-
Notifications
You must be signed in to change notification settings - Fork 0
/
tool_certnew.py
66 lines (45 loc) · 2.22 KB
/
tool_certnew.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# -*- coding: utf-8 -*-
from xi.certificate import certificate
from xi.publickeyalgo import _EC
from gui.inputbox import inputbox
from gui.selector import selector
from gui.spinbox import spinbox
import logging,sys,os,_util
BASEPATH = os.path.realpath(os.path.dirname(sys.argv[0]))
log = logging.getLogger('postoffice.tool.certnew')
# This will generate new certificate for user.
print "即将新建一个Xi证书。按Ctrl+C或Ctrl+D可以随时退出。"
c = certificate()
subj = inputbox('请输入新证书的题目:\n 1.只能由下列字符组成:a-z A-Z 空格 点(.)\n 2.长度3(含)到128(含)字符之间\n 3.开头结尾非空格')
if c._validate_subject(subj) == False:
exit()
rsa_len = spinbox('选择RSA密钥长度:',['1024','2048','3072','4096','8192'])
if rsa_len == False:
exit()
ec_type = selector('选择椭圆曲线类型:',_EC()._curves_id.keys())
if ec_type == False:
exit()
level = inputbox("""
请输入您的证书的等级(1-100):
证书的等级用在证书的签署中。只有高等级的证书才能签署
低等级的证书。也只有低等级的证书才能被高等级的签署。如果
您的证书需要被上级认证,建议为 50.""".strip())
try:
level = int(level)
if level < 1 or level > 100:
raise Exception
except:
exit()
print "证书主题:%s\nRSA比特数:%s\n椭圆曲线:%s\n等级:%s" % (subj,rsa_len,ec_type,level)
print "信息收集完毕。开始生成证书..."
log.info('Generate new certificate. Subject[%s] Level[%s] RSA_Bits[%s] EC_Type[%s]',subj,level,rsa_len,ec_type)
c.generate(subj,level=level,bits=int(rsa_len),curve=_EC()._curves_id[ec_type])
print "新证书已经生成,将保存到 certificates/ 下,请输入私有证书保护密码。"
log.info('New certificate generation done.')
certname = c.get_id()
BASEPATH = os.path.join(BASEPATH,'certificates')
c.save_private_text(os.path.join(BASEPATH,'secret','%s.private' % certname))
publictext = c.get_public_text()
open(os.path.join(BASEPATH,'public','%s.public' % certname),'w+').write(publictext)
print "\n您的证书已经保存。文件名:%s.private 和 %s.public" % (certname,certname)
log.info('New certificate saved: %s(.private & .public)',certname)