I'm trying to generate a CSR in Python without using OpenSSL. If someone could point in the right direction, I'd be very grateful.
相关问题
- how to define constructor for Python's new Nam
- streaming md5sum of contents of a large remote tar
- How to get the background from multiple images by
- Evil ctypes hack in python
- Correctly parse PDF paragraphs with Python
I started to implement a CSR generator using PyCrypto and PyASN1 during the last few days. The first code is available at https://github.com/jandd/python-pkiutils
I assume you don't want to use the command line openssl itself and a Python lib is ok.
Here is an helper function I wrote to create a CSR. It returns the private key from the generated key pair and the CSR. The function depends on pyOpenSSL.crypto.
Like any language, Python just implements algorithms. I know next to nothing about cryptography, but if I had to implement this in Python, I would look for a specification on how to implement CSR.
Via Google and Wikipedia I found this RFC. Your task would be to implement this in Python.
Personally I'd probably first try to use a the command line tool (perhaps via a call to the
system()
function if it needed to be from Python).m2crypto could be a solution (see CreateX509Request in the contrib example), although it relies OpenSSL.
You could also use python-nss, which uses Mozilla's NSS library.
nss.nss.CertificateRequest
was added quite recently. The API documentation available at the moment on the website isn't up to date, but here are some pointers for newer versions:It's also in CVS: