예제 #1
0
파일: gencsr.py 프로젝트: OdinsHat/gencsr
def main():
    parser = argparse.ArgumentParser(description="Generate CSR and key for SSL certificate")

    parser.add_argument("cn", help="The full domain name e.g. www.example.com")
    parser.add_argument("-c", "--country", action="store", help="The 2-character country code")
    parser.add_argument("-s", "--state", action="store", help="The State, County or Province")
    parser.add_argument("-l", "--locality", action="store", help="The locality (e.g. City or town)")
    parser.add_argument("-o", "--organisation", action="store", help="The company or organisation")
    parser.add_argument("-d", "--dept", action="store", default="Web Security", help="Department of the company")
    parser.add_argument("-p", "--path", action="store", default="/root/", help="The path to create the keyfile and csr file")

    args = parser.parse_args()

    if not args.state or not args.locality or not args.country or not args.organisation:
        parser.print_help()
        sys.exit(-1)

    dname = ("/C=%s/ST=%s/L=%s/O=%s/OU=%s/CN=%s" % (
        args.country,
        args.state,
        args.locality,
        args.organisation,
        args.dept,
        args.cn
    ))

    key = pkiutils.create_rsa_key(
        2048,
        keyfile="%s%s.key" % (args.path, args.cn)
    )
    pkiutils.create_csr(
        key,
        dn=dname,
        csrfilename=("%s%s.csr" % (args.path, args.cn)))
    def create_cert(self, host, realm):
        try:
            key = pkiutils.create_rsa_key(bits=self.bits,
                                          keyfile=None,
                                          format='PEM',
                                          passphrase=None)
            csr = pkiutils.create_csr(
                key,
                "/CN={0}/C=US/O=Test organisation/".format(host),
                csrfilename=None,
                attributes=None)
        except Exception as e:
            raise Exception("Create CSR Exception: {0}".format(e))

        try:
            # CREATE CERT
            cert_request = self.session.post(
                '{0}session/json'.format(self.ipa_url),
                headers=self.header,
                data=json.dumps({
                    'id':
                    0,
                    'method':
                    'cert_request',
                    'params': [[csr], {
                        'principal': 'host/{0}@{1}'.format(host, realm),
                        'request_type': 'pkcs10',
                        'add': False
                    }]
                }),
                verify=self.ca_trust)
            cert_resp = cert_request.json()
        except Exception as e:
            raise Exception("Cert Create Exception: {0}\n{1}".format(
                e, cert_request))

        try:
            return cert_resp['result']['result']['certificate'], key
        except TypeError as e:
            if cert_resp['error']:
                raise Exception(
                    "Key Error: {0}\nCert Request Body:{1}\nCert Response: {2}\nKey: {3}"
                    .format(e, cert_request, cert_resp, key))
            else:
                raise Exception("Unknown Exception {0}".format(e))
예제 #3
0
    parser.add_argument('-d', dest='content_specifiers', nargs='+', required=True)
    parser.add_argument('-v', '--verbose', action='store_true')
    args = parser.parse_args()
    if args.verbose: logging.basicConfig(level=logging.DEBUG)
    logging.debug('Parsed argument credential_file: %s' % args.credential_file)
    logging.debug('Parsed argument content_specifiers: %s' % args.content_specifiers)

    auth_token = get_auth_token(args.credential_file)
    logging.debug('Got auth_token: %s' % auth_token)

    for content_specifier in args.content_specifiers:
        # Get torrent information
        gto_dict = get_gto_dict(content_specifier, auth_token)
        logging.debug('Got gto_dict: %s' % gto_dict.get('info').get('name'))

        # Authenticate
        cert_sign_url = get_cert_sign_url(content_specifier)
        logging.debug('Got cert_sign_url: %s' % cert_sign_url)
        info_hash = get_info_hash(gto_dict)
        logging.debug('Got info_hash: %s' % info_hash)
        rsa = RSA.generate(bits=RSA_KEY_SIZE, e=RSA_EXPONENT)
        logging.debug('RSA keypair generated; public key: %s' % rsa.publickey().exportKey())
        csr = pkiutils.create_csr(rsa, DISTINGUISHED_NAME)
        logging.debug('CSR generated: %s' % csr)
        crt = get_crt(cert_sign_url, auth_token, csr, info_hash)
        logging.debug('Got signed CRT: %s' % crt)

        # TODO(hammer): Download
        tracker_response = make_tracker_request(gto_dict, info_hash, rsa, crt)
        logging.debug('Got tracker response: %s' % tracker_response)
import logging

logging.basicConfig(level=logging.DEBUG)


key = create_rsa_key(2048, keyfile='key.pem', passphrase="test")
csr = create_csr(
    key,
    '/C=AU/ST=null/L=Aussie/O=dis/OU=x509/OU=of/OU=x509/emailAddress=test@pkiutils/cn=test.example.com',
    'csr.der',
    attributes={
        'extensionRequest': (
            ('x509basicConstraints', True,
             (False,)),
            ('subjectAlternativeName', False,
             ('DNS:test.example.com',
              'DNS:www.test.example.com',
              'IP:127.0.0.1',
	      'IP:1.2.3.4',
	      'IP:255.192.2.3',
	      'IP:1.255.1.1',
	      'IP:192.168.1.2',
	      'IP:192.168.1.2',
	      'IP:192.168.1.2',
              'IP:::1',
              'IP:2001::a1a1:bade',
              'IP:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF',
	      'IP:dead:beef:dead:beef:dead:beef:dead:beef')),
        ),
    })