python3++

This commit is contained in:
Maximilian Hils 2015-09-18 15:38:31 +02:00
parent 7b6b157547
commit d1904c2f52
1 changed files with 20 additions and 20 deletions

View File

@ -12,7 +12,7 @@ import OpenSSL
DEFAULT_EXP = 157680000 # = 24 * 60 * 60 * 365 * 5
# Generated with "openssl dhparam". It's too slow to generate this on startup.
DEFAULT_DHPARAM = """
DEFAULT_DHPARAM = b"""
-----BEGIN DH PARAMETERS-----
MIICCAKCAgEAyT6LzpwVFS3gryIo29J5icvgxCnCebcdSe/NHMkD8dKJf8suFCg3
O2+dguLakSVif/t6dhImxInJk230HmfC8q93hdcg/j8rLGJYDKu3ik6H//BAHKIv
@ -43,29 +43,29 @@ def create_ca(o, cn, exp):
cert.set_pubkey(key)
cert.add_extensions([
OpenSSL.crypto.X509Extension(
"basicConstraints",
b"basicConstraints",
True,
"CA:TRUE"
b"CA:TRUE"
),
OpenSSL.crypto.X509Extension(
"nsCertType",
b"nsCertType",
False,
"sslCA"
b"sslCA"
),
OpenSSL.crypto.X509Extension(
"extendedKeyUsage",
b"extendedKeyUsage",
False,
"serverAuth,clientAuth,emailProtection,timeStamping,msCodeInd,msCodeCom,msCTLSign,msSGC,msEFS,nsSGC"
b"serverAuth,clientAuth,emailProtection,timeStamping,msCodeInd,msCodeCom,msCTLSign,msSGC,msEFS,nsSGC"
),
OpenSSL.crypto.X509Extension(
"keyUsage",
b"keyUsage",
True,
"keyCertSign, cRLSign"
b"keyCertSign, cRLSign"
),
OpenSSL.crypto.X509Extension(
"subjectKeyIdentifier",
b"subjectKeyIdentifier",
False,
"hash",
b"hash",
subject=cert
),
])
@ -103,7 +103,7 @@ def dummy_cert(privkey, cacert, commonname, sans):
if ss:
cert.set_version(2)
cert.add_extensions(
[OpenSSL.crypto.X509Extension("subjectAltName", False, ss)])
[OpenSSL.crypto.X509Extension(b"subjectAltName", False, ss)])
cert.set_pubkey(cacert.get_pubkey())
cert.sign(privkey, "sha256")
return SSLCert(cert)
@ -291,14 +291,14 @@ class CertStore(object):
@staticmethod
def asterisk_forms(dn):
parts = dn.split(".")
parts = dn.split(b".")
parts.reverse()
curr_dn = ""
dn_forms = ["*"]
curr_dn = b""
dn_forms = [b"*"]
for part in parts[:-1]:
curr_dn = "." + part + curr_dn # .example.com
dn_forms.append("*" + curr_dn) # *.example.com
if parts[-1] != "*":
curr_dn = b"." + part + curr_dn # .example.com
dn_forms.append(b"*" + curr_dn) # *.example.com
if parts[-1] != b"*":
dn_forms.append(parts[-1] + curr_dn)
return dn_forms
@ -430,7 +430,7 @@ class SSLCert(object):
def cn(self):
c = None
for i in self.subject:
if i[0] == "CN":
if i[0] == b"CN":
c = i[1]
return c
@ -439,7 +439,7 @@ class SSLCert(object):
altnames = []
for i in range(self.x509.get_extension_count()):
ext = self.x509.get_extension(i)
if ext.get_short_name() == "subjectAltName":
if ext.get_short_name() == b"subjectAltName":
try:
dec = decode(ext.get_data(), asn1Spec=_GeneralNames())
except PyAsn1Error: