diff --git a/ChangeLog b/ChangeLog new file mode 100644 index 0000000..231a7c5 --- /dev/null +++ b/ChangeLog @@ -0,0 +1,17 @@ +2014-01-18 Ray Brown + + * setup.py: First stable version, 1.0.0 + * dtls/test/makecerts: Generate valid and current certificates for + unit test suite + * dtls/test/openssl_ca.cnf: Configuration file for CA certificate + * dtls/test/openssl_server.cnf: Configuration file for server + certificate + * dtls/test/certs/ca-cert.pem: updated certificate, valid for 10 years + * dtls/test/certs/server-cert.pem: updated certificate, valid for + 10 years + * dtls/test/certs/keycert.pem: updated server certificate from server-cert.pem, along with that certificate's private key + * dtls/test/server-key.pem: deleted (it was not needed) + +2012-12-31 Ray Brown + + * All: Version 0.1.0: initial public release diff --git a/dtls/test/certs/ca-cert.pem b/dtls/test/certs/ca-cert.pem index c51b49b..e125a65 100644 --- a/dtls/test/certs/ca-cert.pem +++ b/dtls/test/certs/ca-cert.pem @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB3TCCAYegAwIBAgIJAJdD48tCuQ4ZMA0GCSqGSIb3DQEBBQUAMEoxCzAJBgNV -BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRMwEQYDVQQKEwpSYXkgQ0EgSW5j -MREwDwYDVQQDEwhSYXlDQUluYzAeFw0xMjA5MjEyMTE0MTZaFw0xMzA5MjEyMTE0 -MTZaMEoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRMwEQYDVQQK -EwpSYXkgQ0EgSW5jMREwDwYDVQQDEwhSYXlDQUluYzBcMA0GCSqGSIb3DQEBAQUA -A0sAMEgCQQC33ThS1uvx6c9/jdQgPrLnVepv9NJdtyRMIDH3ZVfIKwwC6Nde3CJh -bdo3j2njxlY7pw0P6J/F6mQpGtsRGaX1AgMBAAGjUDBOMB0GA1UdDgQWBBQBj0cB -lkz531jiz4oLP0osGlVR3zAfBgNVHSMEGDAWgBQBj0cBlkz531jiz4oLP0osGlVR -3zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA0EAUyS5rT6LFjhhPeoW1Gk1 -sibwzgPSKdEzllt0vGZtWESekkoJ0UxnDvRzKv8OEVSclt+2YuzJXuZGteFABxDA -Cw== +MIICCzCCAXQCCQCwvSKaN4J3cTANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJV +UzETMBEGA1UECBMKV2FzaGluZ3RvbjETMBEGA1UEChMKUmF5IENBIEluYzERMA8G +A1UEAxMIUmF5Q0FJbmMwHhcNMTQwMTE4MjEwMjUwWhcNMjQwMTE2MjEwMjUwWjBK +MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjETMBEGA1UEChMKUmF5 +IENBIEluYzERMA8GA1UEAxMIUmF5Q0FJbmMwgZ8wDQYJKoZIhvcNAQEBBQADgY0A +MIGJAoGBAN/UYXt4uq+YdTDnm7WPCu+0B50kJXWU3sSS+WAAhr3BHh7qa7UTiRXy +yGYysgvtwriETAZRckzd+hdblNRUWXGJdRvtyx94nLpPpI8p4djBrJ5IMPqK5SgW +ZP4XTWs694VtUBAvHCX+Ly+t0O5Rw3NmqxY1MakooqU9t+wL0H0TAgMBAAEwDQYJ +KoZIhvcNAQEFBQADgYEANemjvYCJrTc/6im0DmDC6AW8KrLG0xj31HWpq1dO9LG7 +mlVFgbVtbcuCZgA78kxgw1vN6kBBLEsAJC8gkg++AO/w3a4oP+U9txAr9KRg6IGA +FiUohuWbjKBnQEpceoECgrymooF3ayzke/vf3wcMYy153uC+H4t96Yc5T066c4o= -----END CERTIFICATE----- diff --git a/dtls/test/certs/keycert.pem b/dtls/test/certs/keycert.pem index 05ee34c..696cb73 100644 --- a/dtls/test/certs/keycert.pem +++ b/dtls/test/certs/keycert.pem @@ -1,21 +1,30 @@ -----BEGIN PRIVATE KEY----- -MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAuPd3JmydJfXhyii0 -agsVgRMOUcOyuldbaf/Lu4bZ+U0zH0OSoYkv0Ahbz7ehK+oGMeUy/SuGVAn7JLyj -zlYi8QIDAQABAkAygtnV82lC2Y/Mbis+nkJEGlkZuRCQ1JRRMRqI3n2eF6CviqF3 -PiBXIEEExzKihC9bvbHKTAkYDLr+/4YpbiQBAiEA7JLS5Lp7KI/ayWwEzl2r5XXu -k/cbH++A4zZz6A9XIsECIQDIJ8ciDa5/VGyQnYMzBNgKnwaFDDBOiEUFDaU/9ZN8 -MQIgCG3Gw819G9ncQrbtiOi/eiJ0iKMSPVYMMow7HvaE9UECIQCLyQwPwlJd5s4z -aW4ZkYZ4VHuvK8YI8q6RSuhf9Nhd4QIgFbRNdEeehgrzGzGug2yVCMzVzS3MQNBJ -6LqBZaPlFsM= +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANjL+g7MpTEB40Vo +2pxWbx33YwgXQ6QbnLg1QyKlrH6DEEotyDRWI/ZftvWbjGUh0zUGhQaLzF3ZNgdM +VkF5j0wCgRdwPon1ct5wJUg6GCWvfi4B/HlQrWg8JDaWoGuDcTqLh6KYfDdWTlWC +Bq3pOW14gVe3d12R8Bxu9PCK8jrvAgMBAAECgYAQFjqs5HSRiWFS4i/uj99Y6uV3 +UTqcr8vWQ2WC6aY+EP2hc3o6n/W1L28FFJC7ZGImuiAe1zrH7/k5W2m/HAUM7M9p +oBcp7ZVMFU6R00cQWVKCpQRCpNHnn+tVJdRGiHRj9836/u2z3shBxDYgXJIR787V +SlBXkCcsi0Clem5ocQJBAPp/0tF4CpoaOCAnNN+rDjPNGcH57lmpSZBMXZVAVCRq +vJDdH9SIcb19gKToCF1MUd7CJWbSHKxh49Hr+prBW8cCQQDdjrH8EZ4CDYvoJbVX +iWFfbh6lPwv8uaj43HoHq4+51mhHvLxO8a1AKMSgD2cg7yJYYIpTTAf21gqU3Yt9 +wJeZAkEAl75e4u0o3vkLDs8xRFzGmbKg69SPAll+ap8YAZWaYwUVfVu2MHUHEZa5 +GyxEBOB6p8pMBeE55WLXMw8UHDMNeQJADEWRGjMnm1mAvFUKXFThrdV9oQ2C7nai +I1ai87XO+i4kDIUpsP216O3ZJjx0K+DS+C4wuzhk4IkugNxck5SNUQJASxf8E4z5 +W5rP2XXIohGpDyzI+criUYQ6340vKB9bPsCQ2QooQq1BH0wGA2fY82Kr95E8KhUo +zGoP1DtpzgwOQg== -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- -MIIBgDCCASoCAQEwDQYJKoZIhvcNAQEEBQAwSjELMAkGA1UEBhMCVVMxEzARBgNV -BAgTCldhc2hpbmd0b24xEzARBgNVBAoTClJheSBDQSBJbmMxETAPBgNVBAMTCFJh -eUNBSW5jMB4XDTEyMDkyMTIxMTYxOFoXDTEzMDkyMTIxMTYxOFowTDELMAkGA1UE -BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xFDASBgNVBAoTC1JheSBTcnYgSW5j -MRIwEAYDVQQDEwlSYXlTcnZJbmMwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuPd3 -JmydJfXhyii0agsVgRMOUcOyuldbaf/Lu4bZ+U0zH0OSoYkv0Ahbz7ehK+oGMeUy -/SuGVAn7JLyjzlYi8QIDAQABMA0GCSqGSIb3DQEBBAUAA0EAEkxVF8HEGV8N4mYA -hDciYpttnnb9pYL1okHGrhaIFqu9D10LfP1SKps/6s/qNSk3YaIVjydWOHEf6xr4 -zJkiFw== +MIICDTCCAXYCCQCxc2uXBLZhDjANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJV +UzETMBEGA1UECBMKV2FzaGluZ3RvbjETMBEGA1UEChMKUmF5IENBIEluYzERMA8G +A1UEAxMIUmF5Q0FJbmMwHhcNMTQwMTE4MjEwMjUwWhcNMjQwMTE2MjEwMjUwWjBM +MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEUMBIGA1UEChMLUmF5 +IFNydiBJbmMxEjAQBgNVBAMTCVJheVNydkluYzCBnzANBgkqhkiG9w0BAQEFAAOB +jQAwgYkCgYEA2Mv6DsylMQHjRWjanFZvHfdjCBdDpBucuDVDIqWsfoMQSi3INFYj +9l+29ZuMZSHTNQaFBovMXdk2B0xWQXmPTAKBF3A+ifVy3nAlSDoYJa9+LgH8eVCt +aDwkNpaga4NxOouHoph8N1ZOVYIGrek5bXiBV7d3XZHwHG708IryOu8CAwEAATAN +BgkqhkiG9w0BAQUFAAOBgQBw0XUTYzfiI0Fi9g4GuyWD2hjET3NtrT4Ccu+Jiivy +EvwhzHtVGAPhrV+VCL8sS9uSOZlmfK/ZVraDiFGpJLDMvPP5y5fwq5VGrFuZispG +X6bTBq2AIKzGGXxhwPqD8F7su7bmZDnZFRMRk2Bh16rv0mtzx9yHtqC5YJZ2a3JK +2g== -----END CERTIFICATE----- diff --git a/dtls/test/certs/server-cert.pem b/dtls/test/certs/server-cert.pem index e93f97b..c407cb0 100644 --- a/dtls/test/certs/server-cert.pem +++ b/dtls/test/certs/server-cert.pem @@ -1,36 +1,14 @@ -Certificate: - Data: - Version: 1 (0x0) - Serial Number: 1 (0x1) - Signature Algorithm: md5WithRSAEncryption - Issuer: C=US, ST=Washington, O=Ray CA Inc, CN=RayCAInc - Validity - Not Before: Sep 21 21:16:18 2012 GMT - Not After : Sep 21 21:16:18 2013 GMT - Subject: C=US, ST=Washington, O=Ray Srv Inc, CN=RaySrvInc - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (512 bit) - Modulus: - 00:b8:f7:77:26:6c:9d:25:f5:e1:ca:28:b4:6a:0b: - 15:81:13:0e:51:c3:b2:ba:57:5b:69:ff:cb:bb:86: - d9:f9:4d:33:1f:43:92:a1:89:2f:d0:08:5b:cf:b7: - a1:2b:ea:06:31:e5:32:fd:2b:86:54:09:fb:24:bc: - a3:ce:56:22:f1 - Exponent: 65537 (0x10001) - Signature Algorithm: md5WithRSAEncryption - 12:4c:55:17:c1:c4:19:5f:0d:e2:66:00:84:37:22:62:9b:6d: - 9e:76:fd:a5:82:f5:a2:41:c6:ae:16:88:16:ab:bd:0f:5d:0b: - 7c:fd:52:2a:9b:3f:ea:cf:ea:35:29:37:61:a2:15:8f:27:56: - 38:71:1f:eb:1a:f8:cc:99:22:17 -----BEGIN CERTIFICATE----- -MIIBgDCCASoCAQEwDQYJKoZIhvcNAQEEBQAwSjELMAkGA1UEBhMCVVMxEzARBgNV -BAgTCldhc2hpbmd0b24xEzARBgNVBAoTClJheSBDQSBJbmMxETAPBgNVBAMTCFJh -eUNBSW5jMB4XDTEyMDkyMTIxMTYxOFoXDTEzMDkyMTIxMTYxOFowTDELMAkGA1UE -BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xFDASBgNVBAoTC1JheSBTcnYgSW5j -MRIwEAYDVQQDEwlSYXlTcnZJbmMwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuPd3 -JmydJfXhyii0agsVgRMOUcOyuldbaf/Lu4bZ+U0zH0OSoYkv0Ahbz7ehK+oGMeUy -/SuGVAn7JLyjzlYi8QIDAQABMA0GCSqGSIb3DQEBBAUAA0EAEkxVF8HEGV8N4mYA -hDciYpttnnb9pYL1okHGrhaIFqu9D10LfP1SKps/6s/qNSk3YaIVjydWOHEf6xr4 -zJkiFw== +MIICDTCCAXYCCQCxc2uXBLZhDjANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJV +UzETMBEGA1UECBMKV2FzaGluZ3RvbjETMBEGA1UEChMKUmF5IENBIEluYzERMA8G +A1UEAxMIUmF5Q0FJbmMwHhcNMTQwMTE4MjEwMjUwWhcNMjQwMTE2MjEwMjUwWjBM +MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEUMBIGA1UEChMLUmF5 +IFNydiBJbmMxEjAQBgNVBAMTCVJheVNydkluYzCBnzANBgkqhkiG9w0BAQEFAAOB +jQAwgYkCgYEA2Mv6DsylMQHjRWjanFZvHfdjCBdDpBucuDVDIqWsfoMQSi3INFYj +9l+29ZuMZSHTNQaFBovMXdk2B0xWQXmPTAKBF3A+ifVy3nAlSDoYJa9+LgH8eVCt +aDwkNpaga4NxOouHoph8N1ZOVYIGrek5bXiBV7d3XZHwHG708IryOu8CAwEAATAN +BgkqhkiG9w0BAQUFAAOBgQBw0XUTYzfiI0Fi9g4GuyWD2hjET3NtrT4Ccu+Jiivy +EvwhzHtVGAPhrV+VCL8sS9uSOZlmfK/ZVraDiFGpJLDMvPP5y5fwq5VGrFuZispG +X6bTBq2AIKzGGXxhwPqD8F7su7bmZDnZFRMRk2Bh16rv0mtzx9yHtqC5YJZ2a3JK +2g== -----END CERTIFICATE----- diff --git a/dtls/test/certs/server-key.pem b/dtls/test/certs/server-key.pem deleted file mode 100644 index 51908d6..0000000 --- a/dtls/test/certs/server-key.pem +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAuPd3JmydJfXhyii0 -agsVgRMOUcOyuldbaf/Lu4bZ+U0zH0OSoYkv0Ahbz7ehK+oGMeUy/SuGVAn7JLyj -zlYi8QIDAQABAkAygtnV82lC2Y/Mbis+nkJEGlkZuRCQ1JRRMRqI3n2eF6CviqF3 -PiBXIEEExzKihC9bvbHKTAkYDLr+/4YpbiQBAiEA7JLS5Lp7KI/ayWwEzl2r5XXu -k/cbH++A4zZz6A9XIsECIQDIJ8ciDa5/VGyQnYMzBNgKnwaFDDBOiEUFDaU/9ZN8 -MQIgCG3Gw819G9ncQrbtiOi/eiJ0iKMSPVYMMow7HvaE9UECIQCLyQwPwlJd5s4z -aW4ZkYZ4VHuvK8YI8q6RSuhf9Nhd4QIgFbRNdEeehgrzGzGug2yVCMzVzS3MQNBJ -6LqBZaPlFsM= ------END PRIVATE KEY----- diff --git a/dtls/test/makecerts b/dtls/test/makecerts new file mode 100755 index 0000000..251b520 --- /dev/null +++ b/dtls/test/makecerts @@ -0,0 +1,36 @@ +#!/bin/bash -eu + +############################################################################## +# +# Generate Certificates for PyDTLS Unit Testing +# +# This script is invoked manually (as opposed to by the unit test suite), in +# order to generate certain certificates that are required to be valid by +# the unit test suite. +# +# This script is not portable: it has been tested on Ubuntu 13.04 only. New +# certificates are written into the current directory. +# +# Copyright 2014 Ray Brown +# +############################################################################## + +DIR=`dirname "$0"` + +# Generate self-signed certificate for the certificate authority +echo Generating CA...; echo +openssl req -config "$DIR/openssl_ca.cnf" -x509 -newkey rsa -nodes -keyout tmp_ca.key -out ca-cert.pem -days 3650 + +# Generate a certificate request +echo Generating certificate request...; echo +openssl req -config "$DIR/openssl_server.cnf" -newkey rsa -nodes -keyout tmp_server.key -out tmp_server.req + +# Sign the request with the certificate authority's certificate created above +echo Signing certificate request...; echo +openssl x509 -req -in tmp_server.req -CA ca-cert.pem -CAkey tmp_ca.key -CAcreateserial -days 3650 -out server-cert.pem + +# Build pem file with private and public keys, ready for unprompted server use +cat tmp_server.key server-cert.pem > keycert.pem + +# Clean up +rm tmp_ca.key tmp_server.key tmp_server.req ca-cert.srl diff --git a/dtls/test/openssl_ca.cnf b/dtls/test/openssl_ca.cnf new file mode 100644 index 0000000..365ab27 --- /dev/null +++ b/dtls/test/openssl_ca.cnf @@ -0,0 +1,11 @@ +RANDFILE = $ENV::HOME/.rnd + +[ req ] +distinguished_name = req_distinguished_name +prompt = no + +[ req_distinguished_name ] +C = US +ST = Washington +O = Ray CA Inc +CN = RayCAInc diff --git a/dtls/test/openssl_server.cnf b/dtls/test/openssl_server.cnf new file mode 100644 index 0000000..2d2e749 --- /dev/null +++ b/dtls/test/openssl_server.cnf @@ -0,0 +1,11 @@ +RANDFILE = $ENV::HOME/.rnd + +[ req ] +distinguished_name = req_distinguished_name +prompt = no + +[ req_distinguished_name ] +C = US +ST = Washington +O = Ray Srv Inc +CN = RaySrvInc diff --git a/setup.py b/setup.py index 32fb143..5f8f9c8 100644 --- a/setup.py +++ b/setup.py @@ -33,7 +33,7 @@ for scheme in INSTALL_SCHEMES.values(): scheme['data'] = scheme['purelib'] NAME = "Dtls" -VERSION = "0.1.0" +VERSION = "1.0.0" DIST_DIR = "dist" FORMAT_TO_SUFFIX = { "zip": ".zip", @@ -59,7 +59,10 @@ def invoke_setup(data_files=None): data_files = load(fl) except IOError: data_files = [] - data_files.append(('dtls', ["NOTICE", "LICENSE", "README.txt"]),) + data_files.append(('dtls', ["NOTICE", + "LICENSE", + "README.txt", + "ChangeLog"]),) setup(name=NAME, version=VERSION, description="Python Datagram Transport Layer Security", @@ -69,7 +72,10 @@ def invoke_setup(data_files=None): license="LICENSE", long_description=open("README.txt").read(), packages=["dtls", "dtls.demux", "dtls.test"], - package_data={"dtls.test": ["certs/*.pem"]}, + package_data={"dtls.test": ["makecerts", + "openssl_ca.cnf", + "openssl_server.cnf", + "certs/*.pem"]}, data_files=data_files, ) finally: @@ -104,11 +110,12 @@ def make_dists(): except OSError: pass rename(source_name, target_name) - # Finally the distribution without prebuilts - argv.append("--formats=zip,gztar") - invoke_setup() if __name__ == "__main__": + # Full upload sequence for new version: + # python setup.py sdist --formats=zip,gztar upload + # python setup.py sdist --prebuilts + # Manually add .sdist_with_openssl. archives to repository if argv[-1] == "--prebuilts": del argv[-1] make_dists()