python (3.12.0)

Browse
Build Log
Usage
make_ssl_certs.cpython-312.opt-1.pyc
�

͑�e�$����dZddlZddlZddlZddlZddl�dZdZdZejjejje��Z
		d0d�ZdZd	�Zd
�Zd�Zedk(�r�ej(e
�ed
d��\ZZedd�5Zej3e�ddd�edd�5Zej3e�ddd�ed�egd��egd��edd�5Zej3e�ej3e�ddd�edd�5Zej3e�ddd�e�edd��\ZZedd�5Zej3e�ej3e�ddd�ed
d��\ZZedd�5Zej3e�ej3e�ddd�edd��\ZZedd�5Zej3e�ej3e�ddd�eddd �!�\ZZed"d�5Zej3e�ej3e�ddd�gd#�Zed$dd%j;e��&�\ZZed'd�5Zej3e�ej3e�ddd�gd(�Zed)dd%j;e��&�\ZZed*d�5Zej3e�ej3e�ddd�ed+dd,�-�\ZZed.d�5Zej3e�ej3e�ddd�e�ed/�ed�ed�yy#1swY���xYw#1swY���xYw#1swY��`xYw#1swY��JxYw#1swY��xYw#1swY���xYw#1swY���xYw#1swY��rxYw#1swY��*xYw#1swY��xYw#1swY��xYw)1zOMake the custom certificate and private key files used by test_ssl
and friends.�N)�*�20180829142316Z�20371028142316Za�

    [ default ]
    base_url               = http://testca.pythontest.net/testca

    [req]
    distinguished_name     = req_distinguished_name
    prompt                 = no

    [req_distinguished_name]
    C                      = XY
    L                      = Castle Anthrax
    O                      = Python Software Foundation
    CN                     = {hostname}

    [req_x509_extensions_nosan]

    [req_x509_extensions_simple]
    subjectAltName         = @san

    [req_x509_extensions_full]
    subjectAltName         = @san
    keyUsage               = critical,keyEncipherment,digitalSignature
    extendedKeyUsage       = serverAuth,clientAuth
    basicConstraints       = critical,CA:false
    subjectKeyIdentifier   = hash
    authorityKeyIdentifier = keyid:always,issuer:always
    authorityInfoAccess    = @issuer_ocsp_info
    crlDistributionPoints  = @crl_info

    [ issuer_ocsp_info ]
    caIssuers;URI.0        = $base_url/pycacert.cer
    OCSP;URI.0             = $base_url/ocsp/

    [ crl_info ]
    URI.0                  = $base_url/revocation.crl

    [san]
    DNS.1 = {hostname}
    {extra_san}

    [dir_sect]
    C                      = XY
    L                      = Castle Anthrax
    O                      = Python Software Foundation
    CN                     = dirname example

    [princ_name]
    realm = EXP:0, GeneralString:KERBEROS.REALM
    principal_name = EXP:1, SEQUENCE:principal_seq

    [principal_seq]
    name_type = EXP:0, INTEGER:1
    name_string = EXP:1, SEQUENCE:principals

    [principals]
    princ1 = GeneralString:username

    [ ca ]
    default_ca      = CA_default

    [ CA_default ]
    dir = cadir
    database  = $dir/index.txt
    crlnumber = $dir/crl.txt
    default_md = sha256
    startdate = {startdate}
    default_startdate = {startdate}
    enddate = {enddate}
    default_enddate = {enddate}
    default_days = 7000
    default_crl_days = 7000
    certificate = pycacert.pem
    private_key = pycakey.pem
    serial    = $dir/serial
    RANDFILE  = $dir/.rand
    policy          = policy_match

    [ policy_match ]
    countryName             = match
    stateOrProvinceName     = optional
    organizationName        = match
    organizationalUnitName  = optional
    commonName              = supplied
    emailAddress            = optional

    [ policy_anything ]
    countryName   = optional
    stateOrProvinceName = optional
    localityName    = optional
    organizationName  = optional
    organizationalUnitName  = optional
    commonName    = supplied
    emailAddress    = optional


    [ v3_ca ]

    subjectKeyIdentifier=hash
    authorityKeyIdentifier=keyid:always,issuer
    basicConstraints = CA:true

    c��td|z�g}td�D]<}tjd��5}|j	|j
�ddd��>|\}}	}
	tj||tt��}t|d�5}|j|�ddd�ddd	d
dd|d
|
d|d|g
}|rNtjd��5}|j	|j
�|j
}
ddd�|d
gz
}n|dd|	gz
}tdg|z�|rdd|d|d|	dddddd
g}tdg|z�t|	d�5}|j�}ddd�t|
d�5}|j�}ddd�|f|D]}tj|��S#1swY���xYw#1swY��xYw#1swY��xYw#1swY�txYw#1swY�[xYw#|D]}tj|��wxYw)Nzcreating cert for �F)�delete��hostname�	extra_san�	startdate�enddate�w�req�-new�-nodesz-days�7000�-newkey�-keyout�-extensions�-config�-outz-x509�openssl�ca�-outdir�cadirz-policy�policy_anything�-batch�-infiles�r)�print�range�tempfile�NamedTemporaryFile�append�name�req_template�formatrr
�open�write�
check_call�read�os�remove)r
�signr�ext�key�	tempnames�i�f�req_file�	cert_file�key_filer�args�reqfile�certr%s                �G/BuggyBox/python/3.12.0/bootstrap/lib/python3.12/test/make_ssl_certs.py�
make_cert_keyr;ws;��	�
��
)�*��I�
�1�X�%��
�
(�
(��
6�	%�!����Q�V�V�$�	%�	%�%�%.�!�H�i��+��!�!�����	"�
���(�C�
 �	�A�
�G�G�C�L�	��v�x��&��3�	�8��s��8�%����,�,�E�:�
!�a�� � ����(��&�&��
!�
�V�W�&�&�D�
�W�f�i�1�1�D��I�;��%�&����8��s��	��7��,��*�g��D�
�	�{�T�)�*��)�S�
!�	�Q��6�6�8�D�	�
�(�C�
 �	�A��&�&�(�C�	��S�y��	�D��I�I�d�O�	�[	%�	%��	�	��
!�
!��,	�	��	�	���	�D��I�I�d�O�	�sx�F*�"-G(�F7�!/G(�(G�8AG(�G�G(�1G�G(�*F4	�7G�<G(�G
�	G(�G�G(�G%�!G(�(Hrc�6�tjt�y)N)�shutil�rmtree�	TMP_CADIR��r:�	unmake_carB�s��
�M�M�)�rAc�$�tjt�ttjjdd�d�5}	ddd�ttjjdd�d�5}|j
d�ddd�ttjjdd�d�5}|j
d�ddd�ttjjdd	�d
�5}|j
d�ddd�tjd
�5}tjdd
tt��}|j
|�|j�tj�5}dd|jddddddd|jddg
}tdg|z�dd|jddddtddd d!d"d#|jg}tdg|z�dd|jd$dd%g}tdg|z�ddd�ddd�tgd&��t!j"d'd(�y#1swY��xYw#1swY���xYw#1swY���xYw#1swY��]xYw#1swY�ixYw#1swY�mxYw))Nrz	index.txt�a+zcrl.txt�00zindex.txt.attrzw+zunique_subject = no�serialrzCB2D80995A69525B
z
our-ca-server�r	rrrrr�rsa:3072rzpycakey.pemrz-subjzG/C=XY/L=Castle Anthrax/O=Python Software Foundation CA/CN=our-ca-serverrr�pycacert.pemrrz-keyfilez	-selfsignr�v3_carz-gencrlzrevocation.crl)r�x509�-inrIr�capath/ceff1710.0rMzcapath/b1930218.0)r,�mkdirr?r(�path�joinr)r"r#r&r'rr
�flushr%r*r=�copy)r3�trr7s    r:�make_carT�sG���H�H�Y��	
�b�g�g�l�l�7�;�/��	5�
���
�	
�b�g�g�l�l�7�9�-�d�	3��q�	����
��	
�b�g�g�l�l�7�#3�4�T�	:�'�a�	���%�&�'�
�b�g�g�l�l�7�8�,�c�	2�&�a�	���$�%�&�
�	$�	$�S�	)�+�Q��!�!�$����	"�
��	
�����	���	�
�
(�
(�
*�	+�a��9�a�f�f�f���z��}��A�F�F��f�h�D�
�	�{�T�)�*��)�Q�V�V��N�H�i���
�����Q�V�V�N�D�
�	�{�T�)�*��)�Q�V�V�Y��@P�Q�D��	�{�T�)�*�	+�+�4����K�K�#�%8�9�O
�
�����'�'��&�&��	+�	+��+�+�sV�I�8I�<I �I-�/AJ�BI:�J�I�I� I*�-I7�:J	�?J�Jc�T�ddl}tj|j|��y)Nr)�_ssl�pprint�_test_decode_cert)rOrVs  r:�
print_certrY�s���
�M�M�$�(�(��.�/rA�__main__�	localhost�req_x509_extensions_simple)r/zssl_cert.pemr�ssl_key.pemz5password protecting ssl_key.pem in ssl_key.passwd.pem)	r�pkeyrLr]rzssl_key.passwd.pem�-aes256�-passout�
pass:somepass)	rr^rLr]r�keycert.passwd.pemr_r`razkeycert.pemrbrD�fakehostnamezkeycert2.pemT)r.zkeycert3.pemzkeycert4.pemz
localhost-ecczparam:secp384r1.pem)r.r0zkeycertecc.pem)	z0otherName.1 = 1.2.3.4;UTF8:some other identifierz/otherName.2 = 1.3.6.1.5.2.2;SEQUENCE:princ_namezemail.1 = user@example.orgzDNS.2 = www.example.orgzdirName.1 = dir_sectzURI.1 = https://www.python.org/zIP.1 = 127.0.0.1z
IP.2 = ::1zRID.1 = 1.2.3.4.5�allsans�
)r.rzallsans.pem)z'DNS.2 = xn--knig-5qa.idn.pythontest.netz6DNS.3 = xn--knigsgsschen-lcb0w.idna2003.pythontest.netz6DNS.4 = xn--knigsgchen-b4a3dun.idna2008.pythontest.netz,DNS.5 = xn--nxasmq6b.idna2003.pythontest.netz,DNS.6 = xn--nxasmm1c.idna2008.pythontest.net�idnsanszidnsans.pem�nosan�req_x509_extensions_nosan)r.r/z	nosan.pemz>update Lib/test/test_ssl.py and Lib/test/test_asyncio/utils.py)FrG�req_x509_extensions_fullrH)�__doc__r,rWr=r"�
subprocessrr
r&rO�abspath�dirname�__file__�herer;r?rBrTrY�__name__�chdirr9r0r(r3r)r r*rrPr@rAr:�<module>rrs����
�
�
����	�
��e��N
�w�w���r�w�w���x�0�1��35�6@�3�j
�	��):�X0�
�z���B�H�H�T�N��k�/K�L�I�D�#�	
�n�c�	"��a�	����
��	
�m�S�	!��Q�	������	�
A�B��v�w��v�w�	
�m�S�	!��Q�	�����	����
��
�"�D�	)��Q�	����
���I��n�2N�O�I�D�#�	
�n�c�	"��a�	�����	����
���k��5�I�D�#�	
�n�c�	"��a�	�����	����
���n�4�8�I�D�#�	
�n�c�	"��a�	�����	����
����d�(=��I�D�#�
���	$���	�����	����
���I��i�d�d�i�i�	�>R�S�I�D�#�	
�m�S�	!��Q�	�����	����
��	�I��i�d�d�i�i�	�>R�S�I�D�#�	
�m�S�	!��Q�	�����	����
���g�D�6Q�R�I�D�#�	
�k�3�	��1�	�����	����
���K�	�
J�K��}���~��m����������������
���
������&���"���
��s��M�4M'�3#M4�'N�#N�#N� #N(�"#N5�7#O�#O�#O�M$�'M1�4M>�N�N�N%�(N2�5N?�O�O�O$