|
1
|
# Database
|
|
2
|
INMEMORY_DATABASE_FILE = ":memory:"
|
|
3
|
TEST_DATABASE_FILE = INMEMORY_DATABASE_FILE
|
|
4
|
DB_DIR = "db"
|
|
5
|
DATETIME_FORMAT = "%d.%m.%Y %H:%M:%S"
|
|
6
|
|
|
7
|
# Logging
|
|
8
|
LOG_DIR = "logs"
|
|
9
|
LOG_FILENAME = "application.log"
|
|
10
|
LOG_FORMAT = "%(levelname)-8s %(asctime)s - %(message)s"
|
|
11
|
LOG_NAME = "app_logger"
|
|
12
|
|
|
13
|
REV_REASON_UNSPECIFIED = "unspecified"
|
|
14
|
|
|
15
|
# Types of certificates
|
|
16
|
ROOT_CA_ID = 1
|
|
17
|
INTERMEDIATE_CA_ID = 2
|
|
18
|
CERTIFICATE_ID = 3
|
|
19
|
|
|
20
|
# Usage types of certificates
|
|
21
|
CA_ID = 1
|
|
22
|
SSL_ID = 2
|
|
23
|
SIGNATURE_ID = 3
|
|
24
|
AUTHENTICATION_ID = 4
|
|
25
|
DICT_USAGES = {CA_ID: False, SSL_ID: False, SIGNATURE_ID: False, AUTHENTICATION_ID: False}
|
|
26
|
|
|
27
|
# DB names of tables
|
|
28
|
TAB_CERTIFICATES = "Certificates"
|
|
29
|
TAB_PRIVATE_KEYS = "PrivateKeys"
|
|
30
|
TAB_CERTIFICATE_USAGES = "CertificateUsages"
|
|
31
|
TAB_CERTIFICATE_TYPES = "CertificateTypes"
|
|
32
|
TAB_USAGE_TYPES = "UsageTypes"
|
|
33
|
|
|
34
|
# DB column names
|
|
35
|
COL_ID = "id"
|
|
36
|
COL_PK = "private_key"
|
|
37
|
|
|
38
|
# DB column names of Certificates table
|
|
39
|
COL_VALID_FROM = "valid_from"
|
|
40
|
COL_VALID_TO = "valid_to"
|
|
41
|
COL_PEM_DATA = "pem_data"
|
|
42
|
COL_COMMON_NAME = "common_name"
|
|
43
|
COL_COUNTRY_CODE = "country_code"
|
|
44
|
COL_LOCALITY = "locality"
|
|
45
|
COL_PROVINCE = "province"
|
|
46
|
COL_ORGANIZATION = "organization"
|
|
47
|
COL_ORGANIZATIONAL_UNIT = "organizational_unit"
|
|
48
|
COL_EMAIL_ADDRESS = "email_address"
|
|
49
|
COL_REVOCATION_DATE = "revocation_date"
|
|
50
|
COL_REVOCATION_REASON = "revocation_reason"
|
|
51
|
COL_DELETION_DATE = "deletion_date"
|
|
52
|
COL_TYPE_ID = "certificate_type_id"
|
|
53
|
COL_PARENT_ID = "parent_certificate_id"
|
|
54
|
COL_PRIVATE_KEY_ID = "private_key_id"
|
|
55
|
|
|
56
|
# DB column names of PrivateKeys table
|
|
57
|
COL_PRIVATE_KEY = "private_key"
|
|
58
|
COL_PASSWORD = "password"
|
|
59
|
|
|
60
|
# DB column names of PrivateKey table
|
|
61
|
COL_CERTIFICATE_ID = "certificate_id"
|
|
62
|
COL_USAGE_TYPE_ID = "usage_type_id"
|
|
63
|
|
|
64
|
# configuration default
|
|
65
|
DEFAULT_CONNECTION_STRING = "db/database_sqlite.db"
|
|
66
|
DEFAULT_SERVER_BASE_URL = "http://localhost"
|
|
67
|
DEFAULT_LOG_LEVEL = "DEBUG"
|
|
68
|
DEFAULT_ROOT_DIR = "aswi2021jmsd"
|
|
69
|
|
|
70
|
# available certificate states and revocation reasons
|
|
71
|
CERTIFICATE_STATES = {"valid", "revoked"}
|
|
72
|
CERTIFICATE_REVOCATION_REASONS = {"unspecified", "keyCompromise",
|
|
73
|
"CACompromise", "affiliationChanged",
|
|
74
|
"superseded", "cessationOfOperation",
|
|
75
|
"certificateHold", "removeFromCRL"}
|
|
76
|
CERTIFICATE_REVOCATION_REASON_HOLD = "certificateHold"
|
|
77
|
|
|
78
|
CERTIFICATE_VALID = "valid"
|
|
79
|
CERTIFICATE_REVOKED = "revoked"
|
|
80
|
CERTIFICATE_EXPIRED = "expired"
|
|
81
|
|
|
82
|
|
|
83
|
# Insert values into the template using % (index_file, serial_file)
|
|
84
|
CRL_CONFIG = """[ ca ]
|
|
85
|
default_ca = crl_ca
|
|
86
|
|
|
87
|
[ crl_ext ]
|
|
88
|
authorityKeyIdentifier=keyid:always
|
|
89
|
|
|
90
|
[ crl_ca ]
|
|
91
|
database = %s
|
|
92
|
serial = %s
|
|
93
|
default_md = sha1
|
|
94
|
policy = crl_policy
|
|
95
|
default_crl_days = 30
|
|
96
|
|
|
97
|
[ crl_policy ]
|
|
98
|
commonName = supplied
|
|
99
|
stateOrProvinceName = optional
|
|
100
|
countryName = optional
|
|
101
|
emailAddress = optional
|
|
102
|
organizationName = optional
|
|
103
|
organizationalUnitName = optional
|
|
104
|
|
|
105
|
"""
|