Yavook.de/kiwi-vpn
1
0
Fork 1
Code Issues Pull requests Projects Releases Wiki Activity

EasyRSA: pyopenssl -> cryptography

Browse source
This commit is contained in:
Jörn-Michael Miehe 2022-04-05 00:42:55 +00:00
parent d8bdb46a5c
commit c94e07fbac
3 changed files with 11 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
api/kiwi_vpn_api/easyrsa.py
View file

@ -5,11 +5,10 @@ Python interface to EasyRSA CA.
from __future__ import annotations
import subprocess
from datetime import datetime
from enum import Enum, auto
from pathlib import Path
from OpenSSL import crypto
from cryptography import x509
from passlib import pwd
from pydantic import BaseModel
@ -196,7 +195,7 @@ class EasyRSA:
cert_filename: Path,
*easyrsa_cmd: str,
**easyrsa_env: str,
) -> crypto.X509:
) -> x509.Certificate:
"""
Create an X.509 certificate
"""
@ -231,8 +230,8 @@ class EasyRSA:
with open(
self.output_directory.joinpath(cert_filename), "rb"
) as cert_file:
return crypto.load_certificate(
crypto.FILETYPE_PEM, cert_file.read()
return x509.load_pem_x509_certificate(
cert_file.read()
)
def init_pki(self) -> None:
@ -242,7 +241,7 @@ class EasyRSA:
self.__easyrsa("init-pki")
def build_ca(self) -> crypto.X509:
def build_ca(self) -> x509.Certificate:
"""
Build the CA certificate
"""
@ -263,7 +262,7 @@ class EasyRSA:
self,
cert_type: CertificateType = CertificateType.client,
dn: DistinguishedName | None = None,
) -> crypto.X509 | None:
) -> x509.Certificate | None:
"""
Issue a client or server certificate
"""
@ -308,12 +307,8 @@ if __name__ == "__main__":
client = easy_rsa.issue(dn=dn)
date_format, encoding = "%Y%m%d%H%M%SZ", "ascii"
for cert in (ca, server, client):
if cert is not None:
print(cert.get_subject().CN)
print(cert.get_signature_algorithm().decode(encoding))
assert (na := cert.get_notAfter()) is not None
print(datetime.strptime(na.decode(encoding), date_format))
print(cert.subject)
print(cert.signature_hash_algorithm)
print(cert.not_valid_after)

21
api/poetry.lock generated
View file

@ -292,21 +292,6 @@ typing-extensions = ">=3.7.4.3"
dotenv = ["python-dotenv (>=0.10.4)"]
email = ["email-validator (>=1.0.3)"]
[[package]]
name = "pyopenssl"
version = "22.0.0"
description = "Python wrapper module around the OpenSSL library"
category = "main"
optional = false
python-versions = ">=3.6"
[package.dependencies]
cryptography = ">=35.0"
[package.extras]
docs = ["sphinx", "sphinx-rtd-theme"]
test = ["flaky", "pretend", "pytest (>=3.0.1)"]
[[package]]
name = "pyparsing"
version = "3.0.7"
@ -501,7 +486,7 @@ standard = ["websockets (>=10.0)", "httptools (>=0.4.0)", "watchgod (>=0.6)", "p
[metadata]
lock-version = "1.1"
python-versions = "^3.10"
content-hash = "ec07664a3624e6204beb2371bccc164ca1029f6e80663a9bd5946f4eaea04ca1"
content-hash = "36a56b6982734607590597302276605f8977119869934f35116e72377905b6b5"
[metadata.files]
anyio = [
@ -790,10 +775,6 @@ pydantic = [
{file = "pydantic-1.9.0-py3-none-any.whl", hash = "sha256:085ca1de245782e9b46cefcf99deecc67d418737a1fd3f6a4f511344b613a5b3"},
{file = "pydantic-1.9.0.tar.gz", hash = "sha256:742645059757a56ecd886faf4ed2441b9c0cd406079c2b4bee51bcc3fbcd510a"},
]
pyopenssl = [
{file = "pyOpenSSL-22.0.0-py2.py3-none-any.whl", hash = "sha256:ea252b38c87425b64116f808355e8da644ef9b07e429398bfece610f893ee2e0"},
{file = "pyOpenSSL-22.0.0.tar.gz", hash = "sha256:660b1b1425aac4a1bea1d94168a85d99f0b3144c869dd4390d27629d0087f1bf"},
]
pyparsing = [
{file = "pyparsing-3.0.7-py3-none-any.whl", hash = "sha256:a6c06a88f252e6c322f65faf8f418b16213b51bdfaece0524c1c1bc30c63c484"},
{file = "pyparsing-3.0.7.tar.gz", hash = "sha256:18ee9022775d270c55187733956460083db60b37d0d0fb357445f3094eed3eea"},

2
api/pyproject.toml
View file

@ -9,11 +9,11 @@ python = "^3.10"
fastapi = "^0.75.0"
passlib = {extras = ["argon2", "bcrypt"], version = "^1.7.4"}
pyOpenSSL = "^22.0.0"
python-jose = {extras = ["cryptography"], version = "^3.3.0"}
python-multipart = "^0.0.5"
sqlmodel = "^0.0.6"
uvicorn = "^0.17.6"
cryptography = "^36.0.2"
[tool.poetry.dev-dependencies]
pytest = "^7.1.0"