utils.py 文件源码

python
阅读 25 收藏 0 点赞 0 评论 0

项目:options-screener 作者: dcwangmit01 项目源码 文件源码
def self_signed_cert_gen(
            key_type=crypto.TYPE_RSA,
            key_bits=4096,
            country="US",
            state_province="California",
            locality="San Francisco",
            org="Your Company",
            org_unit="Team",
            common_name="www.domain.com",
            subject_alt_names=[],  # alternative dns names as list
            # ^ must look like: ["DNS:*.domain.com", "DNS:domain.ym"]
            validity_days=10 * 365):

        # Create a key pair
        k = crypto.PKey()
        k.generate_key(key_type, key_bits)

        # Create a self-signed cert
        cert = crypto.X509()
        cert.get_subject().C = country
        cert.get_subject().ST = state_province
        cert.get_subject().L = locality
        cert.get_subject().O = org
        cert.get_subject().OU = org_unit
        cert.get_subject().CN = common_name
        if subject_alt_names:
            subject_alt_names = ", ".join(subject_alt_names).encode("utf-8")
            cert.add_extensions([
                crypto.X509Extension("subjectAltName".encode("utf-8"), False,
                                     subject_alt_names)
            ])
        cert.set_serial_number(random.getrandbits(64))
        cert.gmtime_adj_notBefore(0)
        cert.gmtime_adj_notAfter(validity_days * 24 * 60 * 60)
        cert.set_issuer(cert.get_subject())  # self-signer
        cert.set_pubkey(k)
        cert.sign(k, 'sha1')

        # return a tuple of the private key and the self-signed cert
        return (crypto.dump_privatekey(crypto.FILETYPE_PEM, k),
                crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
评论列表
文章目录


问题


面经


文章

微信
公众号

扫码关注公众号