├── .gitignore ├── LICENSE ├── README.md ├── pyproject.toml └── trustme_cli.py /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | build/ 12 | develop-eggs/ 13 | dist/ 14 | downloads/ 15 | eggs/ 16 | .eggs/ 17 | lib/ 18 | lib64/ 19 | parts/ 20 | sdist/ 21 | var/ 22 | wheels/ 23 | pip-wheel-metadata/ 24 | share/python-wheels/ 25 | *.egg-info/ 26 | .installed.cfg 27 | *.egg 28 | MANIFEST 29 | 30 | # PyInstaller 31 | # Usually these files are written by a python script from a template 32 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 33 | *.manifest 34 | *.spec 35 | 36 | # Installer logs 37 | pip-log.txt 38 | pip-delete-this-directory.txt 39 | 40 | # Unit test / coverage reports 41 | htmlcov/ 42 | .tox/ 43 | .nox/ 44 | .coverage 45 | .coverage.* 46 | .cache 47 | nosetests.xml 48 | coverage.xml 49 | *.cover 50 | *.py,cover 51 | .hypothesis/ 52 | .pytest_cache/ 53 | 54 | # Translations 55 | *.mo 56 | *.pot 57 | 58 | # Django stuff: 59 | *.log 60 | local_settings.py 61 | db.sqlite3 62 | db.sqlite3-journal 63 | 64 | # Flask stuff: 65 | instance/ 66 | .webassets-cache 67 | 68 | # Scrapy stuff: 69 | .scrapy 70 | 71 | # Sphinx documentation 72 | docs/_build/ 73 | 74 | # PyBuilder 75 | target/ 76 | 77 | # Jupyter Notebook 78 | .ipynb_checkpoints 79 | 80 | # IPython 81 | profile_default/ 82 | ipython_config.py 83 | 84 | # pyenv 85 | .python-version 86 | 87 | # pipenv 88 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. 89 | # However, in case of collaboration, if having platform-specific dependencies or dependencies 90 | # having no cross-platform support, pipenv may install dependencies that don't work, or not 91 | # install all needed dependencies. 92 | #Pipfile.lock 93 | 94 | # celery beat schedule file 95 | celerybeat-schedule 96 | 97 | # SageMath parsed files 98 | *.sage.py 99 | 100 | # Environments 101 | .env 102 | .venv 103 | env/ 104 | venv/ 105 | ENV/ 106 | env.bak/ 107 | venv.bak/ 108 | 109 | # Spyder project settings 110 | .spyderproject 111 | .spyproject 112 | 113 | # Rope project settings 114 | .ropeproject 115 | 116 | # mkdocs documentation 117 | /site 118 | 119 | # mypy 120 | .mypy_cache/ 121 | .dmypy.json 122 | dmypy.json 123 | 124 | # Pyre type checker 125 | .pyre/ 126 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2019 Seth Michael Larson 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in 13 | all copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 21 | THE SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | **The full functionality of this repository has been merged into [python-trio/trustme](https://github.com/python-trio/trustme)** 2 | 3 | ``` 4 | $ python -m pip install trustme 5 | $ python -m trustme -i example.com 6 | ``` 7 | -------------------------------------------------------------------------------- /pyproject.toml: -------------------------------------------------------------------------------- 1 | [build-system] 2 | requires = ["flit"] 3 | build-backend = "flit.buildapi" 4 | 5 | [tool.flit.metadata] 6 | module = "trustme_cli" 7 | author = "Seth Michael Larson" 8 | author-email = "sethmichaellarson@gmail.com" 9 | home-page = "https://github.com/sethmlarson/trustme-cli" 10 | classifiers = ["License :: OSI Approved :: MIT License"] 11 | requires-python = ">=3.6" 12 | requires = ["trustme"] 13 | 14 | [tool.flit.scripts] 15 | trustme-cli = "trustme_cli:main" 16 | -------------------------------------------------------------------------------- /trustme_cli.py: -------------------------------------------------------------------------------- 1 | """A simple tool that generates certificates for local testing""" 2 | 3 | import argparse 4 | import pathlib 5 | import trustme 6 | import typing 7 | import os 8 | import sys 9 | 10 | __all__ = ["main"] 11 | __version__ = "2020.2.28" 12 | 13 | 14 | def main(argv: typing.Sequence[str] = None) -> None: 15 | parser = argparse.ArgumentParser(prog="trustme-cli") 16 | parser.add_argument( 17 | "-d", 18 | "--dir", 19 | default=os.getcwd(), 20 | help="Directory where certificates and keys are written to. Defaults to cwd", 21 | ) 22 | parser.add_argument( 23 | "-i", 24 | "--identities", 25 | nargs="+", 26 | default=("localhost", "127.0.0.1", "::1"), 27 | help="Identities for the certificate. Defaults to ", 28 | ) 29 | parser.add_argument( 30 | "--common-name", 31 | nargs=1, 32 | default=None, 33 | help="Also sets the deprecated 'commonName' field for all relevant identities", 34 | ) 35 | parser.add_argument( 36 | "--key-size", 37 | type=int, 38 | default=2048, 39 | help="Key size of the certificate generated. Defaults to 2048", 40 | ) 41 | parser.add_argument( 42 | "-q", 43 | "--quiet", 44 | action="store_true", 45 | help="Doesn't print out helpful information for humans", 46 | ) 47 | 48 | args = parser.parse_args(argv or sys.argv[1:]) 49 | if len(args.identities) < 1: 50 | raise ValueError("Must include at least one identity") 51 | cert_dir = pathlib.Path(args.dir) 52 | if not cert_dir.is_dir(): 53 | raise ValueError(f"--dir={cert_dir} is not a directory") 54 | common_name = args.common_name[0] if args.common_name else None 55 | 56 | # Generate the CA certificate 57 | trustme._KEY_SIZE = args.key_size 58 | ca = trustme.CA() 59 | cert = ca.issue_cert(*args.identities, common_name=common_name) 60 | 61 | # Write the certificate and private key the server should use 62 | server_key = cert_dir / "server.key" 63 | server_cert = cert_dir / "server.pem" 64 | cert.private_key_pem.write_to_path(path=str(server_key)) 65 | with server_cert.open(mode="w") as f: 66 | f.truncate() 67 | for blob in cert.cert_chain_pems: 68 | blob.write_to_path(path=str(server_cert), append=True) 69 | 70 | # Write the certificate the client should trust 71 | client_cert = cert_dir / "client.pem" 72 | ca.cert_pem.write_to_path(path=str(client_cert)) 73 | 74 | if not args.quiet: 75 | idents = "', '".join(args.identities) 76 | print(f"Generated a certificate for '{idents}'") 77 | print("Configure your server to use the following files:") 78 | print(f" cert={server_cert}") 79 | print(f" key={server_key}") 80 | print("Configure your client to use the following files:") 81 | print(f" cert={client_cert}") 82 | 83 | 84 | if __name__ == "__main__": 85 | main() 86 | --------------------------------------------------------------------------------