예제 #1
0
    def commande_signer_csr_noeud_prive(self):
        clecert = EnveloppeCleCert()
        clecert.generer_private_key(keysize=2048)

        public_key = clecert.private_key.public_key()
        builder = x509.CertificateSigningRequestBuilder()
        name = x509.Name([
            # x509.NameAttribute(x509.name.NameOID.ORGANIZATION_NAME, '3aeGLdmMbA1BrmRYwpPgNAZKH2WGWmSedBjKSxw'),
            x509.NameAttribute(x509.name.NameOID.ORGANIZATIONAL_UNIT_NAME, 'intermediaire'),
            x509.NameAttribute(x509.name.NameOID.COMMON_NAME, str(uuid4()))
        ])
        builder = builder.subject_name(name)
        request = builder.sign(
            clecert.private_key, hashes.SHA256(), default_backend()
        )
        request_pem = request.public_bytes(primitives.serialization.Encoding.PEM)

        commande = {
            'liste_csr': [request_pem.decode('utf-8')],
            'role': 'prive'
        }
        enveloppe_requete = self.generateur.transmettre_commande(
            commande,
            'commande.MaitreDesCles.%s' % ConstantesMaitreDesCles.COMMANDE_SIGNER_CSR,
            correlation_id='abcd-1234',
            reply_to=self.queue_name
        )

        print("Envoi requete: %s" % enveloppe_requete)
        return enveloppe_requete
예제 #2
0
    def __generer_private_key(self,
                              generer_password=False,
                              keysize=2048,
                              public_exponent=65537):
        info_cle = dict()
        clecert = EnveloppeCleCert()
        clecert.generer_private_key(generer_password=generer_password)
        if generer_password:
            # info_cle['password'] = b64encode(secrets.token_bytes(16))
            info_cle['password'] = clecert.password

        # info_cle['cle'] = asymmetric.rsa.generate_private_key(
        #     public_exponent=public_exponent,
        #     key_size=keysize,
        #     backend=default_backend()
        # )

        info_cle['pem'] = clecert.private_key_bytes
        info_cle['clecert'] = clecert
        info_cle['cle'] = clecert.private_key

        return info_cle
예제 #3
0
    def generer_cert_navigateur(self):
        nouvelle_cle = EnveloppeCleCert()
        nouvelle_cle.generer_private_key()

        private_key = nouvelle_cle.private_key
        public_key = private_key.public_key()
        public_key = public_key.public_bytes(
            encoding=serialization.Encoding.PEM,
            format=serialization.PublicFormat.SubjectPublicKeyInfo)

        public_key_str = public_key.decode('utf-8')

        print('Public key:\n%s' % public_key_str)
        certificat = envcert.renouvelleur.signer_navigateur(
            public_key_str, 'testNavigateur')

        cert_output = certificat.cert_bytes.decode('utf-8')

        print("Certificat:")
        print(cert_output)

        with open('/home/mathieu/mgdev/output/generer_cert_navigateur.pem',
                  'wb') as f:
            f.write(certificat.cert_bytes)