You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
41 lines
1.5 KiB
41 lines
1.5 KiB
from cryptography import x509
|
|
from cryptography.hazmat.backends import default_backend
|
|
from cryptography.hazmat.primitives import serialization
|
|
from OpenSSL import crypto
|
|
import tkinter
|
|
import tkinter.filedialog
|
|
root=tkinter.Tk()
|
|
root.withdraw()
|
|
#加载公钥
|
|
path=tkinter.filedialog.askopenfilename(title="选择公钥文件",filetypes=[("PEM files","*.pem")])
|
|
with open(path, 'rb') as f:
|
|
public_key = f.read()
|
|
public_key = crypto.load_publickey(crypto.FILETYPE_PEM, public_key)
|
|
#加载私钥
|
|
path=tkinter.filedialog.askopenfilename(title="选择私钥文件",filetypes=[("PEM files","*.pem")])
|
|
with open(path, 'rb') as f:
|
|
private_key = f.read()
|
|
private_key = crypto.load_privatekey(crypto.FILETYPE_PEM, private_key)
|
|
cert = crypto.X509()
|
|
cert.get_subject().C = "CN"
|
|
cert.get_subject().ST = "Beijing"
|
|
cert.get_subject().L = "Beijing"
|
|
cert.get_subject().O = "Example Inc."
|
|
cert.get_subject().OU = "IT"
|
|
cert.get_subject().CN = "example.com"
|
|
cert.set_serial_number(1000)
|
|
cert.gmtime_adj_notBefore(0)
|
|
cert.gmtime_adj_notAfter(10*365*24*60*60)
|
|
# 有效期10年
|
|
cert.set_issuer(cert.get_subject())
|
|
cert.set_pubkey(public_key)
|
|
cert.sign(private_key, 'sha256')
|
|
# 保存证书
|
|
cert_pem = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
|
|
path=tkinter.filedialog.asksaveasfilename(title="证书保存",defaultextension=".pem", filetypes=[("PEM files", "*.pem")])
|
|
|
|
try:
|
|
with open(path,'wb') as f:
|
|
f.write(cert_pem)
|
|
except:
|
|
print("保存失败") |