import OpenSSLfrom requests import *import requests_pkcs12from pyquery imp

1. import OpenSSL
2. from requests import *
3. import requests_pkcs12
4. from pyquery import PyQuery as pq
5. import json
6. import os
7.  
8. DOWNLOAD_CERT_URL = "https://dev.missilesys.com/download_cert"
9. SETTINGS_URL = "https://missilesys.com/settings"
10.  
11.  
12. def create_csr(common_name,
13. country=False,
14. state=False,
15. city=False,
16. organization=False,
17. organizational_unit=False,
18. email_address=False,
19. request_ca=False):
20.  
21. key = OpenSSL.crypto.PKey()
22. key.generate_key(OpenSSL.crypto.TYPE_RSA, 2048)
23. req = OpenSSL.crypto.X509Req()
24. req.get_subject().CN = common_name
25. if country:
26. req.get_subject().C = country
27. if state:
28. req.get_subject().ST = state
29. if city:
30. req.get_subject().L = city
31. if organization:
32. req.get_subject().O = organization
33. if organizational_unit:
34. req.get_subject().OU = organizational_unit
35. if email_address:
36. req.get_subject().emailAddress = email_address
37. if request_ca is True:
38. req.add_extensions([
39. OpenSSL.crypto.X509Extension(b"basicConstraints", False, b"CA:TRUE"),
40. ])
41. req.set_pubkey(key)
42. req.sign(key, 'sha256')
43. private_key = OpenSSL.crypto.dump_privatekey(
44. OpenSSL.crypto.FILETYPE_PEM, key)
45. csr = OpenSSL.crypto.dump_certificate_request(
46. OpenSSL.crypto.FILETYPE_PEM, req)
47. return private_key, csr
48.  
49.  
50. def fetch_cert(username, password, outpath=None, request_ca=False):
51. pk, csr = create_csr(common_name=username, request_ca=request_ca)
52. data = {
53. 'username': username,
54. 'password': password,
55. 'privatekey': pk,
56. 'csr': csr
57. }
58. r = post(DOWNLOAD_CERT_URL, data=data, verify=False, stream=True)
59. if not r.status_code == 200:
60. return 0
61. with open(outpath, 'wb') as p12:
62. for chunk in r.iter_content(chunk_size=128):
63. p12.write(chunk)
64. return 1
65.  
66.  
67. def convert_to_pem(inkey, outkey):
68. os.system('openssl pkcs12 -in {} -out {} -nodes'.format(inkey, outkey))
69.  
70.  
71. def sign_request_with_pem(pem, request_csr, outfile):
72. os.system('openssl x509 -req -in {} -CA {} -CAkey {} -CAcreateserial -out {} -days 500 -sha256'.format(
73. request_csr, pem, pem, outfile
74. ))
75.  
76.  
77. def use_certificate_to_create_p12(cer_filename, reqkey, pem, outfile):
78. os.system('openssl pkcs12 -export -out {} -inkey {} -in {} -certfile {}'.format(
79. outfile, reqkey, cer_filename, pem
80. ))
81.  
82.  
83. if __name__ == "__main__":
84.  
85. pw = 'admin'
86. res = fetch_cert(username='admin',
87. password=pw,
88. outpath='ppp.p12',
89. request_ca=True
90. )
91.  
92. csr_filename = 'request.csr'
93. csr_key = 'key.key'
94. csr_req = json.load(open('data.json', 'r'))
95. with open(csr_filename, 'w') as f:
96. f.write(csr_req['csr'])
97. with open(csr_key, 'w') as f:
98. f.write(csr_req['privateKey'])
99.  
100. convert_to_pem('ppp.p12', 'ppp.pem')
101. admin_cer = 'administrator.cer'
102. sign_request_with_pem('ppp.pem', csr_filename, admin_cer)
103. use_certificate_to_create_p12(
104. cer_filename=admin_cer,
105. reqkey=csr_key,
106. pem='ppp.pem',
107. outfile='administrator.p12'
108. )
109.  
110. r = requests_pkcs12.get(url=SETTINGS_URL,
111. pkcs12_filename='administrator.p12',
112. pkcs12_password=pw,
113. verify=False)
114. if r.status_code != 200:
115. print("Settings request failed: {}".format(r.status_code))
116. exit(1)
117.  
118. d = pq(r.text)
119.  
120. print(d("#welcome").text())
121. print(d("#error").text())