Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def get_pubkey(self):
m2x509 = X509.load_cert_string(self.save_to_string())
pkey = Keypair()
pkey.key = self.cert.get_pubkey()
pkey.m2key = m2x509.get_pubkey()
return pkey
# create an m2 x509 cert
m2name = M2Crypto.X509.X509_Name()
m2name.add_entry_by_txt(field="CN", type=0x1001, entry="junk", len=-1, loc=-1, set=0)
m2x509 = M2Crypto.X509.X509()
m2x509.set_pubkey(self.m2key)
m2x509.set_serial_number(0)
m2x509.set_issuer_name(m2name)
m2x509.set_subject_name(m2name)
ASN1 = M2Crypto.ASN1.ASN1_UTCTIME()
ASN1.set_time(500)
m2x509.set_not_before(ASN1)
m2x509.set_not_after(ASN1)
# x509v3 so it can have extensions
# prob not necc since this cert itself is junk but still...
m2x509.set_version(2)
junk_key = Keypair(create=True)
m2x509.sign(pkey=junk_key.get_m2_pkey(), md="sha1")
# convert the m2 x509 cert to a pyopenssl x509
m2pem = m2x509.as_pem()
pyx509 = crypto.load_certificate(crypto.FILETYPE_PEM, m2pem)
# get the pyopenssl pkey from the pyopenssl x509
self.key = pyx509.get_pubkey()
self.filename=filename
(ssh_f, ssh_fn) = tempfile.mkstemp()
ssl_fn = tempfile.mktemp()
os.write(ssh_f, key)
os.close(ssh_f)
cmd = keyconvert_path + " " + ssh_fn + " " + ssl_fn
os.system(cmd)
# this check leaves the temporary file containing the public key so
# that it can be expected to see why it failed.
# TODO: for production, cleanup the temporary files
if not os.path.exists(ssl_fn):
raise Exception, "keyconvert: generated certificate not found. keyconvert may have failed."
k = Keypair()
try:
k.load_pubkey_from_file(ssl_fn)
return k
except Exception as e:
raise e
finally:
# remove the temporary files
if os.path.exists(ssh_fn):
os.remove(ssh_fn)
if os.path.exists(ssl_fn):
os.remove(ssl_fn)
def set_pubkey(self, key):
assert(isinstance(key, Keypair))
self.cert.set_pubkey(key.get_openssl_pkey())