aoki.management.commands.aoki_gen_test_certs

Generates a testing IDevID PKI and associated Owner Certificate PKI for AOKI testing.

Attributes

TEST_SERIAL_NUMBER

CURRENT_DIR

CERTS_DIR

Classes

Command

Command to check for certificates using insufficient RSA key lengths.

AokiTestCertGenerator

Generates a testing IDevID PKI and associated Owner Certificate PKI for AOKI testing.

Functions

write_private_key(key, file)

Write the private key to a PEM file.

write_cert_pem(cert, file)

Write the certificate to a PEM file.

Module Contents

aoki.management.commands.aoki_gen_test_certs.TEST_SERIAL_NUMBER = '4212'[source]
aoki.management.commands.aoki_gen_test_certs.CURRENT_DIR[source]
aoki.management.commands.aoki_gen_test_certs.CERTS_DIR[source]
class aoki.management.commands.aoki_gen_test_certs.Command(stdout=None, stderr=None, no_color=False, force_color=False)[source]

Bases: django.core.management.base.BaseCommand

Command to check for certificates using insufficient RSA key lengths.

help = 'Check certificates with insufficient key lengths.'[source]
handle(*args, **kwargs)[source]

Entrypoint for the command.

Parameters:

  • *args (Any) – Additional positional arguments.

  • **kwargs (Any) – Additional keyword arguments.

Return type:

None

aoki.management.commands.aoki_gen_test_certs.write_private_key(key, file)[source]

Write the private key to a PEM file.

Parameters:

  • key (trustpoint_core.crypto_types.PrivateKey)

  • file (pathlib.Path)

Return type:

None

aoki.management.commands.aoki_gen_test_certs.write_cert_pem(cert, file)[source]

Write the certificate to a PEM file.

Parameters:

  • cert (cryptography.x509.Certificate)

  • file (pathlib.Path)

Return type:

None

class aoki.management.commands.aoki_gen_test_certs.AokiTestCertGenerator[source]

Generates a testing IDevID PKI and associated Owner Certificate PKI for AOKI testing.

static generate_idevid_pki()[source]

Generates a testing IDevID PKI.

Return type:

cryptography.x509.Certificate

static generate_owner_id_cert(idevid_cert)[source]

Generate the DeviceOwnerID certificate.

Parameters:

idevid_cert (cryptography.x509.Certificate)

Return type:

None