From 93ef3e2e4947d1a44eeb2f07e474bcb584f03307 Mon Sep 17 00:00:00 2001
From: Ed Rantanen <rantanen_ed@yahoo.com>
Date: Fri, 3 Jun 2016 19:11:40 -0400
Subject: [PATCH] revert to 2.7 format removed unused imports

---
 csrgen.py | 158 +++++++++++++++++++++++++-----------------------------
 1 file changed, 72 insertions(+), 86 deletions(-)

diff --git a/csrgen.py b/csrgen.py
index 1f1920e..d1cf7e8 100755
--- a/csrgen.py
+++ b/csrgen.py
@@ -1,4 +1,4 @@
-#!/usr/bin/env python3
+#!/usr/bin/env python
 #
 # Generate a key, self-signed certificate, and certificate request.
 # Usage: csrgen <fqdn>
@@ -9,120 +9,105 @@
 #
 # Author: Courtney Cotton <cotton@cottoncourtney.com> 06-25-2014
 
-# mod'd for python 3.5
-
-
 # Libraries/Modules
-from OpenSSL import crypto, SSL
+
 import argparse
+from OpenSSL import crypto
 
 
 # Generate Certificate Signing Request (CSR)
-def generateCSR(nodename, sans=[]):
-    while True:
-        C = input("Enter your Country Name (2 letter code) [US]: ")
-        if len(C) != 2:
-            print("You must enter two letters. You entered %r" % (C))
-            continue
-        ST = input("Enter your State or Province <full name> []:California: ")
-        if len(ST) == 0:
-            print("Please enter your State or Province.")
-            continue
-        L = input("Enter your (Locality Name (eg, city) []:San Francisco: ")
-        if len(L) == 0:
-            print("Please enter your City.")
-            continue
-        O = input("Enter your Organization Name (eg, company) []:FTW Enterprise: ")
-        if len(L) == 0:
-            print("Please enter your Organization Name.")
-            continue
-        OU = input("Enter your Organizational Unit (eg, section) []:IT: ")
-        if len(OU) == 0:
-            print("Please enter your OU.")
-            continue
+def generateCSR(nodename, sans = []):
 
-        # Allows you to permanently set values required for CSR
-        # To use, comment raw_input and uncomment this section.
-        # C  = 'US'
-        # ST = 'New York'
-        # L  = 'Location'
-        # O  = 'Organization'
-        # OU = 'Organizational Unit'
+  while True:
+    C  = raw_input("Enter your Country Name (2 letter code) [US]: ")
+    if len(C) != 2:
+      print "You must enter two letters. You entered %r" % (C)
+      continue
+    ST = raw_input("Enter your State or Province <full name> []:California: ")
+    if len(ST) == 0:
+      print "Please enter your State or Province."
+      continue
+    L  = raw_input("Enter your (Locality Name (eg, city) []:San Francisco: ")
+    if len(L) == 0:
+      print "Please enter your City."
+      continue
+    O  = raw_input("Enter your Organization Name (eg, company) []:FTW Enterprise: ")
+    if len(L) == 0:
+       print "Please enter your Organization Name."
+       continue
+    OU = raw_input("Enter your Organizational Unit (eg, section) []:IT: ")
+    if len(OU) == 0:
+      print "Please enter your OU."
+      continue
 
-        csrfile = 'host.csr'
-        keyfile = 'host.key'
-        TYPE_RSA = crypto.TYPE_RSA
-        # Appends SAN to have 'DNS:'
-        ss = []
-        for i in sans:
-            ss.append("DNS: %s" % i)
-        ss = ", ".join(ss)
+    # Allows you to permanently set values required for CSR
+    # To use, comment raw_input and uncomment this section.
+    # C  = 'US'
+    # ST = 'New York'
+    # L  = 'Location'
+    # O  = 'Organization'
+    # OU = 'Organizational Unit'
 
-        req = crypto.X509Req()
-        req.get_subject().CN = nodename
-        req.get_subject().countryName = C
-        req.get_subject().stateOrProvinceName = ST
-        req.get_subject().localityName = L
-        req.get_subject().organizationName = O
-        req.get_subject().organizationalUnitName = OU
-
-        # Add in extensions
-        # added bytearray to string
-        # before -> "keyUsage"
-        # after  -> b"keyUsage"
-
-        base_constraints = ([
-            crypto.X509Extension(b"keyUsage", False, b"Digital Signature, Non Repudiation, Key Encipherment"),
-            crypto.X509Extension(b"basicConstraints", False, b"CA:FALSE"),
-        ])
-        x509_extensions = base_constraints
-        # If there are SAN entries, append the base_constraints to include them.
-        if ss:
-            san_constraint = crypto.X509Extension(b"subjectAltName", False, ss)
-            x509_extensions.append(san_constraint)
-        req.add_extensions(x509_extensions)
-        # Utilizes generateKey function to kick off key generation.
-        key = generateKey(TYPE_RSA, 2048)
-        req.set_pubkey(key)
-
-        # change to sha 256?
-        # req.sign(key, "sha1")
-        req.sign(key, "sha256")
-
-        generateFiles(csrfile, req)
-        generateFiles(keyfile, key)
-
-        return req
+    csrfile = 'host.csr'
+    keyfile = 'host.key'
+    TYPE_RSA = crypto.TYPE_RSA
+    # Appends SAN to have 'DNS:'
+    ss = []
+    for i in sans:
+        ss.append("DNS: %s" % i)
+    ss = ", ".join(ss)
 
+    req = crypto.X509Req()
+    req.get_subject().CN = nodename
+    req.get_subject().countryName = C
+    req.get_subject().stateOrProvinceName = ST
+    req.get_subject().localityName = L
+    req.get_subject().organizationName = O
+    req.get_subject().organizationalUnitName = OU
+    # Add in extensions
+    base_constraints = ([
+        crypto.X509Extension("keyUsage", False, "Digital Signature, Non Repudiation, Key Encipherment"),
+        crypto.X509Extension("basicConstraints", False, "CA:FALSE"),
+    ])
+    x509_extensions = base_constraints
+    # If there are SAN entries, append the base_constraints to include them.
+    if ss:
+        san_constraint = crypto.X509Extension("subjectAltName", False, ss)
+        x509_extensions.append(san_constraint)
+    req.add_extensions(x509_extensions)
+    # Utilizes generateKey function to kick off key generation.
+    key = generateKey(TYPE_RSA, 2048)
+    req.set_pubkey(key)
+    req.sign(key, "sha1")
+    generateFiles(csrfile, req)
+    generateFiles(keyfile, key)
+    return req
 
 # Generate Private Key
 def generateKey(type, bits):
+
     key = crypto.PKey()
     key.generate_key(type, bits)
     return key
 
-
 # Generate .csr/key files.
 def generateFiles(mkFile, request):
+
     if mkFile == 'host.csr':
-        f = open(mkFile, "wb")
+        f = open(mkFile, "w")
         f.write(crypto.dump_certificate_request(crypto.FILETYPE_PEM, request))
         f.close()
-
-        # print test
-        print(crypto.dump_certificate_request(crypto.FILETYPE_PEM, request))
-
+        print crypto.dump_certificate_request(crypto.FILETYPE_PEM, request)
     elif mkFile == 'host.key':
-        f = open(mkFile, "wb")
+        f = open(mkFile, "w")
         f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, request))
         f.close()
     else:
-        print("Failed.")
+        print "Failed."
         exit()
 
 
 # Run Portion
-
 parser = argparse.ArgumentParser()
 parser.add_argument("name", help="Provide the FQDN", action="store")
 parser.add_argument("-s", "--san", help="SANS", action="store", nargs='*', default="")
@@ -130,4 +115,5 @@ args = parser.parse_args()
 
 hostname = args.name
 sans = args.san
+
 generateCSR(hostname, sans)