z%i$ ddlZddlZddlZddlZddldZdZdZejjejje Z d/dZ dZdZd Zd Zed k(rej&e e d d \ZZedd5Zej1edddedd5Zej1edddedegdegdedd5Zej1eej1edddedd5Zej1edddee dd \ZZedd5Zej1eej1eddde d d\ZZedd5Zej1eej1eddde dd\ZZedd5Zej1eej1eddde ddd \ZZed!d5Zej1eej1edddgd"Ze d#dd$j9e%\ZZed&d5Zej1eej1edddgd'Ze d(dd$j9e%\ZZed)d5Zej1eej1eddde d*dd+,\ZZed-d5Zej1eej1edddeed.ededyy#1swYxYw#1swYxYw#1swY`xYw#1swYJxYw#1swYxYw#1swYxYw#1swYxYw#1swYrxYw#1swY*xYw#1swYxYw#1swYxYw)0N)*20180829142316Z20371028142316Za [ default ] base_url = http://testca.pythontest.net/testca [req] distinguished_name = req_distinguished_name prompt = no [req_distinguished_name] C = XY L = Castle Anthrax O = Python Software Foundation CN = {hostname} [req_x509_extensions_nosan] [req_x509_extensions_simple] subjectAltName = @san [req_x509_extensions_full] subjectAltName = @san keyUsage = critical,keyEncipherment,digitalSignature extendedKeyUsage = serverAuth,clientAuth basicConstraints = critical,CA:false subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always,issuer:always authorityInfoAccess = @issuer_ocsp_info crlDistributionPoints = @crl_info [ issuer_ocsp_info ] caIssuers;URI.0 = $base_url/pycacert.cer OCSP;URI.0 = $base_url/ocsp/ [ crl_info ] URI.0 = $base_url/revocation.crl [san] DNS.1 = {hostname} {extra_san} [dir_sect] C = XY L = Castle Anthrax O = Python Software Foundation CN = dirname example [princ_name] realm = EXP:0, GeneralString:KERBEROS.REALM principal_name = EXP:1, SEQUENCE:principal_seq [principal_seq] name_type = EXP:0, INTEGER:1 name_string = EXP:1, SEQUENCE:principals [principals] princ1 = GeneralString:username [ ca ] default_ca = CA_default [ CA_default ] dir = cadir database = $dir/index.txt crlnumber = $dir/crl.txt default_md = sha256 startdate = {startdate} default_startdate = {startdate} enddate = {enddate} default_enddate = {enddate} default_days = 7000 default_crl_days = 7000 certificate = pycacert.pem private_key = pycakey.pem serial = $dir/serial RANDFILE = $dir/.rand policy = policy_match [ policy_match ] countryName = match stateOrProvinceName = optional organizationName = match organizationalUnitName = optional commonName = supplied emailAddress = optional [ policy_anything ] countryName = optional stateOrProvinceName = optional localityName = optional organizationName = optional organizationalUnitName = optional commonName = supplied emailAddress = optional [ v3_ca ] subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer basicConstraints = CA:true ctd|zg}tdD]<}tjd5}|j |j ddd>|\}} } t j||tt} t|d5}|j| dddddd d d d |d | d|d|g } |rNtjd5}|j |j |j } ddd| d gz } n| dd| gz } tdg| z|rdd|d|d| dddddd g} tdg| zt| d5}|j}dddt| d5}|j}ddd|f|D]}tj|S#1swYxYw#1swYxYw#1swYxYw#1swYtxYw#1swY[xYw#|D]}tj|wxYw)Nzcreating cert for F)deletehostname extra_san startdateenddatewreq-new-nodesz-days7000-newkey-keyout -extensions-config-outz-x509opensslca-outdircadirz-policypolicy_anything-batch-infilesr)printrangetempfileNamedTemporaryFileappendname req_templateformatr r openwrite check_callreadosremove)r signr extkey tempnamesifreq_file cert_filekey_filerargsreqfilecertr%s G/home/uftp/.pyenv/versions/3.12.0/lib/python3.12/test/make_ssl_certs.py make_cert_keyr;ws;  )*I 1X%  ( ( 6 %!   QVV $ % %%%.!Hi+!! "  (C  A GGCL vx&3 8s8% ,,E: !a  (&& ! VW& &D Wfi1 1DI;%& 8s 7,*gD  {T) *)S ! Q668D  (C  A&&(C Sy D IIdO [ % %   ! !,     D IIdO sxF*"-G(F7!/G((G8AG( GG(1G G(*F4 7G<G(G  G(GG(G%!G((Hrc6tjty)N)shutilrmtree TMP_CADIRr: unmake_carBs MM)rAc$tjtttjj ddd5} dddttjj ddd5}|j ddddttjj ddd5}|j ddddttjj dd d 5}|j d dddtjd 5}tjd d tt}|j ||jtj5}dd|jddddddd|jddg }tdg|zdd|jddddtddd d!d"d#|jg}tdg|zdd|jd$dd%g}tdg|zddddddtgd&t!j"d'd(y#1swYxYw#1swYxYw#1swYxYw#1swY]xYw#1swYixYw#1swYmxYw))Nrz index.txta+zcrl.txt00zindex.txt.attrzw+zunique_subject = noserialrzCB2D80995A69525B z our-ca-serverr rrrrrrsa:3072rz pycakey.pemrz-subjzG/C=XY/L=Castle Anthrax/O=Python Software Foundation CA/CN=our-ca-serverrr pycacert.pemrrz-keyfilez -selfsignrv3_carz-gencrlzrevocation.crl)rx509-inrIrcapath/ceff1710.0rMzcapath/b1930218.0)r,mkdirr?r(pathjoinr)r"r#r&r'r r flushr%r*r=copy)r3trr7s r:make_carTsGHHY bggll7;/ 5   bggll79-d 3q   bggll7#34T :'a %&' bggll78,c 2&a $%&  $ $S )+Q!!$ "      ( ( * +a9afffz}AFFf hD  {T) *)QVVNHi QVVND  {T) *)QVVY@PQD  {T) * ++4 KK#%89O  ''&& + +++sVI8I<I I-/AJB I:JII I*-I7:J ?JJcTddl}tj|j|y)Nr)_sslpprint_test_decode_cert)rOrVs r: print_certrYs MM$((./rA__main__ localhostreq_x509_extensions_simple)r/z ssl_cert.pemr ssl_key.pemz5password protecting ssl_key.pem in ssl_key.passwd.pem) rpkeyrLr]rzssl_key.passwd.pem-aes256-passout pass:somepass) rr^rLr]rkeycert.passwd.pemr_r`raz keycert.pemrbrD fakehostnamez keycert2.pemT)r.z keycert3.pemz keycert4.pemz localhost-ecczparam:secp384r1.pem)r.r0zkeycertecc.pem) z0otherName.1 = 1.2.3.4;UTF8:some other identifierz/otherName.2 = 1.3.6.1.5.2.2;SEQUENCE:princ_namezemail.1 = user@example.orgzDNS.2 = www.example.orgzdirName.1 = dir_sectzURI.1 = https://www.python.org/zIP.1 = 127.0.0.1z IP.2 = ::1zRID.1 = 1.2.3.4.5allsans )r.r z allsans.pem)z'DNS.2 = xn--knig-5qa.idn.pythontest.netz6DNS.3 = xn--knigsgsschen-lcb0w.idna2003.pythontest.netz6DNS.4 = xn--knigsgchen-b4a3dun.idna2008.pythontest.netz,DNS.5 = xn--nxasmq6b.idna2003.pythontest.netz,DNS.6 = xn--nxasmm1c.idna2008.pythontest.netidnsansz idnsans.pemnosanreq_x509_extensions_nosan)r.r/z nosan.pemz>update Lib/test/test_ssl.py and Lib/test/test_asyncio/utils.py)FrGreq_x509_extensions_fullrH)r,rWr=r" subprocessr r r&rOabspathdirname__file__herer;r?rBrTrY__name__chdirr9r0r(r3r)r r*r rPr@rAr:rqs   e N wwrwwx01356@3j  ):X0  z BHHTNk/KLID# nc "a   mS !Q   ABvwvw mS !Q     "D )Q   In2NOID# nc "a    k5ID# nc "a    n48ID# nc "a    d(=ID#  $     Iiddii >RSID# mS !Q     Iiddii >RSID# mS !Q    gD6QRID# k3 1    K JK}~m    &" sM3M&2#M3&N#N #N#N'!#N46#O #O #OM#&M03M=N  NN$'N14N>O OO#