##
# Create a RSA public/private key pair and store it inside the keypair object
- def create(self):\r
+ def create(self):
self.key = crypto.PKey()
self.key.generate_key(crypto.TYPE_RSA, 1024)
# several addition features, such as the ability to maintain a chain of
# parent certificates, and storage of application-specific data.
#
-# Certificates include the ability to maintain a chain of parents. Each\r
-# certificate includes a pointer to it's parent certificate. When loaded\r
-# from a file or a string, the parent chain will be automatically loaded.\r
-# When saving a certificate to a file or a string, the caller can choose\r
-# whether to save the parent certificates as well.\r
+# Certificates include the ability to maintain a chain of parents. Each
+# certificate includes a pointer to it's parent certificate. When loaded
+# from a file or a string, the parent chain will be automatically loaded.
+# When saving a certificate to a file or a string, the caller can choose
+# whether to save the parent certificates as well.
class Certificate:
digest = "md5"
##
# Create a certificate object.
- #\r
- # @param create If create==True, then also create a blank X509 certificate.\r
- # @param subject If subject!=None, then create a blank certificate and set\r
- # it's subject name.\r
- # @param string If string!=None, load the certficate from the string.\r
- # @param filename If filename!=None, load the certficiate from the file.\r
+ #
+ # @param create If create==True, then also create a blank X509 certificate.
+ # @param subject If subject!=None, then create a blank certificate and set
+ # it's subject name.
+ # @param string If string!=None, load the certficate from the string.
+ # @param filename If filename!=None, load the certficiate from the file.
def __init__(self, create=False, subject=None, string=None, filename=None):
if create or subject:
# Verify the authenticity of a certificate.
# @param pkey is a Keypair object representing a public key. If Pkey
# did not sign the certificate, then an exception will be thrown.
-\r
+
def verify(self, pkey):
# pyOpenSSL does not have a way to verify signatures
m2x509 = X509.load_cert_string(self.save_to_string())
# trusted certificate.
#
# Verification is a basic recursion: <pre>
- # if this_certificate was signed by trusted_certs:\r
- # return\r
- # else\r
- # return verify_chain(parent, trusted_certs)\r
- # </pre>\r
- #\r
+ # if this_certificate was signed by trusted_certs:
+ # return
+ # else
+ # return verify_chain(parent, trusted_certs)
+ # </pre>
+ #
# At each recursion, the parent is tested to ensure that it did sign the
# child. If a parent did not sign a child, then an exception is thrown. If
# the bottom of the recursion is reached and the certificate does not match
# a trusted root, then an exception is thrown.
#
- # @param Trusted_certs is a list of certificates that are trusted.\r
+ # @param Trusted_certs is a list of certificates that are trusted.
#
def verify_chain(self, trusted_certs = None):
git://git.onelab.eu / sfa.git / commitdiff