Python is_selfsigned示例

编程语言: Python

命名空间/包名称: lemur.common.utils

方法/功能: is_selfsigned

hotexamples.com的示例: 3

Python is_selfsigned - 已找到3个示例。这些是从开源项目中提取的最受好评的lemur.common.utils.is_selfsigned现实Python示例。您可以评价示例，以帮助我们提高示例质量。

示例#1

显示文件

文件： defaults.py 项目： jtschladen/lemur

def issuer(cert):
    """
    Gets a sane issuer slug from a given certificate, stripping non-alphanumeric characters.

    For self-signed certificates, the special value '<selfsigned>' is returned.
    If issuer cannot be determined, '<unknown>' is returned.

    :param cert: Parsed certificate object
    :return: Issuer slug
    """
    # If certificate is self-signed, we return a special value -- there really is no distinct "issuer" for it
    if is_selfsigned(cert):
        return "<selfsigned>"

    # Try Common Name or fall back to Organization name
    attrs = cert.issuer.get_attributes_for_oid(
        x509.OID_COMMON_NAME) or cert.issuer.get_attributes_for_oid(
            x509.OID_ORGANIZATION_NAME)
    if not attrs:
        current_app.logger.error(
            "Unable to get issuer! Cert serial {:x}".format(
                cert.serial_number))
        return "<unknown>"

    return text_to_slug(attrs[0].value, "")

示例#2

显示文件

def send_authority_expiration_notifications():
    """
    This function will check for upcoming certificate authority certificate expiration,
    and send out notification emails at configured intervals.
    """
    success = failure = 0

    # security team gets all
    security_email = current_app.config.get("LEMUR_SECURITY_TEAM_EMAIL")

    for owner, owner_cert_groups in get_eligible_authority_certificates().items():
        for interval, certificates in owner_cert_groups.items():
            notification_data = []

            for certificate in certificates:
                cert_data = certificate_notification_output_schema.dump(
                    certificate
                ).data
                cert_data['self_signed'] = is_selfsigned(certificate.parsed_cert)
                cert_data['issued_cert_count'] = certificates_service.get_issued_cert_count_for_authority(certificate.root_authority)
                notification_data.append(cert_data)

            email_recipients = security_email + [owner]
            if send_default_notification(
                    "authority_expiration", notification_data, email_recipients,
                    notification_options=[{'name': 'interval', 'value': interval}]
            ):
                success = len(email_recipients)
            else:
                failure = len(email_recipients)

    return success, failure

示例#3

显示文件

文件： test_utils.py 项目： vsnine/lemur

def test_is_selfsigned(selfsigned_cert):
    from lemur.common.utils import is_selfsigned

    assert is_selfsigned(selfsigned_cert) is True
    assert is_selfsigned(SAN_CERT) is False
    assert is_selfsigned(INTERMEDIATE_CERT) is False
    # Root CA certificates are also technically self-signed
    assert is_selfsigned(ROOTCA_CERT) is True
    assert is_selfsigned(EC_CERT_EXAMPLE) is False

    # selfsigned certs
    assert is_selfsigned(ECDSA_PRIME256V1_CERT) is True
    assert is_selfsigned(ECDSA_SECP384r1_CERT) is True
    # unsupported algorithm (DSA)
    with pytest.raises(Exception):
        is_selfsigned(DSA_CERT)