Kezdőlap Felfedezés Súgó
Bejelentkezés
panwang
/
exporter-ex
1
0
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Fa: a424e1f58a
Branch-ok Tag-ek
exporter-ex
/
venv
/
lib
/
python3.7
/
site-packages
/
cryptography
/
hazmat
/
primitives
/
serialization
/
pkcs12.py

pkcs12.py 2.2 KB
Előzmények Nyers

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. # This file is dual licensed under the terms of the Apache License, Version
    2. 

  2. # 2.0, and the BSD License. See the LICENSE file in the root of this repository
    3. 

  3. # for complete details.
    4. 

  4. 

  5. import typing
    6. 

  6. 

  7. from cryptography import x509
    8. 

  8. from cryptography.hazmat.backends import _get_backend
    9. 

  9. from cryptography.hazmat.primitives import serialization
    10. 

  10. from cryptography.hazmat.primitives.asymmetric import dsa, ec, rsa
    11. 

  11. 

  12. 

  13. _ALLOWED_PKCS12_TYPES = typing.Union[
    14. 

  14.     rsa.RSAPrivateKey,
    15. 

  15.     dsa.DSAPrivateKey,
    16. 

  16.     ec.EllipticCurvePrivateKey,
    17. 

  17. ]
    18. 

  18. 

  19. 

  20. def load_key_and_certificates(
    21. 

  21.     data: bytes, password: typing.Optional[bytes], backend=None
    22. 

  22. ) -> typing.Tuple[
    23. 

  23.     typing.Optional[_ALLOWED_PKCS12_TYPES],
    24. 

  24.     typing.Optional[x509.Certificate],
    25. 

  25.     typing.List[x509.Certificate],
    26. 

  26. ]:
    27. 

  27.     backend = _get_backend(backend)
    28. 

  28.     return backend.load_key_and_certificates_from_pkcs12(data, password)
    29. 

  29. 

  30. 

  31. def serialize_key_and_certificates(
    32. 

  32.     name: typing.Optional[bytes],
    33. 

  33.     key: typing.Optional[_ALLOWED_PKCS12_TYPES],
    34. 

  34.     cert: typing.Optional[x509.Certificate],
    35. 

  35.     cas: typing.Optional[typing.Iterable[x509.Certificate]],
    36. 

  36.     encryption_algorithm: serialization.KeySerializationEncryption,
    37. 

  37. ) -> bytes:
    38. 

  38.     if key is not None and not isinstance(
    39. 

  39.         key,
    40. 

  40.         (
    41. 

  41.             rsa.RSAPrivateKey,
    42. 

  42.             dsa.DSAPrivateKey,
    43. 

  43.             ec.EllipticCurvePrivateKey,
    44. 

  44.         ),
    45. 

  45.     ):
    46. 

  46.         raise TypeError("Key must be RSA, DSA, or EllipticCurve private key.")
    47. 

  47.     if cert is not None and not isinstance(cert, x509.Certificate):
    48. 

  48.         raise TypeError("cert must be a certificate")
    49. 

  49. 

  50.     if cas is not None:
    51. 

  51.         cas = list(cas)
    52. 

  52.         if not all(isinstance(val, x509.Certificate) for val in cas):
    53. 

  53.             raise TypeError("all values in cas must be certificates")
    54. 

  54. 

  55.     if not isinstance(
    56. 

  56.         encryption_algorithm, serialization.KeySerializationEncryption
    57. 

  57.     ):
    58. 

  58.         raise TypeError(
    59. 

  59.             "Key encryption algorithm must be a "
    60. 

  60.             "KeySerializationEncryption instance"
    61. 

  61.         )
    62. 

  62. 

  63.     if key is None and cert is None and not cas:
    64. 

  64.         raise ValueError("You must supply at least one of key, cert, or cas")
    65. 

  65. 

  66.     backend = _get_backend(None)
    67. 

  67.     return backend.serialize_key_and_certificates_to_pkcs12(
    68. 

  68.         name, key, cert, cas, encryption_algorithm
    69. 

  69.     )
    70.