mirror of
https://github.com/PiBrewing/craftbeerpi4.git
synced 2024-11-15 03:28:13 +01:00
50 lines
1.8 KiB
Python
50 lines
1.8 KiB
Python
# This file is dual licensed under the terms of the Apache License, Version
|
|
# 2.0, and the BSD License. See the LICENSE file in the root of this repository
|
|
# for complete details.
|
|
|
|
from __future__ import absolute_import, division, print_function
|
|
|
|
from cryptography import x509
|
|
from cryptography.hazmat.backends import _get_backend
|
|
from cryptography.hazmat.primitives import serialization
|
|
from cryptography.hazmat.primitives.asymmetric import dsa, ec, rsa
|
|
|
|
|
|
def load_key_and_certificates(data, password, backend=None):
|
|
backend = _get_backend(backend)
|
|
return backend.load_key_and_certificates_from_pkcs12(data, password)
|
|
|
|
|
|
def serialize_key_and_certificates(name, key, cert, cas, encryption_algorithm):
|
|
if key is not None and not isinstance(
|
|
key,
|
|
(
|
|
rsa.RSAPrivateKeyWithSerialization,
|
|
dsa.DSAPrivateKeyWithSerialization,
|
|
ec.EllipticCurvePrivateKeyWithSerialization,
|
|
),
|
|
):
|
|
raise TypeError("Key must be RSA, DSA, or EllipticCurve private key.")
|
|
if cert is not None and not isinstance(cert, x509.Certificate):
|
|
raise TypeError("cert must be a certificate")
|
|
|
|
if cas is not None:
|
|
cas = list(cas)
|
|
if not all(isinstance(val, x509.Certificate) for val in cas):
|
|
raise TypeError("all values in cas must be certificates")
|
|
|
|
if not isinstance(
|
|
encryption_algorithm, serialization.KeySerializationEncryption
|
|
):
|
|
raise TypeError(
|
|
"Key encryption algorithm must be a "
|
|
"KeySerializationEncryption instance"
|
|
)
|
|
|
|
if key is None and cert is None and not cas:
|
|
raise ValueError("You must supply at least one of key, cert, or cas")
|
|
|
|
backend = _get_backend(None)
|
|
return backend.serialize_key_and_certificates_to_pkcs12(
|
|
name, key, cert, cas, encryption_algorithm
|
|
)
|