Sign CSR
This commit is contained in:
parent
426c25fce5
commit
c5c11970a1
@ -11,4 +11,5 @@ args = parser.parse_args()
|
||||
|
||||
args.secure_origin_path = os.path.join(args.storage, "SECURE_ORIGIN")
|
||||
args.root_ca_path = os.path.join(args.storage, "root_ca.pem")
|
||||
args.dev_priv_key = os.path.join(args.storage, "dev.key")
|
||||
args.dev_priv_key_path = os.path.join(args.storage, "dev.key")
|
||||
args.dev_csr_path = os.path.join(args.storage, "dev.csr")
|
@ -1,6 +1,7 @@
|
||||
from src.args import args
|
||||
import src.api as api
|
||||
import src.pki as pki
|
||||
import src.utils as utils
|
||||
import os
|
||||
|
||||
print("Check storage")
|
||||
@ -28,8 +29,17 @@ if not os.path.isfile(args.root_ca_path):
|
||||
f.write(origin)
|
||||
|
||||
print("Check private key")
|
||||
if not os.path.isfile(args.dev_priv_key):
|
||||
if not os.path.isfile(args.dev_priv_key_path):
|
||||
print("Generate private key...")
|
||||
key = pki.gen_priv_key()
|
||||
with open(args.dev_priv_key, "w") as f:
|
||||
with open(args.dev_priv_key_path, "w") as f:
|
||||
f.write(key)
|
||||
|
||||
print("Check CSR")
|
||||
if not os.path.isfile(args.dev_csr_path):
|
||||
print("Generate CSR...")
|
||||
with open(args.dev_priv_key_path, "r") as f:
|
||||
priv_key = "".join(f.readlines())
|
||||
csr = pki.gen_csr(priv_key=priv_key, cn=f"PyDev {utils.rand_str(10)}")
|
||||
with open(args.dev_csr_path, "w") as f:
|
||||
f.write(csr)
|
||||
|
@ -4,3 +4,16 @@ def gen_priv_key():
|
||||
key = crypto.PKey()
|
||||
key.generate_key(crypto.TYPE_RSA, 2048)
|
||||
return crypto.dump_privatekey(crypto.FILETYPE_PEM, key).decode("utf-8")
|
||||
|
||||
def parse_priv_key(priv_key: str) -> crypto.PKey:
|
||||
return crypto.load_privatekey(crypto.FILETYPE_PEM, priv_key)
|
||||
|
||||
def gen_csr(priv_key: str, cn: str) -> str:
|
||||
priv_key = parse_priv_key(priv_key)
|
||||
|
||||
req = crypto.X509Req()
|
||||
req.get_subject().CN = cn
|
||||
req.set_pubkey(priv_key)
|
||||
req.sign(priv_key, "sha256")
|
||||
|
||||
return crypto.dump_certificate_request(crypto.FILETYPE_PEM, req).decode("utf-8")
|
||||
|
5
python_device/src/utils.py
Normal file
5
python_device/src/utils.py
Normal file
@ -0,0 +1,5 @@
|
||||
import string
|
||||
import random
|
||||
|
||||
def rand_str(len: int) -> str:
|
||||
return ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(len))
|
Loading…
Reference in New Issue
Block a user