Python CertificateBuilder._hash_algo Exemples

Langage de programmation: Python

Espace de nommage/Pack: certbuilder

Méthode/Fonction: _hash_algo

Exemples au hotexamples.com: 2

Python CertificateBuilder._hash_algo - 2 exemples trouvés. Ce sont les exemples réels les mieux notés de certbuilder.CertificateBuilder._hash_algo extraits de projets open source. Vous pouvez noter les exemples pour nous aider à en améliorer la qualité.

Méthodes fréquemment utilisées

Afficher Cacher

CertificateBuilder(27)

build(26)

self_signed(15)

issuer(13)

ca(12)

end_date(10)

begin_date(9)

subject_alt_domains(9)

extended_key_usage(8)

key_usage(8)

serial_number(4)

hash_algo(2)

_hash_algo(2)

crl_url(2)

ocsp_url(1)

end_entity(1)

build_mpc(1)

subject_alt_emails(1)

subject_alt_ips(1)

subject_alt_uris(1)

Méthodes fréquemment utilisées

CertificateBuilder (27)

build (26)

self_signed (15)

issuer (13)

ca (12)

end_date (10)

begin_date (9)

subject_alt_domains (9)

extended_key_usage (8)

key_usage (8)

Méthodes fréquemment utilisées

serial_number (4)

hash_algo (2)

_hash_algo (2)

crl_url (2)

ocsp_url (1)

end_entity (1)

build_mpc (1)

subject_alt_emails (1)

subject_alt_ips (1)

subject_alt_uris (1)

Exemple #1

0

Afficher le fichier

Fichier : cert_weak_sig.py Projet : ctsanders1/badtls.io

def generate_weak_sig_cert(domain, base_year, quiet=False): if not quiet: write('Generating weak-sig cert ... ', end='') full_domain = 'weak-sig.{}'.format(domain) ca_private_key = load_private('ca') ca_cert = load_cert('ca') public_key = load_public('host') builder = CertificateBuilder( { 'country_name': 'US', 'state_or_province_name': 'Massachusetts', 'locality_name': 'Newbury', 'organization_name': 'Bad TLS Limited', 'common_name': full_domain, }, public_key ) builder.issuer = ca_cert builder.subject_alt_domains = [full_domain] # Hack since API doesn't allow selection of weak algo builder._hash_algo = 'md5' builder.begin_date = datetime(base_year, 1, 1, 0, 0, 0, tzinfo=timezone.utc) builder.end_date = datetime(base_year + 3, 1, 1, 0, 0, 0, tzinfo=timezone.utc) certificate = builder.build(ca_private_key) dump_cert('weak-sig', certificate) if not quiet: write('done')

Exemple #2

0

Afficher le fichier

def generate_client_certs(domain, base_year, quiet=False): ca_private_key = load_private('ca') ca_cert = load_cert('ca') ca2_private_key = load_private('ca2') ca2_cert = load_cert('ca2') public_key = load_public('client') crl_url = 'http://crls.{}:9991/client.crl'.format(domain) # Certificate that is valid if not quiet: write('Generating good client cert ... ', end='') builder = CertificateBuilder( { 'country_name': 'US', 'state_or_province_name': 'Massachusetts', 'locality_name': 'Newbury', 'organization_name': 'TLS Client Certificates Limited', 'common_name': 'Good TLS Client Certificate', }, public_key) builder.issuer = ca_cert builder.crl_url = crl_url builder.begin_date = datetime(base_year, 1, 1, 0, 0, 0, tzinfo=timezone.utc) builder.end_date = datetime(base_year + 3, 1, 1, 0, 0, 0, tzinfo=timezone.utc) certificate = builder.build(ca_private_key) dump_cert('client-good', certificate) if not quiet: write('done') # Certificate that has expired if not quiet: write('Generating expired client cert ... ', end='') builder = CertificateBuilder( { 'country_name': 'US', 'state_or_province_name': 'Massachusetts', 'locality_name': 'Newbury', 'organization_name': 'TLS Client Certificates Limited', 'common_name': 'Expired TLS Client Certificate', }, public_key) builder.issuer = ca_cert builder.crl_url = crl_url builder.begin_date = datetime(base_year - 1, 1, 1, 0, 0, 0, tzinfo=timezone.utc) builder.end_date = datetime(base_year, 1, 1, 0, 0, 0, tzinfo=timezone.utc) certificate = builder.build(ca_private_key) dump_cert('client-expired', certificate) if not quiet: write('done') # Certificate that is not yet valid if not quiet: write('Generating future client cert ... ', end='') builder = CertificateBuilder( { 'country_name': 'US', 'state_or_province_name': 'Massachusetts', 'locality_name': 'Newbury', 'organization_name': 'TLS Client Certificates Limited', 'common_name': 'Future TLS Client Certificate', }, public_key) builder.issuer = ca_cert builder.crl_url = crl_url builder.begin_date = datetime(base_year + 3, 1, 1, 0, 0, 0, tzinfo=timezone.utc) builder.end_date = datetime(base_year + 4, 1, 1, 0, 0, 0, tzinfo=timezone.utc) certificate = builder.build(ca_private_key) dump_cert('client-future', certificate) if not quiet: write('done') # Certificate issued by untrusted CA if not quiet: write('Generating untrusted client cert ... ', end='') builder = CertificateBuilder( { 'country_name': 'US', 'state_or_province_name': 'Massachusetts', 'locality_name': 'Newbury', 'organization_name': 'TLS Client Certificates Limited', 'common_name': 'Untrusted TLS Client Certificate', }, public_key) builder.issuer = ca2_cert builder.begin_date = datetime(base_year, 1, 1, 0, 0, 0, tzinfo=timezone.utc) builder.end_date = datetime(base_year + 3, 1, 1, 0, 0, 0, tzinfo=timezone.utc) certificate = builder.build(ca2_private_key) dump_cert('client-untrusted', certificate) if not quiet: write('done') # Certificate that has a weak signature if not quiet: write('Generating weak client cert ... ', end='') builder = CertificateBuilder( { 'country_name': 'US', 'state_or_province_name': 'Massachusetts', 'locality_name': 'Newbury', 'organization_name': 'TLS Client Certificates Limited', 'common_name': 'Weak TLS Client Certificate', }, public_key) builder.issuer = ca_cert builder.crl_url = crl_url # Hack since API doesn't allow selection of weak algo builder._hash_algo = 'md5' builder.begin_date = datetime(base_year, 1, 1, 0, 0, 0, tzinfo=timezone.utc) builder.end_date = datetime(base_year + 3, 1, 1, 0, 0, 0, tzinfo=timezone.utc) certificate = builder.build(ca_private_key) dump_cert('client-weak', certificate) if not quiet: write('done') # Certificate that has bad key usage if not quiet: write('Generating bad key usage client cert ... ', end='') builder = CertificateBuilder( { 'country_name': 'US', 'state_or_province_name': 'Massachusetts', 'locality_name': 'Newbury', 'organization_name': 'TLS Client Certificates Limited', 'common_name': 'Bad Key Usage TLS Client Certificate', }, public_key) builder.issuer = ca_cert builder.crl_url = crl_url builder.begin_date = datetime(base_year, 1, 1, 0, 0, 0, tzinfo=timezone.utc) builder.end_date = datetime(base_year + 3, 1, 1, 0, 0, 0, tzinfo=timezone.utc) builder.key_usage = set(['crl_sign']) builder.extended_key_usage = set(['email_protection']) certificate = builder.build(ca_private_key) dump_cert('client-bad-key-usage', certificate) if not quiet: write('done') # Certificate that has been revoked if not quiet: write('Generating revoked client cert ... ', end='') builder = CertificateBuilder( { 'country_name': 'US', 'state_or_province_name': 'Massachusetts', 'locality_name': 'Newbury', 'organization_name': 'TLS Client Certificates Limited', 'common_name': 'Revoked TLS Client Certificate', }, public_key) builder.issuer = ca_cert builder.crl_url = crl_url builder.begin_date = datetime(base_year, 1, 1, 0, 0, 0, tzinfo=timezone.utc) builder.end_date = datetime(base_year + 3, 1, 1, 0, 0, 0, tzinfo=timezone.utc) revoked_certificate = builder.build(ca_private_key) dump_cert('client-revoked', revoked_certificate) if not quiet: write('done') crl_number = 1000 crl_builder = CertificateListBuilder(crl_url, ca_cert, crl_number) crl_builder.add_certificate( revoked_certificate.serial_number, datetime(base_year, 1, 2, 0, 0, 0, tzinfo=timezone.utc), 'key_compromise') certificate_list = crl_builder.build(ca_private_key) dump_crl('client', certificate_list)