MCPcopy
hub / github.com/pyca/cryptography / _generate_root

Function _generate_root

tests/x509/test_ocsp.py:43–69  ·  view source on GitHub ↗
(private_key=None, algorithm=hashes.SHA256())

Source from the content-addressed store, hash-verified

41
42
43def _generate_root(private_key=None, algorithm=hashes.SHA256()):
44 from cryptography.hazmat.backends.openssl.backend import backend
45
46 if private_key is None:
47 private_key = EC_KEY_SECP256R1.private_key(backend)
48
49 subject = x509.Name(
50 [
51 x509.NameAttribute(x509.NameOID.COUNTRY_NAME, "US"),
52 x509.NameAttribute(x509.NameOID.COMMON_NAME, "Cryptography CA"),
53 ]
54 )
55
56 builder = (
57 x509.CertificateBuilder()
58 .serial_number(123456789)
59 .issuer_name(subject)
60 .subject_name(subject)
61 .public_key(private_key.public_key())
62 .not_valid_before(datetime.datetime.now())
63 .not_valid_after(
64 datetime.datetime.now() + datetime.timedelta(days=3650)
65 )
66 )
67
68 cert = builder.sign(private_key, algorithm, backend)
69 return cert, private_key
70
71
72def _check_ocsp_response_times(

Calls 7

not_valid_afterMethod · 0.80
not_valid_beforeMethod · 0.80
public_keyMethod · 0.45
subject_nameMethod · 0.45
issuer_nameMethod · 0.45
serial_numberMethod · 0.45
signMethod · 0.45

Tested by

no test coverage detected