Пример #1
0
def generate(db):
    type = request.forms.get('type')
    email = request.forms.get('email')
    dns = request.forms.get('dns')
    commonName = request.forms.get('common_name')
    organization = request.forms.get('organization')
    locality = request.forms.get('locality')
    country = request.forms.get('country')

    # DER encoded
    spkac = request.forms.get('key')

    # Calculate serial
    res = db.execute('SELECT COUNT(*) AS count FROM certificates')
    certSerial = '{:02d}'.format(int(res.fetchone()['count']) + 1, 'utf-8')

    print('Serial: {}'.format(certSerial))

    PEMCert = openssl.signSPKAC(spkac, type, certSerial, email=email, DNS=dns, CN=commonName, O=organization, L=locality, C=country)
    certFingerprint = openssl.x509Fingerprint(PEMCert)
    certHash = openssl.x509SubjectHash(PEMCert)

    # Store into the database
    db.execute('INSERT INTO certificates (serial,fingerprint,subject_hash,certificate) VALUES(?, ?, ?, ?)',
               (certSerial, certFingerprint, certHash, PEMCert))

    # redirect the user to /show/<certificate hash>
    return '<pre>Certificate:\n{}\n\nSubject Hash: {}\nFingerprint: {}'.format(PEMCert, certHash, certFingerprint)
Пример #2
0
def generate(db):
    type = request.forms.get('type')
    email = request.forms.get('email')
    dns = request.forms.get('dns')
    commonName = request.forms.get('common_name')
    organization = request.forms.get('organization')
    locality = request.forms.get('locality')
    country = request.forms.get('country')

    # PEM encoded
    spkac = request.forms.get('key')

    # Calculate serial
    res = db.execute('SELECT COUNT(*) AS count FROM certificates')
    certSerial = '{:02d}'.format(int(res.fetchone()['count']) + 1, 'utf-8')

    print('Serial: {}'.format(certSerial))

    PEMCertificate = openssl.signSPKAC(spkac, type, certSerial, email=email, DNS=dns, CN=commonName, O=organization,
                                L=locality, C=country)
    certFingerprint = openssl.x509Fingerprint(PEMCertificate)
    certHash = openssl.x509SubjectHash(PEMCertificate)

    # Store into the database
    if type == "sslserver":
        commonName = dns
    elif type == "smime":
        commonName = email
    db.execute(
        'INSERT INTO certificates (serial,fingerprint,subject_hash,type,common_name,certificate)' +
        'VALUES(?, ?, ?, ?, ?, ?)', (certSerial, certFingerprint, certHash, type, commonName, PEMCertificate))

    # Make the browser install the certificate in DER format
    DERCertificate = openssl.PEMtoDER(PEMCertificate)
    response.content_type = 'application/x-x509-user-cert'

    return DERCertificate