def jwkthumb(e, n): """ JSON Web Key Thumbprint SHA256 from RSA exponent end modulus """ js = '{"e":"%s","kty":"RSA","n":"%s"}' % (tobase64(e), tobase64(n)) return tobase64(hashlib.sha256(tobytes(js)).digest())
def main(fin, fout, meth): if meth is None: meth = 'mkpy' xs = fin.read() insize = fin.tell() fin.close() que = mkprioque(xs) squ = serializq(que) fout.write(b'\x7fZ') fout.write(meth.upper().encode('utf-8')) fout.write(struct.pack('I', insize)) fout.write(tobytes(squ)) bmp = mkht_methods[meth](que).tomap() bs = ''.join(bmp[x] for x in xs) res = bits2bytes(bs) fout.write(tobytes(res)) fout.close()
def _sslutils_req(domains=[], cfg="", key="", ecdsa=False): """ Create new RSA key and simple CSR request. XXX TODO - remove dependency on openssl """ if len(domains) == 0: raise Exception("no domains") i = 1 subject = "/CN=" config = "[req]\n" config += "distinguished_name = req_distinguished_name\n" config += "req_extensions=v3_req\n" config += "[req_distinguished_name]\n" config += "[v3_req]\n" config += "basicConstraints=CA:FALSE\n" config += "keyUsage=nonRepudiation,digitalSignature,keyEncipherment\n" config += "subjectAltName=@alt_names\n" config += "[alt_names]\n" for domain in domains: if domain.find('/') >= 0: raise Exception("bad domain %s" % (domain)) if domain.find('*') >= 0: raise Exception("bad domain %s" % (domain)) config += "DNS.%d=%s\n" % (i, domain) if i == 1: subject += domain i += 1 savesync(cfg, tobytes(config)) if ecdsa: #create ECDSA key _sslutils_ecdsa_makekey(key) else: #create RSA key _sslutils_rsa_makekey(key, "", 2048) #create request cmd = [ 'openssl', 'req', '-sha256', '-nodes', '-subj', subject, '-key', key, '-new', '-outform', 'der', '-config', cfg ] p = subprocess.Popen(cmd, stdout=subprocess.PIPE, stdin=subprocess.PIPE) ret = p.communicate('')[0] if (p.returncode != 0): raise Exception("%s: failed" % (" ".join(cmd))) return ret
def _sslutils_req(domains = [], cfg = "", key = ""): """ Create new RSA key and simple CSR request. XXX TODO - remove dependency on openssl """ if len(domains) == 0: raise Exception("no domains") i = 1 subject = "/CN=" config = "[req]\n" config += "distinguished_name = req_distinguished_name\n" config += "req_extensions=v3_req\n" config += "[req_distinguished_name]\n" config += "[v3_req]\n" config += "basicConstraints=CA:FALSE\n" config += "keyUsage=nonRepudiation,digitalSignature,keyEncipherment\n" config += "subjectAltName=@alt_names\n" config += "[alt_names]\n" for domain in domains: if domain.find('/') >= 0: raise Exception("bad domain %s" % (domain)) if domain.find('*') >= 0: raise Exception("bad domain %s" % (domain)) config += "DNS.%d=%s\n" % (i, domain) if i == 1: subject += domain i += 1 savesync(cfg, tobytes(config)) if 1 == 1: #create RSA key _sslutils_rsa_makekey(key, "", 2048) else: #create ECDSA key - XXX TODO _sslutils_ecdsa_makekey(key) #create request cmd = ['openssl', 'req', '-sha256', '-nodes', '-subj', subject, '-key', key, '-new', '-outform', 'der', '-config', cfg] p = subprocess.Popen(cmd, stdout = subprocess.PIPE, stdin = subprocess.PIPE) ret = p.communicate('')[0] if (p.returncode != 0): raise Exception("%s: failed" % (" ".join(cmd))) return ret
def main(fin, fout, meth): if fin.read(2) != b'\x7fZ': raise Exception('wrong file format!') meth = fin.read(4).decode('utf-8').lower() if meth not in mkht_methods: raise Exception('unknown compressing method!') outsize = unpack('I', fin.read(calcsize('I'))) if isinstance(outsize, tuple): outsize = outsize[0] que = unserializq(fin) htr = mkht_methods[meth](que) res = fin.read() fin.close() bs = bytes2bits(res) res = unapplyhtr(bs, htr) if len(res) < outsize: res += ['\n' for i in range(outsize - len(res))] else: res = res[:outsize] fout.write(tobytes(res)) fout.close()
def tobase64(x): """ python2/3 compatible conversion to urlsafe base64 encoding """ return tostr(base64.urlsafe_b64encode(tobytes(x))).replace('=', '')
def tojson(x): """ python2/3 compatible conversion to json string """ return tobytes(json.dumps(x))