pythonChatServerClient/certificate_generation-2.py at main · henrygark/pythonChatServerClient · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111


"""Certificate Generation for CST311 Programming Assignment 4"""
__author__ = "Team 2"
__credits__ = [
  "Henry Garkanian",
  "Ivan Soria",
  "Kyle Stefun",
  "Bryan Zanoli"
]

# Imports.
import subprocess
from getpass import getpass
PASSPHRASE = "CST311"


# define main function
def main():
    common_name = input("Enter a common name: ")

    # Check to see if common_name.txt exists.
    # If it does, overwrite the contents with the new common name.
    with open("./common_name.txt", "w") as f:
        f.write(common_name)

    # Adds the common name and ip address to the /etc/hosts file.
    add_to_hosts()

    # Generates a private key for the server,
    # using the provided passphrase.
    # PASSPHRASE = CA passphrase.
    generate_private_key()

    # Generates a certificate signing request (CSR),
    # for the server using the provided passphrase.
    generate_csr(PASSPHRASE)

    # Generates a certificate for the server using the
    generate_certificate()


# Function to define the IP addresses and common name of the server to the /etc/hosts file.
def add_to_hosts():
    # Read the common name from the file
    with open("./common_name.txt", "r") as f:
        common_name = f.readline().strip()

   # Defines the IP address of the server.
    server_ip = "10.0.2.14"

    # Constructs the entry.
    hosts_entry = f"{server_ip} {common_name}"

    # Command to append the entry to /etc/hosts.
    command = f"echo '{hosts_entry}' | sudo tee -a /etc/hosts"

    # Run the command.
    subprocess.run(command, shell=True, check=True)

# Function that generates a private key for the
# server using the openssl genrsa command.def.
def generate_private_key():
    # PASSPHRASE = getpass("Enter a passphrase for tpa4.chat.test-key.pem: ").

    # Command to generate the private key.
    command = f"openssl genrsa -aes256 -out tpa4.chat.test-key.pem -passout pass:{PASSPHRASE} 2048"

    # Run the command
    subprocess.run(command, shell=True, check=True)

    return PASSPHRASE

# Function to generate certificate signing.
def generate_csr(PASSPHRASE):

    # Gets the common name from the file.
    with open("./common_name.txt", "r") as f:
        common_name = f.readline().strip()

    # Command to generate the CSR
    command = [
        "openssl", "req", "-nodes", "-new", "-config" ,"/etc/ssl/openssl.cnf",
        "-key", "tpa4.chat.test-key.pem",
        "-out", "tpa4.chat.test.csr",
        "-passin", f"pass:{PASSPHRASE}",
        "-subj", f"/C=US/ST=CA/L=Seaside/O=CST311/OU=Networking/CN={common_name}"
    ]

    # Run the command.
    subprocess.run(command, check=True)

# Function that generates a certificate from the CSRs using the openssl x509 command.
def generate_certificate():
    # Command to generate the certificate.
    command = [
        "openssl", "x509", "-req",
        "-in", "tpa4.chat.test.csr",
        "-CA", "/etc/ssl/demoCA/cacert.pem",
        "-CAkey", "/etc/ssl/demoCA//private/cakey.pem",
        "-CAcreateserial",
        "-out", "tpa4.chat.test.pem", #UPDATED
        "-days", "365"
    ]

    # Run the command.
    subprocess.run(command, check=True)

# This helps shield code from running when we import the module.
if __name__ == "__main__":
    main()