BASEPATH = os.path.realpath(os.path.dirname(sys.argv[0]))
log = logging.getLogger('postoffice.tool.certnew')
# This will generate new certificate for user.
print "即将新建一个Xi证书。按Ctrl+C或Ctrl+D可以随时退出。"
c = certificate()
subj = inputbox('请输入新证书的题目:\n 1.只能由下列字符组成:a-z A-Z 空格 点(.)\n 2.长度3(含)到128(含)字符之间\n 3.开头结尾非空格')
if c._validate_subject(subj) == False:
exit()
rsa_len = spinbox('选择RSA密钥长度:',['1024','2048','3072','4096','8192'])
if rsa_len == False:
exit()
ec_type = selector('选择椭圆曲线类型:',_EC()._curves_id.keys())
if ec_type == False:
exit()
level = inputbox("""
请输入您的证书的等级(1-100):
证书的等级用在证书的签署中。只有高等级的证书才能签署
低等级的证书。也只有低等级的证书才能被高等级的签署。如果
您的证书需要被上级认证,建议为 50.""".strip())
try:
level = int(level)
exit()
else:
if jobid == 0: # FIXME
pass
elif jobid == 1:
pass
# 读入所有的证书信息
signtarget = selector('请选择要签署的证书持有人:',publiclist.keys())
if signtarget == False:
exit()
signwith = selector('请选择要用作签署的私有证书:',privatelist.keys())
if signwith == False:
exit()
trustlevel = spinbox('请选择信任等级(-3到3):\n 数字越大表示越信任。',range(-3,4))
if trustlevel == False:
exit()
signdays = spinbox('请选择签名有效期(天):',(120,90,60,365,730,30,15,7,1))
if signdays == False:
exit()
signlife = int(signdays) * 86400
log.info('[%s] is trying to sign [%s].',signwith,signtarget)
signer = certificate()
holder = certificate()
holder.load_public_text ( open( os.path.join(_util.BASEPATH,publiclist[signtarget]) ,'r').read() )
