python3++
This commit is contained in:
parent
7b6b157547
commit
d1904c2f52
|
@ -12,7 +12,7 @@ import OpenSSL
|
|||
|
||||
DEFAULT_EXP = 157680000 # = 24 * 60 * 60 * 365 * 5
|
||||
# Generated with "openssl dhparam". It's too slow to generate this on startup.
|
||||
DEFAULT_DHPARAM = """
|
||||
DEFAULT_DHPARAM = b"""
|
||||
-----BEGIN DH PARAMETERS-----
|
||||
MIICCAKCAgEAyT6LzpwVFS3gryIo29J5icvgxCnCebcdSe/NHMkD8dKJf8suFCg3
|
||||
O2+dguLakSVif/t6dhImxInJk230HmfC8q93hdcg/j8rLGJYDKu3ik6H//BAHKIv
|
||||
|
@ -43,29 +43,29 @@ def create_ca(o, cn, exp):
|
|||
cert.set_pubkey(key)
|
||||
cert.add_extensions([
|
||||
OpenSSL.crypto.X509Extension(
|
||||
"basicConstraints",
|
||||
b"basicConstraints",
|
||||
True,
|
||||
"CA:TRUE"
|
||||
b"CA:TRUE"
|
||||
),
|
||||
OpenSSL.crypto.X509Extension(
|
||||
"nsCertType",
|
||||
b"nsCertType",
|
||||
False,
|
||||
"sslCA"
|
||||
b"sslCA"
|
||||
),
|
||||
OpenSSL.crypto.X509Extension(
|
||||
"extendedKeyUsage",
|
||||
b"extendedKeyUsage",
|
||||
False,
|
||||
"serverAuth,clientAuth,emailProtection,timeStamping,msCodeInd,msCodeCom,msCTLSign,msSGC,msEFS,nsSGC"
|
||||
b"serverAuth,clientAuth,emailProtection,timeStamping,msCodeInd,msCodeCom,msCTLSign,msSGC,msEFS,nsSGC"
|
||||
),
|
||||
OpenSSL.crypto.X509Extension(
|
||||
"keyUsage",
|
||||
b"keyUsage",
|
||||
True,
|
||||
"keyCertSign, cRLSign"
|
||||
b"keyCertSign, cRLSign"
|
||||
),
|
||||
OpenSSL.crypto.X509Extension(
|
||||
"subjectKeyIdentifier",
|
||||
b"subjectKeyIdentifier",
|
||||
False,
|
||||
"hash",
|
||||
b"hash",
|
||||
subject=cert
|
||||
),
|
||||
])
|
||||
|
@ -103,7 +103,7 @@ def dummy_cert(privkey, cacert, commonname, sans):
|
|||
if ss:
|
||||
cert.set_version(2)
|
||||
cert.add_extensions(
|
||||
[OpenSSL.crypto.X509Extension("subjectAltName", False, ss)])
|
||||
[OpenSSL.crypto.X509Extension(b"subjectAltName", False, ss)])
|
||||
cert.set_pubkey(cacert.get_pubkey())
|
||||
cert.sign(privkey, "sha256")
|
||||
return SSLCert(cert)
|
||||
|
@ -291,14 +291,14 @@ class CertStore(object):
|
|||
|
||||
@staticmethod
|
||||
def asterisk_forms(dn):
|
||||
parts = dn.split(".")
|
||||
parts = dn.split(b".")
|
||||
parts.reverse()
|
||||
curr_dn = ""
|
||||
dn_forms = ["*"]
|
||||
curr_dn = b""
|
||||
dn_forms = [b"*"]
|
||||
for part in parts[:-1]:
|
||||
curr_dn = "." + part + curr_dn # .example.com
|
||||
dn_forms.append("*" + curr_dn) # *.example.com
|
||||
if parts[-1] != "*":
|
||||
curr_dn = b"." + part + curr_dn # .example.com
|
||||
dn_forms.append(b"*" + curr_dn) # *.example.com
|
||||
if parts[-1] != b"*":
|
||||
dn_forms.append(parts[-1] + curr_dn)
|
||||
return dn_forms
|
||||
|
||||
|
@ -430,7 +430,7 @@ class SSLCert(object):
|
|||
def cn(self):
|
||||
c = None
|
||||
for i in self.subject:
|
||||
if i[0] == "CN":
|
||||
if i[0] == b"CN":
|
||||
c = i[1]
|
||||
return c
|
||||
|
||||
|
@ -439,7 +439,7 @@ class SSLCert(object):
|
|||
altnames = []
|
||||
for i in range(self.x509.get_extension_count()):
|
||||
ext = self.x509.get_extension(i)
|
||||
if ext.get_short_name() == "subjectAltName":
|
||||
if ext.get_short_name() == b"subjectAltName":
|
||||
try:
|
||||
dec = decode(ext.get_data(), asn1Spec=_GeneralNames())
|
||||
except PyAsn1Error:
|
||||
|
|
Loading…
Reference in New Issue