Sign CSR
This commit is contained in:
parent
426c25fce5
commit
c5c11970a1
@ -11,4 +11,5 @@ args = parser.parse_args()
|
|||||||
|
|
||||||
args.secure_origin_path = os.path.join(args.storage, "SECURE_ORIGIN")
|
args.secure_origin_path = os.path.join(args.storage, "SECURE_ORIGIN")
|
||||||
args.root_ca_path = os.path.join(args.storage, "root_ca.pem")
|
args.root_ca_path = os.path.join(args.storage, "root_ca.pem")
|
||||||
args.dev_priv_key = os.path.join(args.storage, "dev.key")
|
args.dev_priv_key_path = os.path.join(args.storage, "dev.key")
|
||||||
|
args.dev_csr_path = os.path.join(args.storage, "dev.csr")
|
@ -1,6 +1,7 @@
|
|||||||
from src.args import args
|
from src.args import args
|
||||||
import src.api as api
|
import src.api as api
|
||||||
import src.pki as pki
|
import src.pki as pki
|
||||||
|
import src.utils as utils
|
||||||
import os
|
import os
|
||||||
|
|
||||||
print("Check storage")
|
print("Check storage")
|
||||||
@ -28,8 +29,17 @@ if not os.path.isfile(args.root_ca_path):
|
|||||||
f.write(origin)
|
f.write(origin)
|
||||||
|
|
||||||
print("Check private key")
|
print("Check private key")
|
||||||
if not os.path.isfile(args.dev_priv_key):
|
if not os.path.isfile(args.dev_priv_key_path):
|
||||||
print("Generate private key...")
|
print("Generate private key...")
|
||||||
key = pki.gen_priv_key()
|
key = pki.gen_priv_key()
|
||||||
with open(args.dev_priv_key, "w") as f:
|
with open(args.dev_priv_key_path, "w") as f:
|
||||||
f.write(key)
|
f.write(key)
|
||||||
|
|
||||||
|
print("Check CSR")
|
||||||
|
if not os.path.isfile(args.dev_csr_path):
|
||||||
|
print("Generate CSR...")
|
||||||
|
with open(args.dev_priv_key_path, "r") as f:
|
||||||
|
priv_key = "".join(f.readlines())
|
||||||
|
csr = pki.gen_csr(priv_key=priv_key, cn=f"PyDev {utils.rand_str(10)}")
|
||||||
|
with open(args.dev_csr_path, "w") as f:
|
||||||
|
f.write(csr)
|
||||||
|
@ -3,4 +3,17 @@ from OpenSSL import crypto
|
|||||||
def gen_priv_key():
|
def gen_priv_key():
|
||||||
key = crypto.PKey()
|
key = crypto.PKey()
|
||||||
key.generate_key(crypto.TYPE_RSA, 2048)
|
key.generate_key(crypto.TYPE_RSA, 2048)
|
||||||
return crypto.dump_privatekey(crypto.FILETYPE_PEM, key).decode("utf-8")
|
return crypto.dump_privatekey(crypto.FILETYPE_PEM, key).decode("utf-8")
|
||||||
|
|
||||||
|
def parse_priv_key(priv_key: str) -> crypto.PKey:
|
||||||
|
return crypto.load_privatekey(crypto.FILETYPE_PEM, priv_key)
|
||||||
|
|
||||||
|
def gen_csr(priv_key: str, cn: str) -> str:
|
||||||
|
priv_key = parse_priv_key(priv_key)
|
||||||
|
|
||||||
|
req = crypto.X509Req()
|
||||||
|
req.get_subject().CN = cn
|
||||||
|
req.set_pubkey(priv_key)
|
||||||
|
req.sign(priv_key, "sha256")
|
||||||
|
|
||||||
|
return crypto.dump_certificate_request(crypto.FILETYPE_PEM, req).decode("utf-8")
|
||||||
|
5
python_device/src/utils.py
Normal file
5
python_device/src/utils.py
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
import string
|
||||||
|
import random
|
||||||
|
|
||||||
|
def rand_str(len: int) -> str:
|
||||||
|
return ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(len))
|
Loading…
Reference in New Issue
Block a user