我们从Python开源项目中,提取了以下47个代码示例,用于说明如何使用OpenSSL.crypto.FILETYPE_TEXT。
def test_dump_certificate(self): """ L{dump_certificate} writes PEM, DER, and text. """ pemData = cleartextCertificatePEM + cleartextPrivateKeyPEM cert = load_certificate(FILETYPE_PEM, pemData) dumped_pem = dump_certificate(FILETYPE_PEM, cert) self.assertEqual(dumped_pem, cleartextCertificatePEM) dumped_der = dump_certificate(FILETYPE_ASN1, cert) good_der = _runopenssl(dumped_pem, "x509", "-outform", "DER") self.assertEqual(dumped_der, good_der) cert2 = load_certificate(FILETYPE_ASN1, dumped_der) dumped_pem2 = dump_certificate(FILETYPE_PEM, cert2) self.assertEqual(dumped_pem2, cleartextCertificatePEM) dumped_text = dump_certificate(FILETYPE_TEXT, cert) good_text = _runopenssl(dumped_pem, "x509", "-noout", "-text") self.assertEqual(dumped_text, good_text)
def test_dump_certificate_request(self): """ L{dump_certificate_request} writes a PEM, DER, and text. """ req = load_certificate_request(FILETYPE_PEM, cleartextCertificateRequestPEM) dumped_pem = dump_certificate_request(FILETYPE_PEM, req) self.assertEqual(dumped_pem, cleartextCertificateRequestPEM) dumped_der = dump_certificate_request(FILETYPE_ASN1, req) good_der = _runopenssl(dumped_pem, "req", "-outform", "DER") self.assertEqual(dumped_der, good_der) req2 = load_certificate_request(FILETYPE_ASN1, dumped_der) dumped_pem2 = dump_certificate_request(FILETYPE_PEM, req2) self.assertEqual(dumped_pem2, cleartextCertificateRequestPEM) dumped_text = dump_certificate_request(FILETYPE_TEXT, req) good_text = _runopenssl(dumped_pem, "req", "-noout", "-text") self.assertEqual(dumped_text, good_text)
def test_dump_certificate(self): """ :py:obj:`dump_certificate` writes PEM, DER, and text. """ pemData = cleartextCertificatePEM + cleartextPrivateKeyPEM cert = load_certificate(FILETYPE_PEM, pemData) dumped_pem = dump_certificate(FILETYPE_PEM, cert) self.assertEqual(dumped_pem, cleartextCertificatePEM) dumped_der = dump_certificate(FILETYPE_ASN1, cert) good_der = _runopenssl(dumped_pem, b"x509", b"-outform", b"DER") self.assertEqual(dumped_der, good_der) cert2 = load_certificate(FILETYPE_ASN1, dumped_der) dumped_pem2 = dump_certificate(FILETYPE_PEM, cert2) self.assertEqual(dumped_pem2, cleartextCertificatePEM) dumped_text = dump_certificate(FILETYPE_TEXT, cert) good_text = _runopenssl(dumped_pem, b"x509", b"-noout", b"-text") self.assertEqual(dumped_text, good_text)
def test_dump_certificate_request(self): """ :py:obj:`dump_certificate_request` writes a PEM, DER, and text. """ req = load_certificate_request(FILETYPE_PEM, cleartextCertificateRequestPEM) dumped_pem = dump_certificate_request(FILETYPE_PEM, req) self.assertEqual(dumped_pem, cleartextCertificateRequestPEM) dumped_der = dump_certificate_request(FILETYPE_ASN1, req) good_der = _runopenssl(dumped_pem, b"req", b"-outform", b"DER") self.assertEqual(dumped_der, good_der) req2 = load_certificate_request(FILETYPE_ASN1, dumped_der) dumped_pem2 = dump_certificate_request(FILETYPE_PEM, req2) self.assertEqual(dumped_pem2, cleartextCertificateRequestPEM) dumped_text = dump_certificate_request(FILETYPE_TEXT, req) good_text = _runopenssl(dumped_pem, b"req", b"-noout", b"-text") self.assertEqual(dumped_text, good_text) self.assertRaises(ValueError, dump_certificate_request, 100, req)
def test_export_text(self): """ If passed ``FILETYPE_TEXT`` for the format, ``CRL.export`` returns a text format string like the one produced by the openssl command line tool. """ crl = self._get_crl() dumped_crl = crl.export(self.cert, self.pkey, FILETYPE_ASN1) text = _runopenssl( dumped_crl, b"crl", b"-noout", b"-text", b"-inform", b"DER" ) # text format dumped_text = crl.export(self.cert, self.pkey, type=FILETYPE_TEXT) self.assertEqual(text, dumped_text)
def test_dump_privatekey(self): """ L{dump_privatekey} writes a PEM, DER, and text. """ key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM) self.assertTrue(key.check()) dumped_pem = dump_privatekey(FILETYPE_PEM, key) self.assertEqual(dumped_pem, cleartextPrivateKeyPEM) dumped_der = dump_privatekey(FILETYPE_ASN1, key) # XXX This OpenSSL call writes "writing RSA key" to standard out. Sad. good_der = _runopenssl(dumped_pem, "rsa", "-outform", "DER") self.assertEqual(dumped_der, good_der) key2 = load_privatekey(FILETYPE_ASN1, dumped_der) dumped_pem2 = dump_privatekey(FILETYPE_PEM, key2) self.assertEqual(dumped_pem2, cleartextPrivateKeyPEM) dumped_text = dump_privatekey(FILETYPE_TEXT, key) good_text = _runopenssl(dumped_pem, "rsa", "-noout", "-text") self.assertEqual(dumped_text, good_text)
def test_dump_certificate_request(self): """ L{dump_certificate_request} writes a PEM, DER, and text. """ req = load_certificate_request(FILETYPE_PEM, cleartextCertificateRequestPEM) dumped_pem = dump_certificate_request(FILETYPE_PEM, req) self.assertEqual(dumped_pem, cleartextCertificateRequestPEM) dumped_der = dump_certificate_request(FILETYPE_ASN1, req) good_der = _runopenssl(dumped_pem, "req", "-outform", "DER") self.assertEqual(dumped_der, good_der) req2 = load_certificate_request(FILETYPE_ASN1, dumped_der) dumped_pem2 = dump_certificate_request(FILETYPE_PEM, req2) self.assertEqual(dumped_pem2, cleartextCertificateRequestPEM) dumped_text = dump_certificate_request(FILETYPE_TEXT, req) good_text = _runopenssl(dumped_pem, "req", "-noout", "-text") self.assertEqual(dumped_text, good_text) self.assertRaises(ValueError, dump_certificate_request, 100, req)
def test_unused_subject(self): """ The C{subject} parameter to L{X509Extension} may be provided for an extension which does not use it and is ignored in this case. """ ext1 = X509Extension('basicConstraints', False, 'CA:TRUE', subject=self.x509) self.x509.add_extensions([ext1]) self.x509.sign(self.pkey, 'sha1') # This is a little lame. Can we think of a better way? text = dump_certificate(FILETYPE_TEXT, self.x509) self.assertTrue('X509v3 Basic Constraints:' in text) self.assertTrue('CA:TRUE' in text)
def test_subject(self): """ If an extension requires a subject, the C{subject} parameter to L{X509Extension} provides its value. """ ext3 = X509Extension('subjectKeyIdentifier', False, 'hash', subject=self.x509) self.x509.add_extensions([ext3]) self.x509.sign(self.pkey, 'sha1') text = dump_certificate(FILETYPE_TEXT, self.x509) self.assertTrue('X509v3 Subject Key Identifier:' in text)
def test_unused_issuer(self): """ The C{issuer} parameter to L{X509Extension} may be provided for an extension which does not use it and is ignored in this case. """ ext1 = X509Extension('basicConstraints', False, 'CA:TRUE', issuer=self.x509) self.x509.add_extensions([ext1]) self.x509.sign(self.pkey, 'sha1') text = dump_certificate(FILETYPE_TEXT, self.x509) self.assertTrue('X509v3 Basic Constraints:' in text) self.assertTrue('CA:TRUE' in text)
def test_issuer(self): """ If an extension requires a issuer, the C{issuer} parameter to L{X509Extension} provides its value. """ ext2 = X509Extension( 'authorityKeyIdentifier', False, 'issuer:always', issuer=self.x509) self.x509.add_extensions([ext2]) self.x509.sign(self.pkey, 'sha1') text = dump_certificate(FILETYPE_TEXT, self.x509) self.assertTrue('X509v3 Authority Key Identifier:' in text) self.assertTrue('DirName:/CN=Yoda root CA' in text)
def test_unused_subject(self, x509_data): """ The `subject` parameter to `X509Extension` may be provided for an extension which does not use it and is ignored in this case. """ pkey, x509 = x509_data ext1 = X509Extension( b'basicConstraints', False, b'CA:TRUE', subject=x509) x509.add_extensions([ext1]) x509.sign(pkey, 'sha1') # This is a little lame. Can we think of a better way? text = dump_certificate(FILETYPE_TEXT, x509) assert b'X509v3 Basic Constraints:' in text assert b'CA:TRUE' in text
def test_subject(self, x509_data): """ If an extension requires a subject, the `subject` parameter to `X509Extension` provides its value. """ pkey, x509 = x509_data ext3 = X509Extension( b'subjectKeyIdentifier', False, b'hash', subject=x509) x509.add_extensions([ext3]) x509.sign(pkey, 'sha1') text = dump_certificate(FILETYPE_TEXT, x509) assert b'X509v3 Subject Key Identifier:' in text
def test_unused_issuer(self, x509_data): """ The `issuer` parameter to `X509Extension` may be provided for an extension which does not use it and is ignored in this case. """ pkey, x509 = x509_data ext1 = X509Extension( b'basicConstraints', False, b'CA:TRUE', issuer=x509) x509.add_extensions([ext1]) x509.sign(pkey, 'sha1') text = dump_certificate(FILETYPE_TEXT, x509) assert b'X509v3 Basic Constraints:' in text assert b'CA:TRUE' in text
def test_issuer(self, x509_data): """ If an extension requires an issuer, the `issuer` parameter to `X509Extension` provides its value. """ pkey, x509 = x509_data ext2 = X509Extension( b'authorityKeyIdentifier', False, b'issuer:always', issuer=x509) x509.add_extensions([ext2]) x509.sign(pkey, 'sha1') text = dump_certificate(FILETYPE_TEXT, x509) assert b'X509v3 Authority Key Identifier:' in text assert b'DirName:/CN=Yoda root CA' in text
def test_invalid_type(self): """ load_publickey doesn't support FILETYPE_TEXT. """ with pytest.raises(ValueError): load_publickey(FILETYPE_TEXT, cleartextPublicKeyPEM)
def test_dump_privatekey_invalid_pkey(self): with pytest.raises(TypeError): dump_privatekey(FILETYPE_TEXT, object())
def test_dump_certificate(self): """ `dump_certificate` writes PEM, DER, and text. """ pemData = cleartextCertificatePEM + cleartextPrivateKeyPEM cert = load_certificate(FILETYPE_PEM, pemData) dumped_pem = dump_certificate(FILETYPE_PEM, cert) assert dumped_pem == cleartextCertificatePEM dumped_der = dump_certificate(FILETYPE_ASN1, cert) good_der = _runopenssl(dumped_pem, b"x509", b"-outform", b"DER") assert dumped_der == good_der cert2 = load_certificate(FILETYPE_ASN1, dumped_der) dumped_pem2 = dump_certificate(FILETYPE_PEM, cert2) assert dumped_pem2 == cleartextCertificatePEM dumped_text = dump_certificate(FILETYPE_TEXT, cert) good_text = _runopenssl( dumped_pem, b"x509", b"-noout", b"-text", b"-nameopt", b"") assert dumped_text == good_text
def test_dump_privatekey_text(self): """ `dump_privatekey` writes a text """ key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM) dumped_pem = dump_privatekey(FILETYPE_PEM, key) dumped_text = dump_privatekey(FILETYPE_TEXT, key) good_text = _runopenssl(dumped_pem, b"rsa", b"-noout", b"-text") assert dumped_text == good_text
def test_dump_publickey_invalid_type(self): """ dump_publickey doesn't support FILETYPE_TEXT. """ key = load_publickey(FILETYPE_PEM, cleartextPublicKeyPEM) with pytest.raises(ValueError): dump_publickey(FILETYPE_TEXT, key)
def test_dump_certificate_request(self): """ `dump_certificate_request` writes a PEM, DER, and text. """ req = load_certificate_request( FILETYPE_PEM, cleartextCertificateRequestPEM) dumped_pem = dump_certificate_request(FILETYPE_PEM, req) assert dumped_pem == cleartextCertificateRequestPEM dumped_der = dump_certificate_request(FILETYPE_ASN1, req) good_der = _runopenssl(dumped_pem, b"req", b"-outform", b"DER") assert dumped_der == good_der req2 = load_certificate_request(FILETYPE_ASN1, dumped_der) dumped_pem2 = dump_certificate_request(FILETYPE_PEM, req2) assert dumped_pem2 == cleartextCertificateRequestPEM dumped_text = dump_certificate_request(FILETYPE_TEXT, req) good_text = _runopenssl( dumped_pem, b"req", b"-noout", b"-text", b"-nameopt", b"") assert dumped_text == good_text with pytest.raises(ValueError): dump_certificate_request(100, req)
def test_export_unknown_filetype(self): """ Calling `OpenSSL.CRL.export` with a file type other than `FILETYPE_PEM`, `FILETYPE_ASN1`, or `FILETYPE_TEXT` results in a `ValueError` being raised. """ crl = CRL() with pytest.raises(ValueError): crl.export(self.cert, self.pkey, 100, 10, digest=b"sha256")
def test_unused_subject(self): """ The :py:data:`subject` parameter to :py:class:`X509Extension` may be provided for an extension which does not use it and is ignored in this case. """ ext1 = X509Extension( b('basicConstraints'), False, b('CA:TRUE'), subject=self.x509) self.x509.add_extensions([ext1]) self.x509.sign(self.pkey, 'sha1') # This is a little lame. Can we think of a better way? text = dump_certificate(FILETYPE_TEXT, self.x509) self.assertTrue(b('X509v3 Basic Constraints:') in text) self.assertTrue(b('CA:TRUE') in text)
def test_subject(self): """ If an extension requires a subject, the :py:data:`subject` parameter to :py:class:`X509Extension` provides its value. """ ext3 = X509Extension( b('subjectKeyIdentifier'), False, b('hash'), subject=self.x509) self.x509.add_extensions([ext3]) self.x509.sign(self.pkey, 'sha1') text = dump_certificate(FILETYPE_TEXT, self.x509) self.assertTrue(b('X509v3 Subject Key Identifier:') in text)
def test_unused_issuer(self): """ The :py:data:`issuer` parameter to :py:class:`X509Extension` may be provided for an extension which does not use it and is ignored in this case. """ ext1 = X509Extension( b('basicConstraints'), False, b('CA:TRUE'), issuer=self.x509) self.x509.add_extensions([ext1]) self.x509.sign(self.pkey, 'sha1') text = dump_certificate(FILETYPE_TEXT, self.x509) self.assertTrue(b('X509v3 Basic Constraints:') in text) self.assertTrue(b('CA:TRUE') in text)
def test_issuer(self): """ If an extension requires an issuer, the :py:data:`issuer` parameter to :py:class:`X509Extension` provides its value. """ ext2 = X509Extension( b('authorityKeyIdentifier'), False, b('issuer:always'), issuer=self.x509) self.x509.add_extensions([ext2]) self.x509.sign(self.pkey, 'sha1') text = dump_certificate(FILETYPE_TEXT, self.x509) self.assertTrue(b('X509v3 Authority Key Identifier:') in text) self.assertTrue(b('DirName:/CN=Yoda root CA') in text)
def test_export_unknown_filetype(self): """ Calling :py:obj:`OpenSSL.CRL.export` with a file type other than :py:obj:`FILETYPE_PEM`, :py:obj:`FILETYPE_ASN1`, or :py:obj:`FILETYPE_TEXT` results in a :py:obj:`ValueError` being raised. """ crl = CRL() self.assertRaises(ValueError, crl.export, self.cert, self.pkey, 100, 10)
def test_unused_subject(self): """ The C{subject} parameter to L{X509Extension} may be provided for an extension which does not use it and is ignored in this case. """ ext1 = X509Extension( b('basicConstraints'), False, b('CA:TRUE'), subject=self.x509) self.x509.add_extensions([ext1]) self.x509.sign(self.pkey, 'sha1') # This is a little lame. Can we think of a better way? text = dump_certificate(FILETYPE_TEXT, self.x509) self.assertTrue(b('X509v3 Basic Constraints:') in text) self.assertTrue(b('CA:TRUE') in text)
def test_subject(self): """ If an extension requires a subject, the C{subject} parameter to L{X509Extension} provides its value. """ ext3 = X509Extension( b('subjectKeyIdentifier'), False, b('hash'), subject=self.x509) self.x509.add_extensions([ext3]) self.x509.sign(self.pkey, 'sha1') text = dump_certificate(FILETYPE_TEXT, self.x509) self.assertTrue(b('X509v3 Subject Key Identifier:') in text)
def test_issuer(self): """ If an extension requires a issuer, the C{issuer} parameter to L{X509Extension} provides its value. """ ext2 = X509Extension( b('authorityKeyIdentifier'), False, b('issuer:always'), issuer=self.x509) self.x509.add_extensions([ext2]) self.x509.sign(self.pkey, 'sha1') text = dump_certificate(FILETYPE_TEXT, self.x509) self.assertTrue(b('X509v3 Authority Key Identifier:') in text) self.assertTrue(b('DirName:/CN=Yoda root CA') in text)
def test_export(self): """ Use python to create a simple CRL with a revocation, and export the CRL in formats of PEM, DER and text. Those outputs are verified with the openssl program. """ crl = CRL() revoked = Revoked() now = b(datetime.now().strftime("%Y%m%d%H%M%SZ")) revoked.set_rev_date(now) revoked.set_serial(b('3ab')) revoked.set_reason(b('sUpErSeDEd')) crl.add_revoked(revoked) # PEM format dumped_crl = crl.export(self.cert, self.pkey, days=20) text = _runopenssl(dumped_crl, "crl", "-noout", "-text") text.index(b('Serial Number: 03AB')) text.index(b('Superseded')) text.index(b('Issuer: /C=US/ST=IL/L=Chicago/O=Testing/CN=Testing Root CA')) # DER format dumped_crl = crl.export(self.cert, self.pkey, FILETYPE_ASN1) text = _runopenssl(dumped_crl, "crl", "-noout", "-text", "-inform", "DER") text.index(b('Serial Number: 03AB')) text.index(b('Superseded')) text.index(b('Issuer: /C=US/ST=IL/L=Chicago/O=Testing/CN=Testing Root CA')) # text format dumped_text = crl.export(self.cert, self.pkey, type=FILETYPE_TEXT) self.assertEqual(text, dumped_text)
def le_cert_p12(self, caminho, senha): p12 = load_pkcs12(open(caminho, 'rb').read(), senha) return dump_certificate(FILETYPE_TEXT, p12.get_certificate()).decode()
