Source code for windows.crypto.generation

import windows
from windows import winproxy
from windows.generated_def import *
from windows.crypto import DEFAULT_ENCODING, CertificateStore


[docs] def generate_selfsigned_certificate(name="CN=DEFAULT", prov=None, key_info=None, flags=0, signature_algo=None): """Generate a selfsigned certificate. See `CertCreateSelfSignCertificate <https://msdn.microsoft.com/en-us/library/windows/desktop/aa376039(v=vs.85).aspx>`_ :return: :class:`windows.crypto.Certificate` """ size = ULONG(len(name) + 0x100) buffer = (ctypes.c_ubyte * size.value)() winproxy.CertStrToNameW(X509_ASN_ENCODING, name, CERT_OID_NAME_STR, None, buffer, size, None) blobname = CRYPT_DATA_BLOB(size.value, buffer) cert = winproxy.CertCreateSelfSignCertificate(prov, blobname, flags, key_info, signature_algo, None, None, None) return windows.crypto.Certificate.from_pointer(cert)
[docs] def generate_key(prov, keytype=AT_KEYEXCHANGE, flags=CRYPT_EXPORTABLE): """Generate a keypair if type ``keytype``. :return: :class:`HCRYPTKEY` """ key = HCRYPTKEY() winproxy.CryptGenKey(prov, keytype, flags , key) return key
# print(key[0]) # print("[OK] Key created") # size = DWORD() # winproxy.CryptExportKey(key, None, PRIVATEKEYBLOB, 0, None, size) # buffer = (BYTE * size.value)() # print("needed size = {0}".format(size)) # winproxy.CryptExportKey(key, None, PRIVATEKEYBLOB, 0, buffer, size) # print("[OK] Key in buffer") # keyraw = bytearray(buffer) # # openssl.exe rsa -in key.out -inform MS\PRIVATEKEYBLOB -text # save_as(keyraw, "key.out") # #res = ctypes.WinDLL("advapi32").CryptReleaseContext(prov, 0) # return key
[docs] def generate_pfx(hstore, password=None): """Generate a pfx protected by ``password`` contaning the certificates in ``hstore`` :return: :class:`bytearray` -- The raw PFX """ blob = CRYPT_DATA_BLOB(0, None) winproxy.PFXExportCertStoreEx(hstore, blob, password, None, EXPORT_PRIVATE_KEYS | REPORT_NO_PRIVATE_KEY | REPORT_NOT_ABLE_TO_EXPORT_PRIVATE_KEY) blob.pbData = (ctypes.c_ubyte * blob.cbData)() winproxy.PFXExportCertStoreEx(hstore, blob, password, None, EXPORT_PRIVATE_KEYS | REPORT_NO_PRIVATE_KEY | REPORT_NOT_ABLE_TO_EXPORT_PRIVATE_KEY) return blob.data