def makeCACert(issuer, subject, intermediate): perm = spki.eval(sexp.parseText('(* set CATrusted)')) c = spki.makeCert(issuer.getPrincipal(), subject.getPrincipal(), spki.Tag(perm), intermediate) sig = issuer.sign(c) seq = spki.Sequence(c, sig, issuer.getPublicKey()) return seq
def reload(self, create=0): try: f = open(self.path, "r") except IOError: if create: return else: raise sexps = SPKIDatabase.read(f) f.close() for raw in sexps: obj = spki.eval(raw) self.loadObject(obj)
def test_getCertSubjectHash(ks): keystore = ks[0] defaultKey = ks[1][0] otherKey = ks[1][1] cert = makeNameCert(defaultKey[1], otherKey[0], 'Alice') keystore.addCert(cert) name = spki.FullyQualifiedName(defaultKey[1].getPrincipal, ['Alice']) perm = spki.Tag(spki.eval(sexp.parseText('(*)'))) c = spki.makeCert(ks[1][2][0].getPrincipal(), name, perm) sig = ks[1][2][1].sign(c) otherCert = spki.Sequence(c, sig) res = getCertSubjectHash(cert, keystore) assert res == otherKey[0].getPrincipal() res = getCertSubjectHash(otherCert, keystore) assert res == otherKey[0].getPrincipal() with pytest.raises(ValueError): getCertSubjectHash(otherCert, InMemKeyStore())
def initACL(acl, keystore): key = keystore.getDefaultKey() perm = spki.eval(sexp.parseText('(*)')) c = spki.makeAclEntry(key, [], 1, perm) acl.add(c)