def sign(self, data): # XPI signing is JAR signing which uses PKCS7 detached signatures pkcs7 = self.smime.sign(MemoryBuffer(data), PKCS7_DETACHED | PKCS7_BINARY) pkcs7_buffer = MemoryBuffer() pkcs7.write_der(pkcs7_buffer) return pkcs7
def run_test(*args, **kwargs): with MemoryBuffer(b'hello\nworld\n') as mb: self.assertTrue(mb.readable()) self.assertEqual(mb.readline().rstrip(), b'hello') self.assertEqual(mb.readline().rstrip(), b'world') with MemoryBuffer(b'hello\nworld\n') as mb: self.assertEqual(mb.readlines(), [b'hello\n', b'world\n'])
def run_test(*args, **kwargs): sep = os.linesep.encode() with MemoryBuffer(b'hello\nworld\n') as mb: assert mb.readable() assert mb.readline() == b'hello' + sep assert mb.readline() == b'world' + sep with MemoryBuffer(b'hello\nworld\n') as mb: assert mb.readlines() == [b'hello' + sep, b'world' + sep]
def test_write_close(self): mb = MemoryBuffer(self.data) assert mb.writeable() mb.write_close() assert mb.readable() with self.assertRaises(IOError): mb.write(self.data) assert not mb.writeable()
def gPubkey(self): """ Return Back the certs public key""" #print self.cert.get_pubkey() self.pkey = self.cert.get_pubkey() self.buffer = MemoryBuffer() #print self.pkey self.pkey.save_key_bio(self.buffer, cipher=None) self.pub = self.buffer.read() #Because the default is PRIVATE even if it is public self.pub = string.replace(self.pub, "PRIVATE", "PUBLIC") return self.pub
def __sign(self): buf = MemoryBuffer(self.request_xml) smime = SMIME() smime.load_key(self.__key_file, self.__crt_file) signed_data = smime.sign(buf, 0) out = MemoryBuffer() smime.write(out, signed_data) mime_data = email.message_from_string(out.read()) for part in mime_data.walk(): if part.get_filename() == "smime.p7m": self.signed_request = part.get_payload(decode=False) return self
def test_closed(self): mb = MemoryBuffer(self.data) io = IOBuffer(mb) io.close() with self.assertRaises(IOError): io.write(self.data) assert not io.readable() and not io.writeable()
def __init__(self, rsa=None, pem_string=None): if rsa is None and pem_string is None: raise CryptoError("Invalid parameter passed to the constructor") elif rsa is None: self.rsa = load_pub_key_bio(MemoryBuffer(pem_string)) elif pem_string is None: self.rsa = rsa
def test_readlines(self): buf = BytesIO() mb = MemoryBuffer(self.data) io = IOBuffer(mb) lines = io.readlines() for line in lines: self.assertEqual(line, self._data) buf.write(line) self.assertEqual(buf.getvalue(), self.data)
def withM2(addr): import M2Crypto from M2Crypto.BIO import MemoryBuffer from M2Crypto import RSA as mRSA rsa = process.readBytes(addr, ctypes.sizeof(ctypes_openssl.RSA)) bio = MemoryBuffer(rsa) # tsssi need PEM myrsa = mRSA.load_key_bio(bio) return myrsa
def response_to_pkcs7(blob): der = b64decode(blob) pkcs7_buf = MemoryBuffer(der) if pkcs7_buf is None: raise BIOError(Err.get_error()) p7_ptr = pkcs7_read_bio_der(pkcs7_buf.bio) pkcs7 = PKCS7(p7_ptr, 1) return pkcs7
def test_readlines(self): buf = StringIO() mb = MemoryBuffer(self.data) io = IOBuffer(mb) lines = io.readlines() for line in lines: assert line == self._data buf.write(line) assert buf.getvalue() == self.data
def test_readline(self): buf = BytesIO() mb = MemoryBuffer(self.data) io = IOBuffer(mb) while 1: out = io.readline() if not out: break buf.write(out) self.assertEqual(out, self._data) self.assertEqual(buf.getvalue(), self.data)
def test_readline(self): buf = StringIO() mb = MemoryBuffer(self.data) io = IOBuffer(mb) while 1: out = io.readline() if not out: break buf.write(out) assert out == self._data assert buf.getvalue() == self.data
def gPubkey(self): """ Return Back the certs public key""" #print self.cert.get_pubkey() self.pkey=self.cert.get_pubkey() self.buffer=MemoryBuffer() #print self.pkey self.pkey.save_key_bio(self.buffer, cipher=None) self.pub=self.buffer.read() #Because the default is PRIVATE even if it is public self.pub=string.replace(self.pub, "PRIVATE", "PUBLIC") return self.pub
def get_signature_serial_number(pkcs7): """ Extracts the serial number out of a DER formatted, detached PKCS7 signature buffer """ pkcs7_buf = MemoryBuffer(pkcs7) if pkcs7_buf is None: raise BIOError(Err.get_error()) p7_ptr = pkcs7_read_bio_der(pkcs7_buf.bio) p = PKCS7(p7_ptr, 1) # Fetch the certificate stack that is the list of signers # Since there should only be one in this use case, take the zeroth # cert in the stack and return its serial number return p.get0_signers(X509_Stack())[0].get_serial_number()
def membufi(iter, txt=txt): buf = MemoryBuffer() for i in range(iter): buf.write(txt) out = buf.getvalue()
def test_init_empty(self): mb = MemoryBuffer() assert len(mb) == 0 out = mb.read() assert out is None
def test_init_something(self): mb = MemoryBuffer(self.data) io = IOBuffer(mb) out = io.read(len(self.data)) assert out == self.data
def test_read_more_than(self): chunk = len(self.data) + 8 mb = MemoryBuffer(self.data) io = IOBuffer(mb) out = io.read(chunk) assert out == self.data
def test_init_something_result_bytes(self): mb = MemoryBuffer(self.data) self.assertEqual(len(mb), len(self.data)) out = mb.read() self.assertIsInstance(out, bytes)
def test_init_empty(self): mb = MemoryBuffer() self.assertEqual(len(mb), 0) out = mb.read() assert out is None
def test_init_something_cm(self): with MemoryBuffer(self.data) as mb: self.assertEqual(len(mb), len(self.data)) out = mb.read() self.assertEqual(out, self.data)
def test_init_empty(self): mb = MemoryBuffer() io = IOBuffer(mb) out = io.read() self.assertEqual(out, b'')
def test_closed(self): mb = MemoryBuffer(self.data) mb.close() self.assertRaises(IOError, mb.write, self.data) assert mb.readable() and not mb.writeable()
def test_read_more_than(self): chunk = len(self.data) + 8 mb = MemoryBuffer(self.data) out = mb.read(chunk) self.assertEqual(out, self.data) self.assertEqual(len(mb), 0)
def test_read_more_than(self): chunk = len(self.data) + 8 mb = MemoryBuffer(self.data) out = mb.read(chunk) assert out == self.data and len(mb) == 0
def test_read_less_than(self): chunk = len(self.data) - 7 mb = MemoryBuffer(self.data) out = mb.read(chunk) assert out == self.data[:chunk] and len(mb) == (len(self.data) - chunk)
def test_init_something(self): mb = MemoryBuffer(self.data) assert len(mb) == len(self.data) out = mb.read() assert out == self.data
def test_read_less_than(self): chunk = len(self.data) - 7 mb = MemoryBuffer(self.data) out = mb.read(chunk) self.assertEqual(out, self.data[:chunk]) self.assertEqual(len(mb), (len(self.data)) - chunk)
def load_public_key(pub_key_str: str): bio = MemoryBuffer(pub_key_str.encode('utf-8')) return RSA.load_pub_key_bio(bio)
def test_init_something(self): mb = MemoryBuffer(self.data) io = IOBuffer(mb) out = io.read(len(self.data)) self.assertEqual(out, self.data)
def test_init_something(self): mb = MemoryBuffer(self.data) self.assertEqual(len(mb), len(self.data)) out = mb.read() self.assertEqual(out, self.data)
def test_init_empty(self): mb = MemoryBuffer() io = IOBuffer(mb) out = io.read() assert out == ''
def test_read_less_than(self): chunk = len(self.data) - 7 mb = MemoryBuffer(self.data) io = IOBuffer(mb) out = io.read(chunk) assert out == self.data[:chunk]
def membuf2i(iter, txt=txt): buf = MemoryBuffer() buf.write(txt * iter) out = buf.getvalue()
def test_read_only(self): mb = MemoryBuffer(self.data) io = IOBuffer(mb, mode='r') self.assertRaises(IOError, io.write, self.data) assert not io.writeable()
class X509Man(object): """ Makes the X509 structure more useful for the purpose""" def __init__(self,thecert=None): if thecert: self.cert=thecert else: self.cert=x.X509() #print self.cert def set_from_buf(self,certData,format=0): """ The method sets the cert with data from a buffer format 0 is for pem and 1 for der""" #buf=MemoryBuffer() #buf.write(certData) #Loads into global object #print certData self.cert=x.load_cert_string(certData) #print self.cert.get_not_before() return True #to check if it was loaded def set_cert(self,certObj): """ Sets the global cert object from outside the class""" self.cert=certObj def list_info(self,tam=None): """ Lists some info about the cert""" if tam: print self.cert.as_text() else: #print "Cert version :%s"%(self.cert.get_version()) print "Beginnig Date :%s"%(self.cert.get_not_before()) print "End Date :%s"%(self.cert.get_not_after()) #print "The public key is :%s"%(self.gPubkey()) print "*****************************************************" print "The issuer info :" self.cert_detail(self.cert.get_issuer()) print "*****************************************************" print "Certs owner info :" self.cert_detail(self.cert.get_subject()) #print "Is it a Ca cert :%s"%(self.cert.check_ca()) print "******************************************************" print "The fingerprint is :%s"%(self.cert.get_fingerprint("sha1")) #print self.cert.as_pem() #print self.cert.as_der() def store_tofile(self,fname): """ Loads the certficate to a file""" self.cert.save(fname) print "Certificate saved to :",fname def gPubkey(self): """ Return Back the certs public key""" #print self.cert.get_pubkey() self.pkey=self.cert.get_pubkey() self.buffer=MemoryBuffer() #print self.pkey self.pkey.save_key_bio(self.buffer, cipher=None) self.pub=self.buffer.read() #Because the default is PRIVATE even if it is public self.pub=string.replace(self.pub, "PRIVATE", "PUBLIC") return self.pub def cert_detail(self,detailObj): """ It is passed a XNAME object""" self.xDetail=detailObj self.printFormat=self.optionClear() for key in self.xDetail.nid.keys(): res=self.xDetail.get_entries_by_nid(self.xDetail.nid[key]) #print res if res: #print key #print res[0].get_data() print "%s : %s"%(self.printFormat[key],res[0].get_data()) def optionClear(self): """ Makes some options clearer in the certificate""" opClr={'C' : 'Country Name', 'SP' : 'State or Province', 'ST' : 'Province or State', 'stateOrProvinceName' : 'State Province', 'L' : 'Locality Name', 'localityName' : 'Local Name', 'O' : 'Organization', 'organizationName' : 'Organization Name', 'OU' : 'Org Unit Name', 'organizationUnitName' : 'Organization Unit Name', 'CN' : 'The Common Name', 'commonName' : 'Common Name', 'Email' : 'Email', 'emailAddress' : 'email', 'serialNumber' : 'Serial Number', 'SN' : 'Surname', 'surname' : 'The Surname', 'GN' : 'Given Name', 'givenName' : 'GivenName' } return opClr def is_valid(self): """ Checks if the certificate is still valid and is not expired...""" self.expDate=str(self.cert.get_not_after()) #Get rid off GMT thing self.expDate=string.replace(self.expDate, "GMT", "").strip() #print self.expDate #Convert to a valid type for easy comparison self.expDate=strptime(self.expDate,"%b %d %H:%M:%S %Y") #print self.expDate #Get the current time in same format curTime=strptime(strftime("%b %d %H:%M:%S %Y"),"%b %d %H:%M:%S %Y") #print type(curTime) if self.expDate>curTime: #print "It is still valid" return True else: #print "It expired" return False def person_info(self,tip="subject"): """ Gets the sides info ex signer(issuer),subject etc.""" xn=None if tip=="subject": xn=self.cert.get_subject() elif tip=="issuer": xn=self.cert.get_issuer() return xn #XName Object def get_detail(self,tip="issuer"): """ Returns a tuple to be displayed""" xn=self.person_info(tip) clear_dic={ 'C':'country', 'CN':'commoName', 'emailAddress':'eadress', 'SP':'statePro', 'OU':'department', 'O':'company' } toPrint={} #print type(xn) #Take the country firstly for k in clear_dic.keys(): entry=xn.get_entries_by_nid(xn.nid[k]) toPrint[clear_dic[k]]=str(entry[0].get_data()) return toPrint def get_cert(self): """ Getting the certificate back it is an object""" return self.cert def get_date_info(self): "returns start date,end date and if it is valid" date_info={} date_info['sdate']=str(self.cert.get_not_before()) date_info['edate']=str(self.cert.get_not_after()) if self.is_valid(): date_info['v']="Valid" else: date_info['v']="Expired" return date_info def get_cert_text(self,format=0): """Format 0 is pem,format 1 is der Extracts the encrypted base64 text from certificate""" #print self.cert.verify() #print self.cert.check_ca() #get it according to its format if format==0: return self.cert.as_pem() elif format==1: return self.cert.as_der() def check_sum(self): """ Checks if the cert has been modified for any reasons""" if self.cert.verify()==0: #print "Hash is valid" return True else: print "The cert has been modified" return False