def validate_tcg_from_certs(self, ca_cert_der, attest_cert_der): attest_cert_obj = Certificate(attest_cert_der) ca_cert_obj = Certificate(ca_cert_der) isValid = self._validate_attributes_with_tcg_rule(attest_cert_obj) and \ self._validate_tcg_raw(attest_cert_obj.tcg_min, attest_cert_obj.tcg_max, ca_cert_obj.tcg_min, ca_cert_obj.tcg_max) return isValid
def main(): lista = load_csv() for cert in lista: svg = load_svg(cert) certificado = Certificate(svg) certificado.save()
def create_multiple(logger, ctx, csv_file, config, force, key_size, san, verbose, debug, **subject): """ Create multiple certificate using csv file \f :param logger: :param ctx: :param csv_file: :param config: :param force: :param key_size: :param san: :param verbose: :param debug: :param subject: :return: """ tools.set_options(ctx=ctx, config=config, san=san, size=key_size, subject=subject, verbose=verbose, debug=debug) cert = Certificate(logger=logger, opts=tools.opts) if 'subject' in tools.opts: cert.load_subject() if csv_file: cert.generate_multiple(csv_file=csv_file, force=force) else: cert.generate_multiple(force=force)
def create(logger, ctx, name, config, force, key_size, san, verbose, debug, **subject): """ Create a single CSR \f :param logger: :param ctx: :param name: :param config: :param force: :param key_size: :param san: :param verbose: :param debug: :param subject: :return: """ tools.set_options(ctx=ctx, config=config, san=san, size=key_size, subject=subject, verbose=verbose, debug=debug) if name: tools.set_options(name=str(name)) cert = Certificate(logger=logger, opts=tools.opts) if 'subject' in tools.opts: cert.load_subject() cert.generate_csr(force=force)
def create_multiple_p12(logger, ctx, csv_file, pem_folder, key_folder, password, config, force, verbose, debug): """ Create multiple p12 using csv file \f :param logger: :param ctx: :param csv_file: :param pem_folder: :param key_folder: :param password: :param config: :param force: :param verbose: :param debug: :return: """ tools.set_options(ctx=ctx, config=config, verbose=verbose, debug=debug) cert = Certificate(logger, opts=tools.opts) if csv_file: cert.generate_multiple_p12(csv_file=csv_file, pem_folder=pem_folder, key_folder=key_folder, password=password, force=force) else: cert.generate_multiple_p12(pem_folder=pem_folder, key_folder=key_folder, password=password, force=force)
def create_p12(logger, ctx, name, pem, key, password, config, force, verbose, debug): """ \b Create a simple p12 Need key file and pem file \f :param logger: :param ctx: :param name: :param pem: :param key: :param password: :param config: :param force: :param verbose: :param debug: :return: """ tools.set_options(ctx=ctx, config=config, verbose=verbose, debug=debug) cert = Certificate(logger=logger, opts=tools.opts) cert.generate_p12(key=key, pem=pem, p12=name, password=password, force=force)
def __init__(self, name): self.__name = name print("{} created".format(name)) self.__key = KeyPairRSA() self.__cert = Certificate(name=name, key_pair_rsa=self.__key, validity_date=10)
def certificate(self, hostname): """Returns the certificate of a particular hostname :param hostname: The hostname you want the certificate of :type hostname: str :return: The ppaas.Certificate object, or raises an exception :rtype: ppaas.Certificate """ return Certificate(self, hostname)
def validate_tcg_from_config(self, ca_cert_path, signing_attributes): ca_cert_obj = Certificate(path=ca_cert_path) tcg_min_str = signing_attributes.tcg_min tcg_max_str = signing_attributes.tcg_max tcg_min_attest = Attribute.init(num_bits=32, string=tcg_min_str) tcg_max_attest = Attribute.init(num_bits=32, string=tcg_max_str) return self._validate_tcg_raw(tcg_min_attest, tcg_max_attest, ca_cert_obj.tcg_min, ca_cert_obj.tcg_max)
def parseCerts(self, signature, offset): prev = self._f.tell() true_offset = signature.getOffset() + offset self._f.seek(true_offset) magic = getInt(self._f) if magic != dictionary.signatures['BLOBWRAPPER']: data = { 'offset': true_offset, 'magic': hex(magic), 'expected': hex(dictionary.signatures['BLOBWRAPPER']) } a = Abnormality(title='BAD MAGIC - BLOBWRAPPER', data=data) self.addAbnormality(a) self._f.seek(prev) return size = getInt(self._f) - 8 # out = open('cms', 'wb') # out.write(self._f.read(size)) # out.close() # exit(0) if size > 0: signed_data = cms.CMS(self._f.read(size), format='DER') for cert in signed_data.certs: serial = cert.serial subject = { 'country': self.getCertNameData(cert.subject, oid.Oid('C')), 'org': self.getCertNameData(cert.subject, oid.Oid('O')), 'org_unit': self.getCertNameData(cert.subject, oid.Oid('OU')), 'common_name': self.getCertNameData(cert.subject, oid.Oid('CN')) } issuer = { 'country': self.getCertNameData(cert.issuer, oid.Oid('C')), 'org': self.getCertNameData(cert.issuer, oid.Oid('O')), 'org_unit': self.getCertNameData(cert.issuer, oid.Oid('OU')), 'common_name': self.getCertNameData(cert.issuer, oid.Oid('CN')) } ca = cert.check_ca() cert = Certificate(serial=serial, subject=subject, issuer=issuer, ca=ca) signature.addCert(cert) else: data = { 'offset': true_offset, 'size': size } a = Abnormality(title='NON-POSITIVE CMS SIZE', data=data) self.addAbnormality(a) self._f.seek(prev)
def certificate(): id = request.args.get('id') donor = Donor.query.filter(Donor.id == id).first() file_dir = os.path.join(basedir, app.config['IMG_FOLDER']) if donor: no = "WH2020012310{0:04d}".format(donor.id) certi_file = "%s.png" % os.path.join(file_dir, no) if not os.path.exists(certi_file): amount = "%.2f" % donor.amount cert = Certificate(donor.name, amount, no) cert.grant() image_data = open(certi_file, "rb").read() response = make_response(image_data) response.headers['Content-Type'] = 'image/png' return response
def read(logger, ctx, path, password, plain_text): """ Read csr or p12 \f :param logger: :param ctx: :param path: :param password: :param plain_text: :return: """ tools.set_options(ctx=ctx) cert = Certificate(logger=logger, opts=tools.opts) click.echo(cert.read(path=path, password=password, plain_text=plain_text))
def validate_oid_from_config(self, ca_cert_path, signing_attributes): ca_cert_obj = Certificate(path=ca_cert_path) min_str = signing_attributes.object_id.min max_str = signing_attributes.object_id.max min_attest = Attribute.init(num_bits=32, string=min_str) max_attest = Attribute.init(num_bits=32, string=max_str) if signing_attributes.object_id.name == "tcg": min_ca = ca_cert_obj.tcg_min max_ca = ca_cert_obj.tcg_max elif signing_attributes.object_id.name == "feature_id": min_ca = ca_cert_obj.fid_min max_ca = ca_cert_obj.fid_max return self._validate_oid_raw(min_attest, max_attest, min_ca, max_ca)
def sign(self, binary_to_sign, imageinfo, debug_dir=None): ''' This function returns a SignerOutput object which has all the security assets generated by the signer. ''' self._signer_impl.validate_config(imageinfo) hasher = Hasher() hmacParams = signerutils.get_hmac_params_from_config( imageinfo.signing_attributes) hash_to_sign = hasher.qcom_hmac(binary_to_sign, hmacParams) signer_output = self._signer_impl.sign(hash_to_sign, imageinfo, binary_to_sign, debug_dir) #print certificate properties attestation_cert_obj = Certificate(signer_output.attestation_cert) logger.info('\nAttestation Certificate Properties:\n' + str(attestation_cert_obj)) return signer_output
def read_certificates(self, server_certificates): logger.info( "------------------------------------------------------------------------------------" ) logger.info("Rufe die Zertifkate für die weiteren Tests ab") logger.info( "------------------------------------------------------------------------------------" ) try: if server_certificates is None: openssl_cmd_getcert = "echo 'Q' | openssl s_client -connect " + self.hostname + ":" + str( self.port ) + self.openssl_client_proxy_part + " -showcerts | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'" proc = subprocess.Popen([openssl_cmd_getcert], stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) (out, err) = proc.communicate() tmp_certs = pem.parse(out) else: tmp_certs = pem.parse_file(server_certificates) logger.info( str(len(tmp_certs)) + " Zertifikate wurden empfangen bzw. eingelesen.") for crt in tmp_certs: self.x509_certs.append( load_pem_x509_certificate( str(crt).encode('ascii', 'ignore'), default_backend())) for x509 in self.x509_certs: self.certs.append(Certificate(x509, self.ca_file)) except Exception as err: print err
def main(): BASE_MODULE_ARGS = dict(cadir=dict(default="/etc/certs"), certname=dict(required=True), subj=dict(default="/DC=com/DC=example/CN=CA/"), p12password=dict(required=True), certtype=dict(default="server", choices=["server", "client"]), state=dict(default="present", choices=["present", "absent"]), subjectAltNames=dict(required=False)) module = AnsibleModule(argument_spec=BASE_MODULE_ARGS, supports_check_mode=True) isServerCert = True if module.params["certtype"] == "client": isServerCert = False # cadir, certname, subj, p12password, isServerCert cert = Certificate(module.params["cadir"], module.params["certname"], module.params["subj"], module.params["p12password"], isServerCert, module.params["subjectAltNames"]) isValid = cert.validate_config() if isValid["success"]: if module.params["state"] == "present": isValid = cert.create_certificate() else: isValid = cert.remove_certificate() if not isValid["success"]: module.fail_json(msg=isValid["msg"]) else: module.exit_json(**isValid)
def retrieve_certificate(self): """ retrieve the repository's certificate file """ certificate = self.retrieve_object(self.manifest.certificate, 'X') return Certificate(certificate)
def createCert(certname, subj, password, isServerCert): print line print "Creating certificate for: {}".format(certname) cert = Certificate(cadir, certname, subj, password, isServerCert) print cert.create_certificate() return cert
def __main__(self): father = self.father chatroom = tk.Tk() chatroom.geometry('600x400+425+225') chatroom.title('91 Chatroom for ' + self.father.father.username) # chatroom.attributes('-topmost',1) # backgroud frame = tk.Frame(chatroom, bg=colors['black'], width=600, height=400) frame.place(x=0, y=0) # container textArea = tk.Text(frame, bg=colors['black'], fg=colors['green'], highlightbackground=colors['lightGray'], selectbackground=colors['blue'], selectforeground=colors['green'], width=60, height=22, bd=0) textArea.place(x=10, y=10, anchor=tk.NW) textArea.bind('<KeyPress>', lambda x: "break") father.textArea = textArea # textArea.focus_set() # choose tk.Label(frame, text="Select Receiver:", bg=colors['black'], fg=colors['green']).place(x=460, y=10, anchor=tk.NW) listbox = tk.Listbox(frame, width=14, height=7, bg=colors['darkGray'], fg=colors['green'], selectbackground=colors['black'], selectforeground=colors['green']) listbox.place(x=460, y=35, anchor=tk.NW) father.listbox = listbox fileButton = tk.Button( frame, text="File", bd=0, highlightbackground=colors['black'], command=lambda: self.uploadFile(father.socket, nameLabel)) fileButton.place(x=480, y=180, anchor=tk.CENTER) videoButton = tk.Button( frame, text="Video", bd=0, highlightbackground=colors['black'], command=lambda: self.videoCall(father.socket, nameLabel)) videoButton.place(x=560, y=180, anchor=tk.CENTER) # ttk.Style().configure("b.TButton", foreground="black", background="white") # style1 = ttk.Style() # style1.configure("BW1.TLabel", foreground="black", background="white") # bt_refresh = ttk.Button(f, text = "刷新列表", bd = 0, style = "BW1.TLable",command = lambda : self.refresh(father.socket)) tk.Label(frame, text="System Log:", bg=colors['black'], fg=colors['green']).place(x=460, y=208, anchor=tk.NW) logArea = tk.Text(frame, bg=colors['black'], fg=colors['green'], highlightbackground=colors['lightGray'], selectbackground=colors['blue'], selectforeground=colors['green'], width=16, height=7, bd=0) logArea.place(x=455, y=233, anchor=tk.NW) logArea.bind('<KeyPress>', lambda x: "break") father.logArea = logArea log = ctime() + " Connection Establishment" logArea.insert(tk.END, log + '\n\n') logArea.see(tk.END) # input nameLabel = tk.Label(frame, text="Unseleted", bg=colors['black'], fg=colors['green'], width=8) nameLabel.place(x=12, y=360) listbox.bind('<Double-Button-1>', lambda x: self.changeSendTo(listbox, nameLabel)) self.nameLabel = nameLabel inputEntry = tk.Entry(frame, width=37, bg=colors['black'], fg=colors['green'], insertbackground=colors['white'], highlightbackground=colors['lightGray'], selectbackground=colors['blue'], selectforeground=colors['green']) inputEntry.place(x=90, y=358) # inputEntry.bind('<Key-Return>', # lambda x : self.requestCertificate(father.socket, # nameLabel, inputEntry)) inputEntry.bind( '<Key-Return>', lambda x: self.requestCertificate( father.socket, nameLabel)) # self.inputEntry = inputEntry father.inputEntry = inputEntry bt_send = tk.Button(frame, text="Enter", highlightbackground=colors['black'], command=lambda: self.requestCertificate( father.socket, nameLabel)) bt_send.place(x=480, y=371, anchor=tk.CENTER) bt_clear = tk.Button( frame, text="Clear", highlightbackground=colors['black'], command=lambda: textArea.delete(0.0, tk.END)) bt_clear.place(x=560, y=372, anchor=tk.CENTER) r = RSA() c = Certificate(r.pubKey) c.certificateInfo['username'] = self.father.father.username self.father.father.selfInfo[ 'username'] = self.father.father.username self.father.father.selfInfo[ 'decryptionType'] = c.certificateInfo['encryptionType'] self.father.father.selfInfo['pubKey'] = r.pubKey self.father.father.selfInfo['priKey'] = r.priKey self.father.father.selfInfo[ 'communicationType'] = c.certificateInfo[ 'communicationType'] if c.certificateInfo['communicationType'] == "dh": pubNum = DH().getPAndG() self.father.father.selfInfo['pAndg'] = pubNum c.certificateInfo['pAndg'] = pubNum self.father.father.selfInfo['secretA'] = getPrimeNum(20) self.father.father.selfInfo['mA'] = pow( pubNum[1], self.father.father.selfInfo['secretA'], pubNum[0]) jData = json.dumps(c.certificateInfo) father.socket.send(jData.encode()) # 刷新列表 # self.refresh(father.socket) inputEntry.focus_set() chatroom.focus_force() chatroom.mainloop() father.socket.shutdown(2) print('Socket 断开')
from suds.client import Client from certificate import Certificate import sys client = Client( "http://localhost:8081/config-service/ConfigurationService?wsdl") cert = Certificate(sys.argv[1]) cert.add_to_config(client)