• Search by Module
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• aws-greengrass-mini-fulfillment-master
  • groups
    • group_setup.py
    • arm
      • sort_arm
        • ggd_certs
          • README.md
        • README.md
        • cfg.json
      • servo_build.sh
      • ggd
        • stages.py
        • arm.py
        • man_heartbeat.py
        • load_gg_profile.sh
        • heartbeat.py
        • sleep.sh
        • servo
          • hello_example.py
          • .gitrepo
          • servode.py
          • LICENSE
          • README.rst
          • setup.py
          • setup.cfg
          • __init__.py
          • README.md
          • .gitignore
        • read_all_pos.sh
        • __init__.py
        • utils.py
        • image_processor.py
        • pixel_object.py
      • start_inv_arm.sh
      • cp_sort_arm_certs.sh
      • cp_inv_arm_certs.sh
      • __init__.py
      • README.md
      • requirements.txt
      • start_sort_arm.sh
      • stop_arm.sh
      • inv_arm
        • ggd_certs
          • README.md
        • README.md
        • cfg.json
    • man_cert_setup.py
    • master
      • servo_build.sh
      • ggd
        • load_gg_profile.sh
        • certs
          • README.md
        • heartbeat.py
        • belt.py
        • web.py
        • servo
          • hello_example.py
          • .gitrepo
          • servode.py
          • LICENSE
          • README.rst
          • setup.py
          • setup.cfg
          • __init__.py
          • README.md
          • .gitignore
        • __init__.py
        • utils.py
        • button.py
        • bridge.py
        • flask
          • templates
            • hello.html
            • frequency.html
            • topic.html
            • index.html
          • static
            • smoothie.js
            • css
              • style.css
      • certs
        • README.md
      • start_master.sh
      • __init__.py
      • README.md
      • requirements.txt
      • stop_master.sh
      • cp_certs.sh
      • cfg.json
    • lambda_setup.py
    • lambda
      • MasterErrorDetector
        • trust.json
        • error_detector.py
        • policy.json
        • cfg_lambda.json
        • requirements.txt
      • MasterBrain
        • trust.json
        • master_brain.py
        • policy.json
        • cfg_lambda.json
        • requirements.txt
      • README.md
      • ArmErrorDetector
        • trust.json
        • error_detector.py
        • policy.json
        • cfg_lambda.json
        • requirements.txt
    • man_move_certs.sh
    • README.md
    • servo_setup.py
  • LICENSE
  • models
    • arm
      • gg_ef_cam_2_dof_v1-5.stl
      • gg_femur_v3.stl
      • gg_upper_ef_v5.stl
      • gg_aws_logo.stl
      • gg_turret_spacer_2-0mm.stl
      • gg_ef_cam_2_dof_v1-6.stl
      • gg_lower_ef_flex_cam_mount_v1.stl
      • gg_large_swl_base_v3.stl
    • NOTICE.md
    • misc
      • gg_button_box.stl
      • gg_conveyor_stand.stl
      • gg_conveyor_kicker_v3.stl
      • gg_button_box_bottom.stl
      • gg_cube_2inch.stl
      • gg_conveyor_gear_v2.stl
    • README.md
  • README.md
  • requirements.txt
  • .gitignore
  • docs
    • CONSTR.md
    • TIDBITS.md
    • img
      • doc_images
    • BOM.md
    • TROUBLE.md
    • OPERATE.md
    • README.md
    • INSTALL.md

#!/usr/bin/env python

from OpenSSL import crypto
import argparse


def create_group_cert(cli):
    k = crypto.PKey()
    k.generate_key(crypto.TYPE_RSA, 2048)  # generate RSA key-pair

    cert = crypto.X509()
    cert.get_subject().countryName = "US"
    cert.get_subject().stateOrProvinceName = "CA"
    cert.get_subject().organizationName = "mini-fulfillment"
    cert.get_subject().organizationalUnitName = "demo"
    cert.get_subject().commonName = "mini-fulfillment"
    cert.set_serial_number(1000)
    cert.gmtime_adj_notBefore(0)
    cert.gmtime_adj_notAfter(5 * 365 * 24 * 60 * 60)  # 5 year expiry date
    cert.set_issuer(cert.get_subject())  # self-sign this certificate
    cert.set_pubkey(k)
    san_list = ["IP:{0}".format(cli.ip_address)]
    extension_list = [
        crypto.X509Extension(type_name=b"basicConstraints",
                             critical=False, value=b"CA:false"),
        crypto.X509Extension(type_name=b"subjectAltName",
                             critical=True, value=", ".join(san_list)),
        # crypto.X509Extension(type_name=b"subjectKeyIdentifier",
        #                      critical=True, value=b"hash")
    ]
    cert.add_extensions(extension_list)
    cert.sign(k, 'sha256')

    prefix = str(cli.out_dir) + '/' + cli.group_name

    open("{0}-server.crt".format(prefix), 'wt').write(
        crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
    open("{0}-server-private.key".format(prefix), 'wt').write(
        crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey=k))
    open("{0}-server-public.key".format(prefix), 'wt').write(
        crypto.dump_publickey(crypto.FILETYPE_PEM, pkey=k))


if __name__ == '__main__':
    parser = argparse.ArgumentParser(
        description='Greengrass Group Certificate provisioning',
        formatter_class=argparse.ArgumentDefaultsHelpFormatter)

    subparsers = parser.add_subparsers()

    group_names = [
        'inv_arm',
        'master',
        'sort_arm'
    ]
    create_parser = subparsers.add_parser(
        'create',
        description='Create CA and Certificate for the Demo')
    create_parser.set_defaults(func=create_group_cert)
    create_parser.add_argument('group_name', choices=group_names,
                               help="The group certificate to create.")
    create_parser.add_argument('ip_address',
                               help="The IP address to use in the certificate.")
    create_parser.add_argument('--out-dir', dest='out_dir', default='.',
                               help="The output directory for the group certs.")
    args = parser.parse_args()
    # if args.debug:
    #     logging.basicConfig(
    #         format='%(asctime)s|%(name)-8s|%(levelname)s: %(message)s',
    #         level=logging.DEBUG)

    args.func(args)