Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def uninitialized_client(key=None):
if key is None:
key = josepy.JWKRSA(key=rsa.generate_private_key(65537, 2048, default_backend()))
net = acme_client.ClientNetwork(key, user_agent="Boulder integration tester")
directory = messages.Directory.from_json(net.get(DIRECTORY_V2).json())
return acme_client.ClientV2(directory, net)
def genRsaKey(bits=4096):
'''
Generate a new RSA key pair.
'''
return c_rsa.generate_private_key(public_exponent=65537, key_size=bits, backend=backend)
def generate_asymmetric(self, generate_dto, kek_meta_dto, project_id):
"""Generate asymmetric keys based on below rules:
- RSA, with passphrase (supported)
- RSA, without passphrase (supported)
- DSA, without passphrase (supported)
- DSA, with passphrase (supported)
"""
if(generate_dto.algorithm is None or generate_dto
.algorithm.lower() == 'rsa'):
private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=generate_dto.bit_length,
backend=default_backend()
)
elif generate_dto.algorithm.lower() == 'dsa':
private_key = dsa.generate_private_key(
key_size=generate_dto.bit_length,
backend=default_backend()
)
else:
raise c.CryptoPrivateKeyFailureException()
public_key = private_key.public_key()
if generate_dto.algorithm.lower() == 'rsa':
private_key = private_key.private_bytes(
raise CallError(
'Please specify root email address which will be used with the ACME server'
)
if self.middleware.call_sync(
'acme.registration.query', [['directory', '=', data['acme_directory_uri']]]
):
verrors.add(
'acme_registration_create.acme_directory_uri',
'A registration with the specified directory uri already exists'
)
if verrors:
raise verrors
key = jose.JWKRSA(key=rsa.generate_private_key(
public_exponent=data['JWK_create']['public_exponent'],
key_size=data['JWK_create']['key_size'],
backend=default_backend()
))
acme_client = client.ClientV2(directory, client.ClientNetwork(key))
register = acme_client.new_account(
messages.NewRegistration.from_data(
email=email,
terms_of_service_agreed=True
)
)
# We have registered with the acme server
# Save registration object
registration_id = self.middleware.call_sync(
'datastore.insert',
def create_decryptor(private_location, public_location):
try:
with open(private_location, "rb") as key_file:
private_key = serialization.load_pem_private_key(
key_file.read(),
password=None,
backend=default_backend()
)
except FileNotFoundError:
with open(private_location, "wb") as key_file:
private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
backend=default_backend()
)
key_file.write(private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption()
))
with open(public_location, "wb") as public_file:
public_key = private_key.public_key()
pem = public_key.public_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo
)
def create_key_pair(self, context, algorithm, length,
expiration=None, name=None):
"""Creates an asymmetric key pair."""
if algorithm.lower() != 'rsa':
raise NotImplementedError(
"VaultKeyManager only implements rsa keys"
)
priv_key = rsa.generate_private_key(
public_exponent=65537,
key_size=length,
backend=default_backend()
)
private_key = pri_key.PrivateKey(
'RSA',
length,
priv_key.private_bytes(
Encoding.PEM, PrivateFormat.PKCS8, NoEncryption()
)
)
private_key_id = uuid.uuid4().hex
private_id = self._store_key_value(
private_key_id,
def create(self,bits=2048):
"""Create RSA"""
self._rsa = rsa.generate_private_key(
public_exponent=65537,
key_size=bits,
backend=default_backend())
def generate_self_signed_cert(cert_file, key_file):
#type: (Any, Any) -> None
"""Given two file-like objects, generate an SSL key and certificate
Args:
cert_file: The certificate file you wish to write to
key_file: The key file you wish to write to
"""
one_day = timedelta(1, 0, 0)
private_key = rsa.generate_private_key(
public_exponent=65537, key_size=2048, backend=default_backend())
public_key = private_key.public_key()
builder = x509.CertificateBuilder()
builder = builder.subject_name(
x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, u'cryptography.io'),
]))
builder = builder.issuer_name(
x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, u'cryptography.io'),
]))
builder = builder.not_valid_before(datetime.today() - one_day)
builder = builder.not_valid_after(datetime.today() + timedelta(365 * 10))
builder = builder.serial_number(uuid4().int)
builder = builder.public_key(public_key)
builder = builder.add_extension(
def generate_rsa_private_key():
return rsa.generate_private_key(
public_exponent=65537, key_size=2048, backend=default_backend()
)
@classmethod
def generate_ssh_keys(cls):
key = rsa.generate_private_key(
public_exponent=65537,
key_size=4096,
backend=default_backend()
)
private_key = key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=serialization.NoEncryption())
public_key = key.public_key().public_bytes(
encoding=serialization.Encoding.OpenSSH,
format=serialization.PublicFormat.OpenSSH
)
return private_key, public_key