aboutsummaryrefslogtreecommitdiff
path: root/scripts/rpki/pkcs10.py
blob: 6404870a3fb6c32e2ae1d147348b7fdb297b701f (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# $Id$

"""Old code to generate PKCS #10 certification requests.

This has been replaced by direct support for PKCS #10 in my hacked
version of the POW package.  This module will go away eventually, I'm
just keeping it around in case I discover some horrible bug in the new
code that would make me want to fall back to this.
"""

import POW, rpki.x509, os, rpki.exceptions, binascii

req_fmt = '''
[ req ]
distinguished_name = req_dn
default_md = sha256
prompt = no

[ req_dn ]
CN = %s
'''

def make_request(keypair):

  digest = POW.Digest(POW.SHA1_DIGEST)
  digest.update(keypair.get_POW().derWrite(POW.RSA_PUBLIC_KEY))
  commonName = "0x" + binascii.hexlify(digest.digest())

  try:
    config_filename = "req.tmp.conf"
    f = open(config_filename, "w")
    f.write(req_fmt % commonName)
    f.close()

    i,o = os.popen2(["openssl", "req", "-config", config_filename,  "-new", "-key", "/dev/stdin", "-outform", "DER"])
    i.write(keypair.get_PEM())
    i.close()
    pkcs10 = rpki.x509.PKCS10(DER = o.read())
    o.close()

  finally:
    os.unlink(config_filename)

  return pkcs10