def __str__(self): s = """initial_time = %s end_time = %s public_key = %s min_generation = %s""" %\ (Time.posixTimeToStr(self.initial_time), Time.posixTimeToStr(self.end_time), self.public_key, self.min_generation) return s
def printHelp(): s = Time.posixTimeToStr(time.time()) print( """Creates a TACK based on a target certificate. sign -k KEY -c CERT -k KEY : Use this TACK key file ("-" for stdin) -c CERT : Sign this certificate's public key ("-" for stdin) Optional arguments: -v : Verbose -x : Use python crypto (not OpenSSL) -o FILE : Write the output to this file (instead of stdout) -p PASSWORD : Use this TACK key password instead of prompting -m MIN_GENERATION : Use this min_generation number (0-255) -g GENERATION : Use this generation number (0-255) -e EXPIRATION : Use this UTC time for expiration ("%s", "%sZ", "%sZ", "%sZ" etc.) Or, specify a delta from current time: ("5m", "30d", "1d12h5m", "0m", etc.) If not specified, the certificate's notAfter is used. -n NUM@INTERVAL : Generate NUM TACKs, with expiration times spaced out by INTERVAL (see -e for delta syntax). The -o argument is used as a filename prefix, and the -e argument is used as the first expiration time. """ % (s, s[:13], s[:10], s[:4]))
def addPemComments(self, inStr): """Add pre-PEM metadata/comments to PEM strings.""" versionStr = __version__ timeStr = Time.posixTimeToStr(time.time(), True) outStr = "Created by tack.py %s\nCreated at %s\n%s" %\ (versionStr, timeStr, inStr) return outStr
def test_Certificate(self): s = """ -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgIHJ6JvWHUrOTANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5 IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky ODcwHhcNMTEwNzA4MDAxOTU3WhcNMTIwNzA4MDAxOTU3WjBPMRQwEgYDVQQKFAsq LnRyZXZwLm5ldDEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRQw EgYDVQQDFAsqLnRyZXZwLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMgawQKi4zY4TTz1RNL7klt/ibvjG+jGqBYlc6qjUiTQORD3fUrdAF83Alav JiC3rrwfvarL8KpPn7zQQOOk+APwzFxn0sVphDvAN8E7xI/cC7es08EYA9/DDN7r VTe/wvbs77CL5AniRSJyAP5puvSUHgixingTgYmnkIgC+3ZFqyfz2uenxvkPkoUT QEBkm2uEcBOwBMXAih1fdsuhEiJ9qpmejpIEvxLIDoMnCWTPs897zhwr3epQkn5g lKQ9H+FnEo5Jf8YBM4YhAzwG/8pyfc8NtOHafKUb5PhSIC7Vy7N2EBQ4y9kDOZc+ r0Vguq4p+Nncc32JI/i1Cdj/lO0CAwEAAaOCAa4wggGqMA8GA1UdEwEB/wQFMAMB AQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIF oDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmdvZGFkZHkuY29tL2dkczEt NTIuY3JsME0GA1UdIARGMEQwQgYLYIZIAYb9bQEHFwEwMzAxBggrBgEFBQcCARYl aHR0cHM6Ly9jZXJ0cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzCBgAYIKwYBBQUH AQEEdDByMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wSgYI KwYBBQUHMAKGPmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3Np dG9yeS9nZF9pbnRlcm1lZGlhdGUuY3J0MB8GA1UdIwQYMBaAFP2sYTKTbEXW4u6F X5q653aZaMznMCEGA1UdEQQaMBiCCyoudHJldnAubmV0ggl0cmV2cC5uZXQwHQYD VR0OBBYEFCYv4a9+enZGS27wqAv+TPfJOOb7MA0GCSqGSIb3DQEBBQUAA4IBAQA+ 2OKO77vpwKtoKddDtamBokiVhHrfw0c7ALGysOXtss1CKV2WgH4FdNuh9pFkVZB2 mKZ7keS7EMW11OzgBR3pRRk0AkNYtDsOJEXA2+1NLFgrtdujHrDX4WIoi9MGbqB5 TfK08XufM7OP3yXDLtMxyUtyjprFhdxPE+9p/GJ0IVdZrMmzYTjyCOO8+okY9zAQ RVUKuxd+eEaH3BpPAau4MP2n24gy6WEsJ2auB81ee9fDnx/tfKPqvyuc4r4/Z4aL 5CvQvlPHaG/TTXXNh3pZFl3d/J5/76ZfeQzQtZ+dCrE4a4601Q4hBBXEq5gQfaof H4yTGzfDv+JLIICAIcCs -----END CERTIFICATE-----""" sslc = TlsCertificate.createFromPem(s) assert(sslc.key_sha256 == a2b_hex("ffd30bcb84dbbc211a510875694354c58863d84fb7fc5853dfe36f4be2eb2e50")) assert(sslc.cert_sha256 == a2b_hex("1a50e3de3a153f33b314b67c1aacc2f59fc99c49b8449c33dcc3665663e2bff1")) assert(Time.posixTimeToStr(sslc.notAfter, True) == "2012-07-08T00:19:57Z") # Write to binary and re-parse it, then check again b = sslc.serialize() sslc2 = TlsCertificate(b) assert(sslc2.key_sha256 == a2b_hex("ffd30bcb84dbbc211a510875694354c58863d84fb7fc5853dfe36f4be2eb2e50")) assert(sslc2.cert_sha256 == a2b_hex("1a50e3de3a153f33b314b67c1aacc2f59fc99c49b8449c33dcc3665663e2bff1")) assert(Time.posixTimeToStr(sslc2.notAfter, True) == "2012-07-08T00:19:57Z") return 1
def writeText(self): s =\ """key_sha256 = 0x%s notAfter = %s """ % (\ Util.writeBytes(self.key_sha256), Time.posixTimeToStr(self.notAfter, True)) if self.tackExt: s += "\n" + str(self.tackExt) return s
def __str__(self): """Return a readable string describing this TACK. Used by the "TACK view" command to display TACK objects.""" s =\ """TACK ID = %s min_generation = %d generation = %d expiration = %s target_hash = %s\n""" %\ (self.getTackId(), self.min_generation, self.generation, Time.posixTimeToStr(self.expiration*60), Util.writeBytes(self.target_hash)) return s
def test_Tack(self): s = """ -----BEGIN TACK----- TAmsAZIpzR+MYwQrsujLhesvpu3dRc5ROhfgySqUVkU1p1hdXo+PwQrmaQo9B9+o hecRrWElh3yThwgYQRgbSwAAAY0cQDHeDLGfKtuw0c17GzHvjuPrWbdEWa75S0gL 7u64XGTJQUtzAwXIWOkQEQ0BRUlbzcGEa9a1PBhjmmWFNF+kGAswhLnXc5qL4y/Z PDUV0rzIIYjXP58T5pphGKRgLlK3Aw== -----END TACK-----""" t = Tack().createFromPem(s) assert(t.public_key.getRawKey() == a2b_hex("4c09ac019229cd1f8c63042bb2e8" "cb85eb2fa6eddd45ce513a17e0c9" "2a94564535a7585d5e8f8fc10ae6" "690a3d07dfa885e711ad6125877c" "9387081841181b4b")) assert(Time.posixTimeToStr(t.expiration*60) == "2019-06-25T22:24Z") assert(t.generation == 0) assert(t.target_hash == a2b_hex("31de0cb19f2adbb0d1cd7b1b31ef8ee3eb59b74459aef94b480beeeeb85c64c9")) assert(t.signature == a2b_hex("414b730305c858e910110d0145495" "bcdc1846bd6b53c18639a6585345f" "a4180b3084b9d7739a8be32fd93c3" "515d2bcc82188d73f9f13e69a6118" "a4602e52b703"))
def test_posix(self): assert(Time.posixTimeToStr(1234567890, True) == "2009-02-13T23:31:30Z") assert(Time.posixTimeToStr(1234567890) == "2009-02-13T23:31Z")