def from_crypto(cls, csr: x509.CertificateSigningRequest):
# type: (type, x509.CertificateSigningRequest, CertificateType) -> Certificate
m = cls()
m.pem_data = csr.public_bytes(serialization.Encoding.PEM)
m.not_before = datetime.datetime.utcnow()
m.not_after = datetime.datetime.utcnow() + datetime.timedelta(days=700)
h = hashes.Hash(hashes.SHA256(), default_backend())
h.update(m.pem_data)
m.fingerprint = h.finalize()
m.discriminator = CertificateType.CSR.value
subject: x509.Name = csr.subject
cns = subject.get_attributes_for_oid(NameOID.COMMON_NAME)
if cns is not None:
m.x509_cn = cns[0].value
return m
def submit_mdmcert_request(email: str,
csr: x509.CertificateSigningRequest,
encrypt_with: x509.Certificate,
api_key: str = MDMCERT_API_KEY) -> Dict:
"""Submit a CSR signing request to mdmcert.download.
Args:
email (str): Your registered mdmcert.download e-mail address.
api_key (str): Your registered mdmcert.download API key.
csr (cryptography.x509.CertificateSigningRequest): The MDM CSR to sign.
encrypt_with (cryptography.x509.Certificate): The certificate which will be used to encrypt the response.
Returns:
dict: Response from the mdmcert.download service.
"""
base64_csr = b64encode(csr.public_bytes(serialization.Encoding.PEM))
base64_recipient = b64encode(
encrypt_with.public_bytes(serialization.Encoding.PEM))
mdmcert_dict = {
'csr': base64_csr.decode('utf8'),
'email': email,
'key': api_key,
'encrypt': base64_recipient.decode('utf8'),
}
req = urllib.request.Request(MDMCERT_REQ_URL,
json.dumps(mdmcert_dict).encode('utf8'), {
'Content-Type': 'application/json',
'User-Agent': 'coMmanDMent/0.1'
})
f = urllib.request.urlopen(req)
resp = f.read()
f.close()
return json.loads(resp)
def get_certificate_signing_request_content(cls, csr: x509.CertificateSigningRequest) -> str:
public_bytes = csr.public_bytes(serialization.Encoding.PEM)
return cls._str(public_bytes)
def process_bind_param(self, value: x509.CertificateSigningRequest,
dialect):
return value.public_bytes(serialization.Encoding.DER)
def serialize_csr(csr: CertificateSigningRequest) -> str:
return csr.public_bytes(Encoding.PEM).decode("utf-8")
