Debian packaging for python2 and python3 at the same time

The problem The scenario was like this: Python code that provides a library and a binary The code is compatible with both Python v2 and v3 The requirements were: Generate a package with the library part for python v2 Generate a package with the library part for python v3 Generate a binary package with the …

Continue reading ‘Debian packaging for python2 and python3 at the same time’ »

pyOpenSSL and invalid certificates

I was trying to import some X509v3 certificates that were created with pyOpenSSL to a MikroTik router (RouterOS 6.1) but they were always being imported with an invalid validity period (not before 1970 and not after 1970). Eventually I found out that this is because pyOpenSSL stores the validity field in an invalid format. Here’s …

Continue reading ‘pyOpenSSL and invalid certificates’ »

Verify that a private key matches a certificate with PyOpenSSL

Verify that a private key matches a certificate using PyOpenSSL and PyCrypto: The idea is to get the modulus from the two DER structures and compare them. They should be the same. Note: You can use the above under the MIT license. If it doesn’t fit your needs let me know. My intention is to …

Continue reading ‘Verify that a private key matches a certificate with PyOpenSSL’ »

DNSSEC key tag (keyid) and DS signature calculation in python

This one took me a considerable amount of hours to figure out so here it is. While trying to automate DNS zone generation I had to calculate some of the values programmatically. Two of the auto-generated values had to do with DNSSEC entries: The key tag (or keyid) and the DS record’s signatures. The required …

Continue reading ‘DNSSEC key tag (keyid) and DS signature calculation in python’ »