This commit is contained in:
Pierre HUBERT 2024-06-30 10:14:42 +02:00
parent 426c25fce5
commit c5c11970a1
4 changed files with 33 additions and 4 deletions

View File

@ -11,4 +11,5 @@ args = parser.parse_args()
args.secure_origin_path = os.path.join(args.storage, "SECURE_ORIGIN") args.secure_origin_path = os.path.join(args.storage, "SECURE_ORIGIN")
args.root_ca_path = os.path.join(args.storage, "root_ca.pem") args.root_ca_path = os.path.join(args.storage, "root_ca.pem")
args.dev_priv_key = os.path.join(args.storage, "dev.key") args.dev_priv_key_path = os.path.join(args.storage, "dev.key")
args.dev_csr_path = os.path.join(args.storage, "dev.csr")

View File

@ -1,6 +1,7 @@
from src.args import args from src.args import args
import src.api as api import src.api as api
import src.pki as pki import src.pki as pki
import src.utils as utils
import os import os
print("Check storage") print("Check storage")
@ -28,8 +29,17 @@ if not os.path.isfile(args.root_ca_path):
f.write(origin) f.write(origin)
print("Check private key") print("Check private key")
if not os.path.isfile(args.dev_priv_key): if not os.path.isfile(args.dev_priv_key_path):
print("Generate private key...") print("Generate private key...")
key = pki.gen_priv_key() key = pki.gen_priv_key()
with open(args.dev_priv_key, "w") as f: with open(args.dev_priv_key_path, "w") as f:
f.write(key) f.write(key)
print("Check CSR")
if not os.path.isfile(args.dev_csr_path):
print("Generate CSR...")
with open(args.dev_priv_key_path, "r") as f:
priv_key = "".join(f.readlines())
csr = pki.gen_csr(priv_key=priv_key, cn=f"PyDev {utils.rand_str(10)}")
with open(args.dev_csr_path, "w") as f:
f.write(csr)

View File

@ -3,4 +3,17 @@ from OpenSSL import crypto
def gen_priv_key(): def gen_priv_key():
key = crypto.PKey() key = crypto.PKey()
key.generate_key(crypto.TYPE_RSA, 2048) key.generate_key(crypto.TYPE_RSA, 2048)
return crypto.dump_privatekey(crypto.FILETYPE_PEM, key).decode("utf-8") return crypto.dump_privatekey(crypto.FILETYPE_PEM, key).decode("utf-8")
def parse_priv_key(priv_key: str) -> crypto.PKey:
return crypto.load_privatekey(crypto.FILETYPE_PEM, priv_key)
def gen_csr(priv_key: str, cn: str) -> str:
priv_key = parse_priv_key(priv_key)
req = crypto.X509Req()
req.get_subject().CN = cn
req.set_pubkey(priv_key)
req.sign(priv_key, "sha256")
return crypto.dump_certificate_request(crypto.FILETYPE_PEM, req).decode("utf-8")

View File

@ -0,0 +1,5 @@
import string
import random
def rand_str(len: int) -> str:
return ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(len))