def parse_public(self, input_filename, algo):
with open(os.path.join(fixtures_dir, input_filename), 'rb') as f:
parsed = keys.parse_public(f.read())
self.assertEqual(algo, parsed['algorithm']['algorithm'].native)
# Make sure we can parse the whole structure
parsed.native
def parse_public(self, input_filename, algo):
with open(os.path.join(fixtures_dir, input_filename), 'rb') as f:
parsed = keys.parse_public(f.read())
self.assertEqual(algo, parsed['algorithm']['algorithm'].native)
# Make sure we can parse the whole structure
parsed.native
def __init__(self, der_string=None, public_key=None):
if public_key is None:
self._public_key = keys.parse_public(der_string)
else:
self._public_key = public_key
self._oscrypto_public_key = asymmetric.load_public_key(
source=self._public_key)
self._crypto_public_key = serialization.load_der_public_key(
data=self.to_der(), backend=default_backend())
def test_sign_public_only():
cfg = '''
root-ca:
subject: root
subject-key: root
issuer: root
authority-key: root
validity:
valid-from: "2000-01-01T00:00:00+0000"
valid-to: "2500-01-01T00:00:00+0000"
extensions:
- id: basic_constraints
critical: true
value:
ca: true
- id: key_usage
critical: true
smart-value:
schema: key-usage
params: [digital_signature, key_cert_sign, crl_sign]
leaf:
subject: pub-only
subject-key: split-key-pub
issuer: root
authority-key: root
validity:
valid-from: "2020-01-01T00:00:00+0000"
valid-to: "2050-01-01T00:00:00+0000"
extensions:
- id: key_usage
critical: true
smart-value:
schema: key-usage
params: [digital_signature]
'''
arch = PKIArchitecture(
arch_label=ArchLabel('test'),
key_set=RSA_KEYS,
entities=ENTITIES,
cert_spec_config=yaml.safe_load(cfg),
service_config={},
external_url_prefix='http://test.test',
)
pubkey = arch.get_cert(CertLabel('leaf')).public_key
with open('tests/data/keys-rsa/split-key-pub.key.pem', 'rb') as inf:
pubkey_actual = oskeys.parse_public(inf.read())
assert pubkey.native == pubkey_actual.native
def parse_der_pubkey(pem_or_der_pubkey):
return asymmetric.load_public_key(keys.parse_public(pem_or_der_pubkey))
def load_public_key(self, key_bytes: bytes) -> keys.PublicKeyInfo:
from oscrypto import keys as oskeys
return oskeys.parse_public(key_bytes)
def test_parse_public_pem_leading_whitespace(self):
with open(os.path.join(fixtures_dir, 'keys/test-public-rsa.key'), 'rb') as f:
parsed = keys.parse_public(b' \r\n' + f.read())
# Make sure we can parse the whole structure
parsed.native