Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / pyopenssl / 8b7e455b8603248dccb115ee4cd381ebc6434f20^! / . / examples / mk_simple_certs.py
commit8b7e455b8603248dccb115ee4cd381ebc6434f20[log] [tgz]
authorHynek Schlawack <hs@ox.cx>Sun Mar 13 07:51:09 2016 +0100
committerHynek Schlawack <hs@ox.cx>Sun Mar 13 07:51:09 2016 +0100
tree1ce381cdba91b93a32a2ddc69916dfa81c95d305
parent61630a000b91c9a2b6ac743d5ae2172981dc18cb [diff] [blame]
Polish up examples (somewhat)

- Mention them in the docs (arguably a bit hamfistedly).
- Make the README an RST.
- Make them pass flake8 and add flake8 to tox.ini

They should all be rewritten and made Python 3-friendly but that's out
of scope here.

diff --git a/examples/mk_simple_certs.py b/examples/mk_simple_certs.py
index 7129f13..f0416cd 100644
--- a/examples/mk_simple_certs.py
+++ b/examples/mk_simple_certs.py

@@ -2,27 +2,49 @@
 Create certificates and private keys for the 'simple' example.
 """
 
+from __future__ import print_function
+
 from OpenSSL import crypto
-from certgen import *   # yes yes, I know, I'm lazy
-cakey = createKeyPair(TYPE_RSA, 2048)
+from certgen import (
+    createKeyPair,
+    createCertRequest,
+    createCertificate,
+)
+
+cakey = createKeyPair(crypto.TYPE_RSA, 2048)
 careq = createCertRequest(cakey, CN='Certificate Authority')
-cacert = createCertificate(careq, (careq, cakey), 0, (0, 60*60*24*365*5)) # five years
+# CA certificate is valid for five years.
+cacert = createCertificate(careq, (careq, cakey), 0, (0, 60*60*24*365*5))
 
 print('Creating Certificate Authority private key in "simple/CA.pkey"')
 with open('simple/CA.pkey', 'w') as capkey:
-    capkey.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, cakey).decode('utf-8'))
+    capkey.write(
+        crypto.dump_privatekey(crypto.FILETYPE_PEM, cakey).decode('utf-8')
+    )
+
 print('Creating Certificate Authority certificate in "simple/CA.cert"')
 with open('simple/CA.cert', 'w') as ca:
-    ca.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cacert).decode('utf-8'))
+    ca.write(
+        crypto.dump_certificate(crypto.FILETYPE_PEM, cacert).decode('utf-8')
+    )
 
-for (fname, cname) in [('client', 'Simple Client'), ('server', 'Simple Server')]:
-    pkey = createKeyPair(TYPE_RSA, 2048)
+for (fname, cname) in [('client', 'Simple Client'),
+                       ('server', 'Simple Server')]:
+    pkey = createKeyPair(crypto.TYPE_RSA, 2048)
     req = createCertRequest(pkey, CN=cname)
-    cert = createCertificate(req, (cacert, cakey), 1, (0, 60*60*24*365*5)) # five years
-    print('Creating Certificate %s private key in "simple/%s.pkey"' % (fname, fname))
-    with open('simple/%s.pkey' % (fname,), 'w') as leafpkey:
-        leafpkey.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey).decode('utf-8'))
-    print('Creating Certificate %s certificate in "simple/%s.cert"' % (fname, fname))
-    with open('simple/%s.cert' % (fname,), 'w') as leafcert:
-        leafcert.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode('utf-8'))
+    # Certificates are valid for five years.
+    cert = createCertificate(req, (cacert, cakey), 1, (0, 60*60*24*365*5))
 
+    print('Creating Certificate %s private key in "simple/%s.pkey"'
+          % (fname, fname))
+    with open('simple/%s.pkey' % (fname,), 'w') as leafpkey:
+        leafpkey.write(
+            crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey).decode('utf-8')
+        )
+
+    print('Creating Certificate %s certificate in "simple/%s.cert"'
+          % (fname, fname))
+    with open('simple/%s.cert' % (fname,), 'w') as leafcert:
+        leafcert.write(
+            crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode('utf-8')
+        )