예제 #1
0
def make_root_ca(
    subject=None,
    not_before=None,
    not_after=None,
    serial_number=None,
    basic_constraints=None,
    digestmod=None,
):
    if subject is None:
        subject = "OU=test, CN=Trusted CA"
    if not_before is None:
        not_before = dt.datetime.utcnow()
    if not_after is None:
        not_after = not_before + dt.timedelta(days=90)
    if serial_number is None:
        serial_number = 0x123456
    if basic_constraints is None:
        basic_constraints = BasicConstraints(True, -1)
    if digestmod is None:
        digestmod = hashlib.sha256

    key = RSA()
    key.generate()
    crt = CRT.selfsign(
        csr=CSR.new(key, subject, digestmod()),
        issuer_key=key,
        not_before=not_before,
        not_after=not_after,
        serial_number=serial_number,
        basic_constraints=basic_constraints,
    )
    return crt, key
예제 #2
0
 def ca0_crt(self, ca0_key, digestmod, now):
     ca0_csr = CSR.new(ca0_key, "CN=Trusted CA", digestmod())
     return CRT.selfsign(ca0_csr,
                         ca0_key,
                         not_before=now,
                         not_after=now + dt.timedelta(days=90),
                         serial_number=0x123456,
                         basic_constraints=BasicConstraints(True, -1))
예제 #3
0
 def trust_store(self, ca0_crt, version):
     store = TrustStore()
     store.add(CRT.from_DER(ca0_crt.to_DER()))
     return store