From dev-python at smartology.nl Mon Mar 1 08:44:16 2004 From: dev-python at smartology.nl (Remy C. Cool) Date: Mon, 1 Mar 2004 08:44:16 +0100 Subject: [pyOpenSSL] Build on Windows with Python 2.3.3 In-Reply-To: <1077896491.5800.7.camel@sheriffpony> References: <200402271553.28046.dev-python@smartology.nl> <1077896491.5800.7.camel@sheriffpony> Message-ID: <200403010844.17023.dev-python@smartology.nl> On Friday 27 February 2004 16:57, Itamar Shtull-Trauring wrote: > We added a download of pyOpenSSL for windows on the twisted site > recently: http://twistedmatrix.com/products/download#TwistedDeps > > The 2.2 one may not be built with a recent version of OpenSSL, but > the 2.3 one probably is. Thanks for the link, at least we can now go on testing. Maybe the file can be stored here so people can find it more easily. But if anyone does know something on compiling pyOpenSSL with MingW32 and the DLL loading problems discribed in my previous message, please let me know. Remy From dev-python at smartology.nl Tue Mar 9 19:56:59 2004 From: dev-python at smartology.nl (Remy C. Cool) Date: Tue, 9 Mar 2004 19:56:59 +0100 Subject: [pyOpenSSL] Creating certificates Message-ID: <200403091956.59802.dev-python@smartology.nl> Hello, Two short questions: According to the doc string in createCertRequest (certgen.py) it must be possible to enter SP and email arguments, but both fail in my test code. I used mk_simple_certs.py as a base changing the line: careq = createCertRequest(cakey, CN='Certificate Authority') into careq = createCertRequest(cakey, CN='Certificate Authority', SP='State', email='me at here.net') Any solutions? And I would like to know if it's possible to create a (CA) certificate with a passphrase/password using pyOpenSSL? Remy From dev-python at smartology.nl Wed Mar 10 08:11:27 2004 From: dev-python at smartology.nl (Remy C. Cool) Date: Wed, 10 Mar 2004 08:11:27 +0100 Subject: [pyOpenSSL] Creating certificates In-Reply-To: <200403091956.59802.dev-python@smartology.nl> References: <200403091956.59802.dev-python@smartology.nl> Message-ID: <200403100811.28166.dev-python@smartology.nl> On Tuesday 09 March 2004 19:56, Remy C. Cool wrote: > Hello, > > Two short questions: > > According to the doc string in createCertRequest (certgen.py) it > must be possible to enter SP and email arguments, but both fail in > my test code. I used mk_simple_certs.py as a base changing the > line: > > careq = createCertRequest(cakey, CN='Certificate Authority') > into > careq = createCertRequest(cakey, CN='Certificate Authority', > SP='State', email='me at here.net') > > Any solutions? Found'em When you use 'ST' instead of 'SP' and 'emailAddress' instead of 'email' the certificates are generated without any problems. Is this a bug in the doc-string or something system dependent? So, if anyone knows the answer to the second question ... please let me know. > And I would like to know if it's possible to create a (CA) > certificate with a passphrase/password using pyOpenSSL? From dev-python at smartology.nl Wed Mar 10 08:33:38 2004 From: dev-python at smartology.nl (Remy C. Cool) Date: Wed, 10 Mar 2004 08:33:38 +0100 Subject: [pyOpenSSL] Creating certificates In-Reply-To: <200403100811.28166.dev-python@smartology.nl> References: <200403091956.59802.dev-python@smartology.nl> <200403100811.28166.dev-python@smartology.nl> Message-ID: <200403100833.38642.dev-python@smartology.nl> On Wednesday 10 March 2004 08:11, Remy C. Cool wrote: > On Tuesday 09 March 2004 19:56, Remy C. Cool wrote: > > Hello, > > > > Two short questions: > > > > According to the doc string in createCertRequest (certgen.py) it > > must be possible to enter SP and email arguments, but both fail > > in my test code. I used mk_simple_certs.py as a base changing the > > line: > > > > careq = createCertRequest(cakey, CN='Certificate Authority') > > into > > careq = createCertRequest(cakey, CN='Certificate Authority', > > SP='State', email='me at here.net') > > > > Any solutions? > > Found'em > > When you use 'ST' instead of 'SP' and 'emailAddress' instead of > 'email' the certificates are generated without any problems. > Is this a bug in the doc-string or something system dependent? > > So, if anyone knows the answer to the second question ... please > let me know. > > > And I would like to know if it's possible to create a (CA) > > certificate with a passphrase/password using pyOpenSSL? Hmm, reading the source and manuals - again - did help (duh). Writing the key to ie. disk: crypto.dump_privatekey(type, pkey[, cipher, passphrase]) Reading the key from ie. disk: crypto.load_privatekey(type, buffer[, passphrase]) From chr1701 at yahoo.com Thu Mar 11 16:08:21 2004 From: chr1701 at yahoo.com (Christoph Rupp) Date: Thu, 11 Mar 2004 07:08:21 -0800 (PST) Subject: [pyOpenSSL] sign file with private key Message-ID: <20040311150821.83482.qmail@web20418.mail.yahoo.com> Hi list! I need some basic help with OpenSSL. I want a python script to sign a file with my private key, and later another python script should check the signature with my public key. (the file is an xml file < 4 kb). I have a private key and a public key, but i just have no idea how to use them in OpenSSL. All examples i have found usually show how to open SSL connections, but i have never found an example which loads a private key, encodes (or signs) a file, loads the public key and decodes it (or checks the signature, resp.). And my knowledge about OpenSSL is really basic, so i have no clue. If anyone of you can give me a link to a tutorial, either in Python, C, C++ or even Perl, or any other advice/pseudo code/snippet etc, i would be very grateful :) Thank you very much! Chris __________________________________ Do you Yahoo!? Yahoo! Search - Find what you?re looking for faster http://search.yahoo.com From ruach at chpc.utah.edu Tue Mar 23 21:16:43 2004 From: ruach at chpc.utah.edu (Matthew Thorley) Date: Tue, 23 Mar 2004 13:16:43 -0700 Subject: [pyOpenSSL] openssl cert request passphrase Message-ID: <200403231316.43053.ruach@chpc.utah.edu> When using openssl from the command line to create a certificate request I am propted for a password. I was wondering how to do the same thing with pyOpenSSL. I looked at the example mk_simple_cert.py and everything is clear but what I am not sure how to do is to add a passphrase to the privatekey ? Can any one explain how this is done ? thanks -- Matthew Thorley Center for High Performance Computing, University of Utah ruach at chpc.utah.edu Ph: (801)585.7821 Cl: (801)560.3438 http://elijah.chpc.utah.edu "What's he that wishes so? My cousin Westmoreland? No, my fair cousin: If we are mark'd to die, we are enow To do our country loss; and if to live, The fewer men, the greater share of honour. God's will! I pray thee, wish not one man more... Rather proclaim it, Westmoreland, through my host, That he which hath no stomach to this fight, Let him depart; his passport shall be made And crowns for convoy put into his purse: We would not die in that man's company That fears his fellowship to die with us... We few, we happy few, we band of brothers; For he to-day that sheds his blood with me Shall be my brother; be he ne'er so vile, This day shall gentle his condition: And gentlemen in England now a-bed Shall think themselves accursed they were not here, And hold their manhoods cheap whiles any speaks That fought with us upon Saint Crispin's day." --KING HENRY V | Act 4, Scene 3 From dev-python at smartology.nl Wed Mar 24 08:00:58 2004 From: dev-python at smartology.nl (Remy C. Cool) Date: Wed, 24 Mar 2004 08:00:58 +0100 Subject: [pyOpenSSL] openssl cert request passphrase In-Reply-To: <200403231316.43053.ruach@chpc.utah.edu> References: <200403231316.43053.ruach@chpc.utah.edu> Message-ID: <200403240800.58467.dev-python@smartology.nl> On Tuesday 23 March 2004 21:16, Matthew Thorley wrote: > When using openssl from the command line to create a certificate > request I am propted for a password. I was wondering how to do the > same thing with pyOpenSSL. I looked at the example > mk_simple_cert.py and everything is clear but what I am not sure > how to do is to add a passphrase to the privatekey ? > > Can any one explain how this is done ? Havn't tried this my self yet, but if you look in the (HTML) documentation on the crypto module you can find two methods: dump_privatekey(type, pkey[, cipher, passphrase]) and load_privatekey(type, buffer[, passphrase]), where a passphrase can be entered. Also take a look at the pyOpenssl examples on generating certs and a working solution can be created ... at least that's my theory. Remy