Last active
November 30, 2023 14:50
-
-
Save CBonnell/a46f9065f121bcb1b88c02e1204fd4eb to your computer and use it in GitHub Desktop.
Generate a CSR Attributes with AcpNodeName in SAN
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from pyasn1_alt_modules import rfc2986, rfc2985, rfc5280, rfc8994, rfc7030 | |
from pyasn1.codec.der.encoder import encode | |
import base64 | |
gn = rfc5280.GeneralName() | |
acp_name = gn['otherName'] | |
acp_name['type-id'] = rfc8994.id_on_AcpNodeName | |
acp_name['value'] = rfc8994.AcpNodeName('fd89b714f3db00000200000064000000+area51.research@acp.example.com') | |
san_ext = rfc5280.SubjectAltName() | |
san_ext.append(gn) | |
ext = rfc5280.Extension() | |
ext['extnID'] = rfc5280.id_ce_subjectAltName | |
ext['critical'] = True | |
ext['extnValue'] = encode(san_ext) | |
exts = rfc5280.Extensions() | |
exts.append(ext) | |
attr = rfc2986.Attribute() | |
attr['type'] = rfc2985.pkcs_9_at_extensionRequest | |
attr['values'].append(exts) | |
attrs = rfc7030.CsrAttrs() | |
attr_or_oid = rfc7030.AttrOrOID() | |
attr_or_oid['attribute'] = attr | |
attrs.append(attr_or_oid) | |
der = encode(attrs) | |
print(f'Hex: {der.hex()}') | |
print(f'B64: {base64.b64encode(der).decode()}' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment