import crypto
        from certgen import createKeyPair, createCertRequest, createCertificate, TYPE_RSA, serial

    except Exception, e:
        logger.error(e)
        logger.error('You need pyopenssl and OpenSSL to make a cert')
        return False

    # Create the CA Certificate
    cakey = createKeyPair(TYPE_RSA, 2048)
    careq = createCertRequest(cakey, CN='Certificate Authority')
    cacert = createCertificate(careq, (careq, cakey), serial, (0, 60 * 60 * 24 * 365 * 10))  # ten years

    cname = 'Htpc-Manager'
    pkey = createKeyPair(TYPE_RSA, 2048)
    req = createCertRequest(pkey, CN=cname)
    cert = createCertificate(req, (cacert, cakey), serial, (0, 60 * 60 * 24 * 365 * 10))  # ten years

    # Save the key and certificate to disk
    try:
        open(ssl_key, 'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
        open(ssl_cert, 'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
    except Exception as e:
        logger.error('Error creating SSL key and certificate %s' % e)
        return False
Ejemplo n.º 17
0
"""
Create certificates and private keys for the 'simple' example.
"""

from OpenSSL import crypto
from certgen import createKeyPair, createCertRequest, createCertificate, \
                    TYPE_RSA, TYPE_DSA

FIVE_YEARS = 60*60*24*365*5
BIT_LENGTH = 1024

serial_number = 0
# Create a self signed CA certificate
cakey = createKeyPair(TYPE_RSA, BIT_LENGTH)
careq = createCertRequest(cakey, CN='Certificate Authority')
cacert = createCertificate(careq, (careq, cakey), serial_number, (0, FIVE_YEARS))
serial_number += 1
with open('simple/CA.pkey', 'w') as f:
    f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, cakey))
with open('simple/CA.cert', 'w') as f:
    f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cacert))

# Create the server and client certificate signed by the CA created above
for (fname, cname) in [('client', 'Simple Client'), ('server', 'Simple Server')]:
    pkey = createKeyPair(TYPE_RSA, BIT_LENGTH)
    req = createCertRequest(pkey, CN=cname)
    cert = createCertificate(req, (cacert, cakey), serial_number, (0, FIVE_YEARS))
    serial_number += 1
    with open('simple/%s.pkey' % (fname,), 'w') as f:
        f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
    with open('simple/%s.cert' % (fname,), 'w') as f:
Ejemplo n.º 18
0
"""
Create certificates and private keys for the 'simple' example.
"""

from __future__ import print_function

from OpenSSL import crypto
from certgen import (
    createKeyPair,
    createCertRequest,
    createCertificate,
)

cakey = createKeyPair(crypto.TYPE_RSA, 2048)
careq = createCertRequest(cakey, CN='Certificate Authority')
# CA certificate is valid for five years.
cacert = createCertificate(careq, (careq, cakey), 0, (0, 60*60*24*365*5))

print('Creating Certificate Authority private key in "simple/CA.pkey"')
with open('simple/CA.pkey', 'w') as capkey:
    capkey.write(
        crypto.dump_privatekey(crypto.FILETYPE_PEM, cakey).decode('utf-8')
    )

print('Creating Certificate Authority certificate in "simple/CA.cert"')
with open('simple/CA.cert', 'w') as ca:
    ca.write(
        crypto.dump_certificate(crypto.FILETYPE_PEM, cacert).decode('utf-8')
    )

for (fname, cname) in [('client', 'Simple Client'),