Python cryptography.x509.oid.NameOID.STATE_OR_PROVINCE_NAME Examples
The following are 14
code examples of cryptography.x509.oid.NameOID.STATE_OR_PROVINCE_NAME().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
cryptography.x509.oid.NameOID
, or try the search function
.
.
Example #1
| Source File: test_mdmcert.py From commandment with MIT License | 6 votes |
|
def csr(private_key: rsa.RSAPrivateKey) -> x509.CertificateSigningRequest:
b = x509.CertificateSigningRequestBuilder()
req = b.subject_name(x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Commandment"),
x509.NameAttribute(NameOID.COMMON_NAME, u"Commandment"),
])).sign(private_key, hashes.SHA256(), default_backend())
return req
Example #2
| Source File: conftest.py From commandment with MIT License | 6 votes |
|
def certificate(private_key: rsa.RSAPrivateKey) -> x509.Certificate:
b = x509.CertificateBuilder()
name = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Commandment"),
x509.NameAttribute(NameOID.COMMON_NAME, u"CA-CERTIFICATE"),
])
cer = b.subject_name(name).issuer_name(name).public_key(
private_key.public_key()
).serial_number(1).not_valid_before(
datetime.datetime.utcnow()
).not_valid_after(
datetime.datetime.utcnow() + datetime.timedelta(days=10)
).add_extension(
x509.BasicConstraints(ca=False, path_length=None), True
).sign(private_key, hashes.SHA256(), default_backend())
return cer
Example #3
| Source File: conftest.py From commandment with MIT License | 6 votes |
|
def ca_certificate(private_key: rsa.RSAPrivateKey) -> x509.Certificate:
b = x509.CertificateBuilder()
name = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Commandment"),
x509.NameAttribute(NameOID.COMMON_NAME, u"CA-CERTIFICATE"),
])
cert = b.serial_number(1).issuer_name(
name
).subject_name(
name
).public_key(
private_key.public_key()
).not_valid_before(
datetime.datetime.utcnow()
).not_valid_after(
datetime.datetime.utcnow() + datetime.timedelta(days=10)
).add_extension(
x509.BasicConstraints(ca=True, path_length=None), True
).sign(private_key, hashes.SHA256(), default_backend())
return cert
Example #4
| Source File: sslutils.py From rpaas with BSD 3-Clause "New" or "Revised" License | 6 votes |
|
def generate_csr(key, domainname):
private_key = serialization.load_pem_private_key(key, password=None,
backend=default_backend())
csr = x509.CertificateSigningRequestBuilder().subject_name(x509.Name([
# Provide various details about who we are.
x509.NameAttribute(NameOID.COUNTRY_NAME, u"BR"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"RJ"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"Rio de Janeiro"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"globo.com"),
x509.NameAttribute(NameOID.COMMON_NAME, domainname),
])).add_extension(
x509.SubjectAlternativeName([x509.DNSName(domainname)]),
critical=False,
).sign(private_key, hashes.SHA256(), default_backend())
return csr.public_bytes(serialization.Encoding.PEM)
Example #5
| Source File: __init__.py From lokey with GNU General Public License v3.0 | 5 votes |
|
def serialize(self,
# password=None,
country=u"US",
state=u"CA",
city=u"San Francisco",
company=u"Lokey Examle",
common_name=u"example.com"):
# This should be handled already
# if not password:
# password = None
key = serialization.load_pem_private_key(
self.to('pem'),
password=None,
backend=default_backend())
subject = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, country),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, state),
x509.NameAttribute(NameOID.LOCALITY_NAME, city),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, company),
x509.NameAttribute(NameOID.COMMON_NAME, common_name),
])
cert = x509.CertificateSigningRequestBuilder().subject_name(
subject
).sign(key, hashes.SHA256(), default_backend())
return cert.public_bytes(serialization.Encoding.PEM)
Example #6
| Source File: conftest.py From commandment with MIT License | 5 votes |
|
def csr(private_key: rsa.RSAPrivateKey) -> x509.CertificateSigningRequest:
b = x509.CertificateSigningRequestBuilder()
req = b.subject_name(x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Commandment"),
x509.NameAttribute(NameOID.COMMON_NAME, u"Commandment"),
])).sign(private_key, hashes.SHA256(), default_backend())
return req
Example #7
| Source File: certificatemanager.py From confidant with Apache License 2.0 | 5 votes |
|
def generate_x509_name(self, cn):
"""
For the given common name string, generate and return an x509.Name, with
attributes configured in the settings.
"""
name_attributes = [
x509.NameAttribute(NameOID.COMMON_NAME, cn),
]
if self.settings['csr_country_name']:
name_attributes.append(
x509.NameAttribute(
NameOID.COUNTRY_NAME,
self.settings['csr_country_name'],
)
)
if self.settings['csr_state_or_province_name']:
name_attributes.append(
x509.NameAttribute(
NameOID.STATE_OR_PROVINCE_NAME,
self.settings['csr_state_or_province_name'],
)
)
if self.settings['csr_locality_name']:
name_attributes.append(
x509.NameAttribute(
NameOID.LOCALITY_NAME,
self.settings['csr_locality_name'],
)
)
if self.settings['csr_organization_name']:
name_attributes.append(
x509.NameAttribute(
NameOID.ORGANIZATION_NAME,
self.settings['csr_organization_name'],
)
)
return x509.Name(name_attributes)
Example #8
| Source File: __init__.py From agent with MIT License | 5 votes |
|
def generate_cert(device_id):
private_key = ec.generate_private_key(
ec.SECP256R1(), default_backend()
)
builder = x509.CertificateSigningRequestBuilder()
builder = builder.subject_name(x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, u'{}'.format(device_id)),
x509.NameAttribute(NameOID.COUNTRY_NAME, u'UK'),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u'London'),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u'Web of Trusted Things, Ltd'),
]))
builder = builder.add_extension(
x509.SubjectAlternativeName(
[x509.DNSName(u'{}'.format(device_id))]
),
critical=False
)
csr = builder.sign(private_key, hashes.SHA256(), default_backend())
serialized_private_key = private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=serialization.NoEncryption(),
)
serialized_csr = csr.public_bytes(serialization.Encoding.PEM)
return {
'csr': serialized_csr.decode(),
'key': serialized_private_key.decode()
}
Example #9
| Source File: utils.py From django-auth-adfs with BSD 2-Clause "Simplified" License | 5 votes |
|
def generate_key_and_cert():
signing_key = rsa.generate_private_key(
backend=crypto_default_backend(),
public_exponent=65537,
key_size=2048
)
subject = issuer = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"My Company"),
x509.NameAttribute(NameOID.COMMON_NAME, u"example.com"),
])
signing_cert = x509.CertificateBuilder().subject_name(
subject
).issuer_name(
issuer
).public_key(
signing_key.public_key()
).serial_number(
x509.random_serial_number()
).not_valid_before(
datetime.utcnow()
).not_valid_after(
# Our certificate will be valid for 10 days
datetime.utcnow() + timedelta(days=10)
# Sign our certificate with our private key
).sign(
signing_key, hashes.SHA256(), crypto_default_backend()
).public_bytes(crypto_serialization.Encoding.DER)
return signing_key, signing_cert
Example #10
| Source File: tls.py From dcos-e2e with Apache License 2.0 | 5 votes |
|
def cert_name(common_name):
"""
Create x509.Name
"""
return x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, "US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, "San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, "D2iQ, Inc."),
x509.NameAttribute(NameOID.COMMON_NAME, common_name),
])
Example #11
| Source File: tls.py From dcos-e2e with Apache License 2.0 | 5 votes |
|
def cert_name(common_name):
"""
Create x509.Name
"""
return x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, "US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "CA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, "San Francisco"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, "D2iQ, Inc."),
x509.NameAttribute(NameOID.COMMON_NAME, common_name),
])
Example #12
| Source File: test_verifier.py From alexa-skills-kit-sdk-for-python with Apache License 2.0 | 5 votes |
|
def create_certificate(self):
self.private_key = self.generate_private_key()
subject = issuer = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"US"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"WA"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"Seattle"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Amazon Alexa"),
x509.NameAttribute(
NameOID.COMMON_NAME, u"{}".format(self.PREPOPULATED_CERT_URL)),
])
self.mock_certificate = x509.CertificateBuilder().subject_name(
name=subject).issuer_name(
name=issuer).public_key(
key=self.private_key.public_key()).serial_number(
number=x509.random_serial_number()).not_valid_before(
time=datetime.utcnow() - timedelta(minutes=1)).not_valid_after(
time=datetime.utcnow() + timedelta(minutes=1)).add_extension(
extension=x509.SubjectAlternativeName(
[x509.DNSName(u"{}".format(CERT_CHAIN_DOMAIN))]),
critical=False).sign(
private_key=self.private_key,
algorithm=SHA1(),
backend=default_backend()
)
self.request_verifier._cert_cache[
self.PREPOPULATED_CERT_URL] = self.mock_certificate
Example #13
| Source File: test_session_resumption.py From rpaas with BSD 3-Clause "New" or "Revised" License | 5 votes |
|
def generate_ca(cls):
key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
backend=default_backend()
)
subject = issuer = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, u"BR"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"RJ"),
x509.NameAttribute(NameOID.LOCALITY_NAME, u"Rio de Janeiro"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Tsuru Inc"),
x509.NameAttribute(NameOID.COMMON_NAME, u"tsuru.io"),
])
cert = x509.CertificateBuilder().subject_name(
subject
).issuer_name(
issuer
).public_key(
key.public_key()
).serial_number(
x509.random_serial_number()
).not_valid_before(
datetime.datetime.utcnow()
).not_valid_after(
datetime.datetime.utcnow() + datetime.timedelta(days=10)
).add_extension(
x509.SubjectAlternativeName([x509.DNSName(u"tsuru.io")]),
critical=False,
).sign(key, hashes.SHA256(), default_backend())
key = key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption(),
)
cert = cert.public_bytes(serialization.Encoding.PEM)
return key, cert
Example #14
| Source File: cert_manager.py From SROS-grpc-services with BSD 3-Clause "New" or "Revised" License | 4 votes |
|
def subject_name(self):
attribute_list = []
if self.common_name:
attribute_list.append(
x509.NameAttribute(
NameOID.COMMON_NAME, text_type(self.common_name)
)
)
if self.organization:
attribute_list.append(
x509.NameAttribute(
NameOID.ORGANIZATION_NAME, text_type(self.organization)
)
)
if self.organizational_unit:
attribute_list.append(
x509.NameAttribute(
NameOID.ORGANIZATIONAL_UNIT_NAME,
text_type(self.organizational_unit),
)
)
if self.country:
attribute_list.append(
x509.NameAttribute(
NameOID.COUNTRY_NAME, text_type(self.country)
)
)
if self.state:
attribute_list.append(
x509.NameAttribute(
NameOID.STATE_OR_PROVINCE_NAME, text_type(self.state)
)
)
if self.city:
attribute_list.append(
x509.NameAttribute(NameOID.LOCALITY_NAME, text_type(self.city))
)
if self.email_id:
attribute_list.append(
x509.NameAttribute(
NameOID.EMAIL_ADDRESS, text_type(self.email_id)
)
)
return x509.Name(attribute_list)
