我们从Python开源项目中,提取了以下24个代码示例,用于说明如何使用OpenSSL.crypto.load_crl()。
def test_load_crl(self): """ Load a known CRL and inspect its revocations. Both PEM and DER formats are loaded. """ crl = load_crl(FILETYPE_PEM, crlData) revs = crl.get_revoked() self.assertEqual(len(revs), 2) self.assertEqual(revs[0].get_serial(), b('03AB')) self.assertEqual(revs[0].get_reason(), None) self.assertEqual(revs[1].get_serial(), b('0100')) self.assertEqual(revs[1].get_reason(), b('Superseded')) der = _runopenssl(crlData, b"crl", b"-outform", b"DER") crl = load_crl(FILETYPE_ASN1, der) revs = crl.get_revoked() self.assertEqual(len(revs), 2) self.assertEqual(revs[0].get_serial(), b('03AB')) self.assertEqual(revs[0].get_reason(), None) self.assertEqual(revs[1].get_serial(), b('0100')) self.assertEqual(revs[1].get_reason(), b('Superseded'))
def test_load_crl(self): """ Load a known CRL and inspect its revocations. Both PEM and DER formats are loaded. """ crl = load_crl(FILETYPE_PEM, crlData) revs = crl.get_revoked() self.assertEqual(len(revs), 2) self.assertEqual(revs[0].get_serial(), b('03AB')) self.assertEqual(revs[0].get_reason(), None) self.assertEqual(revs[1].get_serial(), b('0100')) self.assertEqual(revs[1].get_reason(), b('Superseded')) der = _runopenssl(crlData, "crl", "-outform", "DER") crl = load_crl(FILETYPE_ASN1, der) revs = crl.get_revoked() self.assertEqual(len(revs), 2) self.assertEqual(revs[0].get_serial(), b('03AB')) self.assertEqual(revs[0].get_reason(), None) self.assertEqual(revs[1].get_serial(), b('0100')) self.assertEqual(revs[1].get_reason(), b('Superseded'))
def test_ignores_unsupported_revoked_cert_extension_get_reason(self): """ The get_reason method on the Revoked class checks to see if the extension is NID_crl_reason and should skip it otherwise. This test loads a CRL with extensions it should ignore. """ crl = load_crl(FILETYPE_PEM, crlDataUnsupportedExtension) revoked = crl.get_revoked() reason = revoked[1].get_reason() assert reason == b'Unspecified'
def test_ignores_unsupported_revoked_cert_extension_set_new_reason(self): crl = load_crl(FILETYPE_PEM, crlDataUnsupportedExtension) revoked = crl.get_revoked() revoked[1].set_reason(None) reason = revoked[1].get_reason() assert reason is None
def test_load_crl(self): """ Load a known CRL and inspect its revocations. Both EM and DER formats are loaded. """ crl = load_crl(FILETYPE_PEM, crlData) revs = crl.get_revoked() assert len(revs) == 2 assert revs[0].get_serial() == b'03AB' assert revs[0].get_reason() is None assert revs[1].get_serial() == b'0100' assert revs[1].get_reason() == b'Superseded' der = _runopenssl(crlData, b"crl", b"-outform", b"DER") crl = load_crl(FILETYPE_ASN1, der) revs = crl.get_revoked() assert len(revs) == 2 assert revs[0].get_serial() == b'03AB' assert revs[0].get_reason() is None assert revs[1].get_serial() == b'0100' assert revs[1].get_reason() == b'Superseded'
def test_load_crl_bad_filetype(self): """ Calling `OpenSSL.crypto.load_crl` with an unknown file type raises a `ValueError`. """ with pytest.raises(ValueError): load_crl(100, crlData)
def test_load_crl_bad_data(self): """ Calling `OpenSSL.crypto.load_crl` with file data which can't be loaded raises a `OpenSSL.crypto.Error`. """ with pytest.raises(Error): load_crl(FILETYPE_PEM, b"hello, world")
def test_dump_crl(self): """ The dumped CRL matches the original input. """ crl = load_crl(FILETYPE_PEM, crlData) buf = dump_crl(FILETYPE_PEM, crl) assert buf == crlData
def test_convert_to_cryptography_key(self): crl = load_crl(FILETYPE_PEM, crlData) crypto_crl = crl.to_cryptography() assert isinstance(crypto_crl, x509.CertificateRevocationList)
def _prepare_revoked(self): ca = self._create_ca() crl = crypto.load_crl(crypto.FILETYPE_PEM, ca.crl) self.assertIsNone(crl.get_revoked()) cert = self._create_cert(ca=ca) cert.revoke() return (ca, cert)
def test_crl(self): ca, cert = self._prepare_revoked() crl = crypto.load_crl(crypto.FILETYPE_PEM, ca.crl) revoked_list = crl.get_revoked() self.assertIsNotNone(revoked_list) self.assertEqual(len(revoked_list), 1) self.assertEqual(int(revoked_list[0].get_serial()), cert.serial_number)
def test_crl_view(self): ca, cert = self._prepare_revoked() response = self.client.get(reverse('x509:crl', args=[ca.pk])) self.assertEqual(response.status_code, 200) crl = crypto.load_crl(crypto.FILETYPE_PEM, response.content) revoked_list = crl.get_revoked() self.assertIsNotNone(revoked_list) self.assertEqual(len(revoked_list), 1) self.assertEqual(int(revoked_list[0].get_serial()), cert.serial_number)
def test_load_crl_wrong_args(self): """ Calling :py:obj:`OpenSSL.crypto.load_crl` with other than two arguments results in a :py:obj:`TypeError` being raised. """ self.assertRaises(TypeError, load_crl) self.assertRaises(TypeError, load_crl, FILETYPE_PEM) self.assertRaises(TypeError, load_crl, FILETYPE_PEM, crlData, None)
def test_load_crl_bad_filetype(self): """ Calling :py:obj:`OpenSSL.crypto.load_crl` with an unknown file type raises a :py:obj:`ValueError`. """ self.assertRaises(ValueError, load_crl, 100, crlData)
def test_load_crl_bad_data(self): """ Calling :py:obj:`OpenSSL.crypto.load_crl` with file data which can't be loaded raises a :py:obj:`OpenSSL.crypto.Error`. """ self.assertRaises(Error, load_crl, FILETYPE_PEM, b"hello, world")
def test_crl_view(self): ca = self._create_ca() response = self.client.get(reverse('x509:crl', args=[ca.pk])) self.assertEqual(response.status_code, 200) crl = crypto.load_crl(crypto.FILETYPE_PEM, response.content) revoked_list = crl.get_revoked() self.assertIsNone(revoked_list)
def test_load_crl_bad_filetype(self): """ Calling L{OpenSSL.crypto.load_crl} with an unknown file type raises a L{ValueError}. """ self.assertRaises(ValueError, load_crl, 100, crlData)
def test_load_crl_bad_data(self): """ Calling L{OpenSSL.crypto.load_crl} with file data which can't be loaded raises a L{OpenSSL.crypto.Error}. """ self.assertRaises(Error, load_crl, FILETYPE_PEM, "hello, world")
def load_crl(self, crlfile): ''' Load crl file content to openssl x509 object. :param crlfile: CRL file path. :type crlfile: String. :returns: Informational result dict {'error': Boolean, 'message': if error String else x509 object} :rtype: Dict. ''' if not ospath.isfile(crlfile): x509obj = crypto.CRL() if self.__verbose: print("INFO: New CRL " + crlfile + " created.") res = {"error": False, "message": x509obj} return(res) else: try: x509obj = crypto.load_crl( crypto.FILETYPE_PEM, open(crlfile).read()) except SSL.SysCallError as e: res = {"error": True, "message": e.strerror + " " + e.filename} #print(e.args, e.errno, e.filename, e.strerror) except SSL.Error as f: res = {"error": True, "message": f.strerror + " " + f.filename} except SSL.WantReadError as r: res = {"error": True, "message": r.strerror + " " + r.filename} except SSL.WantWriteError as w: res = {"error": True, "message": w.strerror + " " + w.filename} except SSL.WantX509LookupError as x: res = {"error": True, "message": x.strerror + " " + x.filename} except Exception as ex: res = { "error": True, "message": ex.strerror + " " + ex.filename} except: res = {"error": True, "message": "Unexpected error"} else: res = {"error": False, "message": x509obj} finally: return(res)
def renew_crl_date(self, next_crl_days=183): ''' Extend crl expiry date and/or renwew crl :param next_crl_days: Number of days to add for CRL expiry. :type next_crl_days: Int. :returns: Informational result dict {'error': Boolean, 'message': String} :rtype: Dict. ''' crlObj = self.load_crl(self.__crlpath) if not crlObj['error']: crlObj = crlObj['message'] else: res = {"error": True, "message": crlObj['message']} return(res) caKeyObj = self.load_pkey( self.__intermediateCAkeyfile, self.__intermediatePass) if not caKeyObj['error']: caKeyObj = caKeyObj['message'] else: res = {"error": True, "message": caKeyObj['message']} return(res) caCertObj = self.load_crt(self.__intermediateCAcrtfile) if not caCertObj['error']: caCertObj = caCertObj['message'] else: res = {"error": True, "message": caCertObj['message']} return(res) try: encodedCrl = crlObj.export( caCertObj, caKeyObj, days=next_crl_days, digest=self.__CRL_ALGO.encode('utf-8')).decode('utf-8') wresult = self.writeFile(self.__crlpath, encodedCrl) if wresult['error']: res = {"error": True, "message": wresult['message']} return(res) except: res = { "error": True, "message": "ERROR: Unable to edit crl: " + self.__crlpath} return(res) res = {"error": False, "message": "INFO: CRL date updated successfuly."} return(res)
