pyca · hynek · May 6, 2015 · Apr 29, 2015 · Apr 29, 2015 · Apr 29, 2015
diff --git a/examples/certgen.py b/examples/certgen.py
@@ -30,7 +30,7 @@ def createCertRequest(pkey, digest="sha256", **name):
     Create a certificate request.
 
     Arguments: pkey   - The key to associate with the request
-               digest - Digestion method to use for signing, default is md5
+               digest - Digestion method to use for signing, default is sha256
                **name - The name of the subject of the request, possible
                         arguments are:
                           C     - Country name
@@ -45,14 +45,14 @@ def createCertRequest(pkey, digest="sha256", **name):
     req = crypto.X509Req()
     subj = req.get_subject()
 
-    for (key,value) in name.items():
+    for (key,value) in list(name.items()):
         setattr(subj, key, value)
 
     req.set_pubkey(pkey)
     req.sign(pkey, digest)
     return req
 
-def createCertificate(req, (issuerCert, issuerKey), serial, (notBefore, notAfter), digest="md5"):
+def createCertificate(req, issuerCertKey, serial, validityPeriod, digest="sha256"):
     """
     Generate a certificate given a certificate request.
 
@@ -64,9 +64,11 @@ def createCertificate(req, (issuerCert, issuerKey), serial, (notBefore, notAfter
                             starts being valid
                notAfter   - Timestamp (relative to now) when the certificate
                             stops being valid
-               digest     - Digest method to use for signing, default is md5
+               digest     - Digest method to use for signing, default is sha256
     Returns:   The signed certificate in an X509 object
     """
+    (issuerCert, issuerKey) = issuerCertKey
+    (notBefore, notAfter) = validityPeriod
     cert = crypto.X509()
     cert.set_serial_number(serial)
     cert.gmtime_adj_notBefore(notBefore)

diff --git a/examples/mk_simple_certs.py b/examples/mk_simple_certs.py
@@ -7,15 +7,18 @@
 cakey = createKeyPair(TYPE_RSA, 2048)
 careq = createCertRequest(cakey, CN='Certificate Authority')
 cacert = createCertificate(careq, (careq, cakey), 0, (0, 60*60*24*365*5)) # five years
+
 print('Creating Certificate Authority private key in "simple/CA.pkey"')
-open('simple/CA.pkey', 'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, cakey))
+open('simple/CA.pkey', 'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, cakey).decode('utf-8'))
 print('Creating Certificate Authority certificate in "simple/CA.cert"')
-open('simple/CA.cert', 'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cacert))
+open('simple/CA.cert', 'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cacert).decode('utf-8'))
+
 for (fname, cname) in [('client', 'Simple Client'), ('server', 'Simple Server')]:
     pkey = createKeyPair(TYPE_RSA, 2048)
     req = createCertRequest(pkey, CN=cname)
     cert = createCertificate(req, (cacert, cakey), 1, (0, 60*60*24*365*5)) # five years
+
     print('Creating Certificate %s private key in "simple/%s.pkey"' % (fname, fname))
-    open('simple/%s.pkey' % (fname,), 'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
+    open('simple/%s.pkey' % (fname,), 'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey).decode('utf-8'))
     print('Creating Certificate %s certificate in "simple/%s.cert"' % (fname, fname))
-    open('simple/%s.cert' % (fname,), 'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
+    open('simple/%s.cert' % (fname,), 'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode('utf-8'))
diff --git a/examples/simple/client.py b/examples/simple/client.py
@@ -13,11 +13,11 @@
 
 def verify_cb(conn, cert, errnum, depth, ok):
     # This obviously has to be updated
-    print 'Got certificate: %s' % cert.get_subject()
+    print('Got certificate: %s' % cert.get_subject())
     return ok
 
 if len(sys.argv) < 3:
-    print 'Usage: python[2] client.py HOST PORT'
+    print('Usage: python client.py HOST PORT')
     sys.exit(1)
 
 dir = os.path.dirname(sys.argv[0])
@@ -44,7 +44,7 @@ def verify_cb(conn, cert, errnum, depth, ok):
         sys.stdout.write(sock.recv(1024))
         sys.stdout.flush()
     except SSL.Error:
-        print 'Connection died unexpectedly'
+        print('Connection died unexpectedly')
         break
 
 

diff --git a/examples/simple/server.py b/examples/simple/server.py
@@ -14,11 +14,11 @@
 
 def verify_cb(conn, cert, errnum, depth, ok):
     # This obviously has to be updated
-    print 'Got certificate: %s' % cert.get_subject()
+    print('Got certificate: %s' % cert.get_subject())
     return ok
 
 if len(sys.argv) < 2:
-    print 'Usage: python[2] server.py PORT'
+    print('Usage: python server.py PORT')
     sys.exit(1)
 
 dir = os.path.dirname(sys.argv[0])
@@ -44,27 +44,27 @@ def verify_cb(conn, cert, errnum, depth, ok):
 
 def dropClient(cli, errors=None):
     if errors:
-        print 'Client %s left unexpectedly:' % (clients[cli],)
-        print '  ', errors
+        print('Client %s left unexpectedly:' % (clients[cli],))
+        print('  ', errors)
     else:
-        print 'Client %s left politely' % (clients[cli],)
+        print('Client %s left politely' % (clients[cli],))
     del clients[cli]
-    if writers.has_key(cli):
+    if cli in writers:
         del writers[cli]
     if not errors:
         cli.shutdown()
     cli.close()
 
 while 1:
     try:
-        r,w,_ = select.select([server]+clients.keys(), writers.keys(), [])
+        r,w,_ = select.select([server]+list(clients.keys()), list(writers.keys()), [])
     except:
         break
 
     for cli in r:
         if cli == server:
             cli,addr = server.accept()
-            print 'Connection from %s' % (addr,)
+            print('Connection from %s' % (addr,))
             clients[cli] = addr
 
         else:
@@ -74,10 +74,10 @@ def dropClient(cli, errors=None):
                 pass
             except SSL.ZeroReturnError:
                 dropClient(cli)
-            except SSL.Error, errors:
+            except SSL.Error as errors:
                 dropClient(cli, errors)
             else:
-                if not writers.has_key(cli):
+                if cli not in writers:
                     writers[cli] = ''
                 writers[cli] = writers[cli] + ret
 
@@ -88,13 +88,13 @@ def dropClient(cli, errors=None):
             pass
         except SSL.ZeroReturnError:
             dropClient(cli)
-        except SSL.Error, errors:
+        except SSL.Error as errors:
             dropClient(cli, errors)
         else:
             writers[cli] = writers[cli][ret:]
             if writers[cli] == '':
                 del writers[cli]
 
-for cli in clients.keys():
+for cli in list(clients.keys()):
     cli.close()
 server.close()