Projekt

Obecné

Profil

« Předchozí | Další » 

Revize 64cfca84

Přidáno uživatelem Jan Pašek před téměř 4 roky(ů)

Re #8576 - cryptography.py implemented generate_crl()

Zobrazit rozdíly:

src/constants.py
60 60 
                                  "superseded", "cessationOfOperation",
61 61 
                                  "certificateHold", "removeFromCRL",
62 62 
                                  "privilegeWithdrawn", "aACompromise"}
63 

  		




  
  64
  
    

  		




  
  65
  
    
# Insert values into the template using % (index_file, serial_file)


  		




  
  66
  
    
CRL_CONFIG = """[ ca ]


  		




  
  67
  
    
default_ca = crl_ca


  		




  
  68
  
    

  		




  
  69
  
    
[ crl_ext ]


  		




  
  70
  
    
authorityKeyIdentifier=keyid:always


  		




  
  71
  
    

  		




  
  72
  
    
[ crl_ca ]


  		




  
  73
  
    
database = %s


  		




  
  74
  
    
serial = %s


  		




  
  75
  
    
default_md = sha1


  		




  
  76
  
    
policy = clr_policy


  		




  
  77
  
    
default_crl_days = 30


  		




  
  78
  
    

  		




  
  79
  
    
[ clr_policy ]


  		




  
  80
  
    
commonName = supplied


  		




  
  81
  
    
stateOrProvinceName = optional


  		




  
  82
  
    
countryName = optional


  		




  
  83
  
    
emailAddress = optional


  		




  
  84
  
    
organizationName = optional


  		




  
  85
  
    
organizationalUnitName = optional


  		




  
  86
  
    

  		




  
  87
  
    
"""


  		




  
  88
  
    

  		












  

    
      src/services/cryptography.py
    
  





  3
  3
  
    
import time


  		




  4
  4
  
    
import random


  		




  5
  5
  
    

  		




  
  6
  
    
from src.constants import CRL_CONFIG


  		




  
  7
  
    
from src.model.certificate import Certificate


  		




  
  8
  
    
from src.model.private_key import PrivateKey


  		




  6
  9
  
    
from src.model.subject import Subject


  		




  7
  10
  
    
from src.utils.temporary_file import TemporaryFile


  		




  8
  11
  
    

  		




  ......




  129
  132
  
    
        # file instead of an extension file. Therefore the following code creates


  		




  130
  133
  
    
        # the most basic configuration file with sscrt_ext section, that is later


  		




  131
  134
  
    
        # reference in openssl req command using -extensions option.


  		




  132
  
  
    
        extensions += "\n"+CA_EXTENSIONS


  		




  
  135
  
    
        extensions += "\n" + CA_EXTENSIONS


  		




  133
  136
  
    
        if len(config) == 0:


  		




  134
  137
  
    
            config += MINIMAL_CONFIG_FILE


  		




  135
  138
  
    
        config += "\n[ " + SSCRT_SECTION + " ]" + "\n" + extensions


  		




  ......




  146
  149
  
    
            if len(config) > 0:


  		




  147
  150
  
    
                args.extend(["-config", conf_path])


  		




  148
  151
  
    
            if len(extensions) > 0:


  		




  149
  
  
    
                args.extend(["-extensions", SSCRT_SECTION]) # when creating SSCRT, section references section in config


  		




  
  152
  
    
                args.extend(["-extensions", SSCRT_SECTION])  # when creating SSCRT, section references section in config


  		




  150
  153
  
    

  		




  151
  154
  
    
            # it would be best to not send the pass phrase at all, but for some reason pytest then prompts for


  		




  152
  155
  
    
            # the pass phrase (this does not happen when run from pycharm)


  		




  ......




  355
  358
  
    
        """


  		




  356
  359
  
    
        return self.__run_for_output(["version"]).decode("utf-8")


  		




  357
  360
  
    

  		




  358
  
  
    
    def generate_crl(self, index_file_path: str) -> str:


  		




  
  361
  
    
    def generate_crl(self, cert: Certificate, key: PrivateKey, index_file_path: str) -> str:


  		




  359
  362
  
    
        """


  		




  360
  363
  
    
        Generate a CertificateRevocationList for a specified


  		




  361
  364
  
    
        certificate authority.


  		




  362
  365
  
    

  		




  
  366
  
    
        :param key: key that is used to sign the CRL (must belong to the given certificate)


  		




  
  367
  
    
        :param cert: Certificate of the certificate authority that issue the CRL


  		




  363
  368
  
    
        :param index_file_path: path to a file that contains the openssl index with all revoked certificates


  		




  364
  369
  
    
        :return: CRL encoded in PEM format string


  		




  365
  370
  
    
        """


  		




  366
  
  
    
        # TODO


  		




  367
  
  
    
        return ""


  		




  
  371
  
    
        with TemporaryFile("serial.srl", "0") as serial_file, \


  		




  
  372
  
    
             TemporaryFile("crl.conf", CRL_CONFIG % (index_file_path, serial_file)) as config_file, \


  		




  
  373
  
    
             TemporaryFile("certificate.pem", cert.pem_data) as cert_file, \


  		




  
  374
  
    
             TemporaryFile("private_key.pem", key.private_key) as key_file:


  		




  
  375
  
    

  		




  
  376
  
    
            args = ["ca", "-config", config_file, "-gencrl", "-keyfile", key_file, "-cert", cert_file, "-outdir", "."]


  		




  
  377
  
    
            return self.__run_for_output(args).decode("utf-8")


  		




  
  378
  
    

  		




  368
  379
  
    

  		




  369
  380
  
    
class CryptographyException(Exception):


  		




  370
  381
  
    

  		












  

    
      tests/unit_tests/services/crl/generate_crl_test.py
    
  





  
  1
  
    
from src.model.certificate import Certificate


  		




  
  2
  
    
from src.model.private_key import PrivateKey


  		




  
  3
  
    
from src.services.cryptography import CryptographyService


  		




  
  4
  
    
from src.utils.temporary_file import TemporaryFile


  		




  
  5
  
    

  		




  
  6
  
    

  		




  
  7
  
    
CERT_TO_CHECK = 25


  		




  
  8
  
    

  		




  
  9
  
    
CERTIFICATE_PEM = """-----BEGIN CERTIFICATE-----


  		




  
  10
  
    
MIIF7TCCA9WgAwIBAgIBATANBgkqhkiG9w0BAQUFADBXMQswCQYDVQQGEwJBVTET


  		




  
  11
  
    
MBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ


  		




  
  12
  
    
dHkgTHRkMRAwDgYDVQQDDAdSb290IENBMB4XDTIxMDQwMTE1MjY0NVoXDTIzMDQw


  		




  
  13
  
    
MTE1MjY0NVowVTEOMAwGA1UEAwwFSUEgQ0ExEzARBgNVBAgMClNvbWUtU3RhdGUx


  		




  
  14
  
    
CzAJBgNVBAYTAkFVMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQw


  		




  
  15
  
    
ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDaQEH0Wipj43+ufQHkuzKC


  		




  
  16
  
    
JNahL16aaUjfIpvzw/kY63LqPf/PlqjCiFS/okBujV1GHqH8Ak0OUHZwEyYsgNby


  		




  
  17
  
    
S9SMZGwaD0wRhR/S4s71XywzlpC0rTgXILMsUPgTQtFUcEbQ2FbWbUInmOkGQ8/m


  		




  
  18
  
    
c4WsA5ihQRX52WTwoW807iu06T/kfPBTmP6vA2TMMd/P7yV6m0lLKNtp/7HiYggP


  		




  
  19
  
    
cKyOoEDVLau9b5wrpij51A7N03946NIyWH+B/GfTf9ApXUgpzzTCeix+939BQzCU


  		




  
  20
  
    
SSnvDe0ILy3n1Fhvtk6D29DO4Yt52ZXIo4Rw/OO3P7cfrl6EMnIGTCJFIjuycRN+


  		




  
  21
  
    
DRy7cshwDZeJ4lPARgJZJ+goYlvoN7Cz3CK5d15+tR6G92Zfi3NSBPaqnvMP9CVn


  		




  
  22
  
    
PBdNJu2XYc/yMQfxlhf0ARpXfVzcBAaTj0Oljsey8slHwejFlIA3Bg4S8+IE/IiK


  		




  
  23
  
    
th/5uskPoIphI2RU/Fr28tK4NDf5ZRpyqyYEPTXperOY2T+vDurbHqIHjpQEb4l3


  		




  
  24
  
    
tGAMnp9/zDhoJRhFtv2oYxl9FqQxWdGrSXeoIeknvdLdc0IzuydGXqQGgBB2PwmB


  		




  
  25
  
    
EyVjAyBXdd/k1f7fzfJ56F3VHC2+WnpI+ROXpVbX+Zy8DHuVY5Elqa5ozzd8dqlG


  		




  
  26
  
    
+Pjq/bCg92Rjg5t1Zt94RwIDAQABo4HFMIHCMAkGA1UdEwQCMAAwHQYDVR0OBBYE


  		




  
  27
  
    
FMRKjzNsvGuZMld6urgdEhKoc7ENMB8GA1UdIwQYMBaAFHESvYCvVziY/7eOdZbk


  		




  
  28
  
    
Jt8eWf8BMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAsBgNVHR8E


  		




  
  29
  
    
JTAjMCGgH6AdhhtodHRwOi8vZXhhbXBsZS5jb20vcm9vdC5jcmwwJQYDVR0RBB4w


  		




  
  30
  
    
HIILZXhhbXBsZS5jb22CDSouZXhhbXBsZS5jb20wDQYJKoZIhvcNAQEFBQADggIB


  		




  
  31
  
    
AFO+RVg8YLr5Y5/+DtNVVUQqUbs5HL5ZnKFB3PvaqBhYxJRuT+T0JvQafllH8sIS


  		




  
  32
  
    
6TeaytRL6p09m7BUGRmXQ3W6RHj+EBkt6wkSIVN+R/7xhIgPswz42wpQB00T/Wjm


  		




  
  33
  
    
/Ie7NmqJYfnwxeZxDELw0czxt+W5tXOMSdaf/bLjLuMITMsSxyTKHqchxw0MXbCO


  		




  
  34
  
    
6HHb4xVpM3YK/ulPHWDUTiFbZ9fM53bUHSZCBAxvwz8uGT+mjjQ5nKhBCCyt0YeD


  		




  
  35
  
    
hOmYzgsAx+IKUsTVM+nsuvVdCxNQom34xKDKODnFMp7XUIO3UV1dKWS/bVxauTBv


  		




  
  36
  
    
TX/Ln5S3yt4r7vYDJChNaeof3bS2WXRZr1RyQwXpNJyFvuW7LXPrLUPlFMGruYhr


  		




  
  37
  
    
KsXa7pcN9A9aBh/4LF6Syv6ajTNnYTSLng/Fg2W5RDlHfwGvUTPiD6KAJJ/gIkIQ


  		




  
  38
  
    
MS2D4iB+tiEMlQCxmzaoYK915uTcvOTUtucP/7pvf4E/SWDSY6rewxYCpPcaO7Wu


  		




  
  39
  
    
UruNY0956Kkq+le3kSo98nbrD3t9+LG54MHDjyy056RmtwxXwa2aNyi77Cjsm+Uh


  		




  
  40
  
    
VXG21Z2t4QbY3ksIa7lADFfCRBC66cvmmSOqZFlGgMBMQUPtv/ybucLyEwLeGCYw


  		




  
  41
  
    
sObAcnlYj80YBuIifgB9V3EmfXkE2FLZicp/sVWQJq8v


  		




  
  42
  
    
-----END CERTIFICATE-----


  		




  
  43
  
    
"""


  		




  
  44
  
    

  		




  
  45
  
    
KEY_PEM = """-----BEGIN RSA PRIVATE KEY-----


  		




  
  46
  
    
MIIJKQIBAAKCAgEA2kBB9FoqY+N/rn0B5LsygiTWoS9emmlI3yKb88P5GOty6j3/


  		




  
  47
  
    
z5aowohUv6JAbo1dRh6h/AJNDlB2cBMmLIDW8kvUjGRsGg9MEYUf0uLO9V8sM5aQ


  		




  
  48
  
    
tK04FyCzLFD4E0LRVHBG0NhW1m1CJ5jpBkPP5nOFrAOYoUEV+dlk8KFvNO4rtOk/


  		




  
  49
  
    
5HzwU5j+rwNkzDHfz+8leptJSyjbaf+x4mIID3CsjqBA1S2rvW+cK6Yo+dQOzdN/


  		




  
  50
  
    
eOjSMlh/gfxn03/QKV1IKc80wnosfvd/QUMwlEkp7w3tCC8t59RYb7ZOg9vQzuGL


  		




  
  51
  
    
edmVyKOEcPzjtz+3H65ehDJyBkwiRSI7snETfg0cu3LIcA2XieJTwEYCWSfoKGJb


  		




  
  52
  
    
6Dews9wiuXdefrUehvdmX4tzUgT2qp7zD/QlZzwXTSbtl2HP8jEH8ZYX9AEaV31c


  		




  
  53
  
    
3AQGk49DpY7HsvLJR8HoxZSANwYOEvPiBPyIirYf+brJD6CKYSNkVPxa9vLSuDQ3


  		




  
  54
  
    
+WUacqsmBD016XqzmNk/rw7q2x6iB46UBG+Jd7RgDJ6ff8w4aCUYRbb9qGMZfRak


  		




  
  55
  
    
MVnRq0l3qCHpJ73S3XNCM7snRl6kBoAQdj8JgRMlYwMgV3Xf5NX+383yeehd1Rwt


  		




  
  56
  
    
vlp6SPkTl6VW1/mcvAx7lWORJamuaM83fHapRvj46v2woPdkY4ObdWbfeEcCAwEA


  		




  
  57
  
    
AQKCAgEAkMpMdyVSNg55aHL6TJp8Oabi1PAuHNZ4R8AYIjIDEasyA4C6MyfKMbRs


  		




  
  58
  
    
NO4ZPL6AAMLVx/Bm2nY6/MNXcfLPptLz4WfF58v6NS1SHX/muRY4psjem17HdWB2


  		




  
  59
  
    
PZJB4dVUNmZ+NJMxmPPHDan9/fAC/uno5mNEYMZjI+w7cQBIXJ8dU9niT10ruuon


  		




  
  60
  
    
HEhuGKGFz9bh0GMwzrH+TmYZxwwuOMARWlWqbULtSrG+s556VLOAVsBXMwmSWWAo


  		




  
  61
  
    
xz2CS+fhW2/NLh+O6u5OkrTzMYK3uciID1X3yJQ0KjbPrN0PXZ74+ibbdy0Il6ET


  		




  
  62
  
    
fjnngGy+uj/d6GnnB5J+scqyPAGUYbOd1aGTe8Rp5Nss7rff5IhjYXAn7UnW0Zdk


  		




  
  63
  
    
Ym0O76kxsBrYA3Gq11apj7yYQngSlFCKENu/aWXErO4O+EnuntB7pmlSTHuYNRPi


  		




  
  64
  
    
sISoXXvKBPHtGoacCiwrQ35NI4MIExxWQ7gcJhjatVEQAZo/iguSH11OkzGL7DD1


  		




  
  65
  
    
t4A0T5YJlxUYW3Y3EUwQuxL0D6zUy3NRnWcZetHMHcZ0iSPc1pJK0RosFm3z+c7g


  		




  
  66
  
    
DQzWmym/VHvD/n0HIFcDKGU08papnF4mBrGlV8zJV91kl78TlbSSJ86zcoHCAwXI


  		




  
  67
  
    
1B/ByTL+nigdExwfc/Jzxb64w9kdOVujTtDRlk3mcv9LpWdL6QECggEBAPiY6d8H


  		




  
  68
  
    
cs467Pv3i6fkwHJZ1RZyijwkFxQsEJ2D6DcCJJyYZAkER0QC5gemOBSP2GnNc8aA


  		




  
  69
  
    
zx8Z53qEAIMLqlGoKPKYsv6HFixpFKzPvWvAuS8Sy7lvDD8JxcHfJxsCFUi/n9Nd


  		




  
  70
  
    
tSu+hdfejDmwFtRSTKILMc+tBVwzdyU9/iUoMOhDoKyh8DidrWfPB3voi0r5whR4


  		




  
  71
  
    
17yurveqIKg8A8YFKoAcbrYU55C1+cWQdSJL6OG9C8/bXhaHmZ+FPwf3u4UjRn2w


  		




  
  72
  
    
29FkOi8tbPY5pDjV+h/OJKwbSItv9eTyKbRSkWJRgJ8hua60JnrCwPPp1ZHDMnGT


  		




  
  73
  
    
lioDQKIeX2eJ2kECggEBAODAArXc0emEJkLr3Ml1sN8+Zvcdp/kZZhF4SqhQ0Lx+


  		




  
  74
  
    
GCmOb+TwXGNr3qaJ1kgaOY5corCPO3iA9oZB9VUAG2MZWYHY+0KioyzNkBLwqDd3


  		




  
  75
  
    
J0k2KQhIqcHuz+yQYYBH50OcPnOmSpaEq1UZvB+J45Mkg6UHXTWxdXnNFriVV9Ay


  		




  
  76
  
    
enME7pvU1PoANkiMYHdLSUbyw3/OcUJVneORo+U159YmWvd8yxIuyCgBhQV//pKo


  		




  
  77
  
    
KZn19Rlv+y50NSaOcYtWep//8I0jBjLxeHgupkVNYp7qXCoOpP2oBT7yrGHC5Tyc


  		




  
  78
  
    
oLEj7UNpzeAbMhN1+jUOBZyZP+OSa2F+kjaaLjQVYIcCggEBAJ2YApq6lBMc0+Mf


  		




  
  79
  
    
mM8EeuODA0zJq8xYbLEDBj10w58rop4LFU+KAMuissSioOaYEe9wqTZrreHfgBjw


  		




  
  80
  
    
2Yo5uO0vF1ZDayVj6bCZpNuwjjpi4IJw/ek99pt3zIAMwTOj7G5D3EQYIaPrkdm5


  		




  
  81
  
    
YVeow7AxxBbt1dP7sWwzzBI17IkNo4N6a79EoY6ilq06V1o7nyIWlux3dvxMGOs0


  		




  
  82
  
    
VKOR+CpuV/UDEUQomGvqkL6nxznIuYdxWq2YOVs69y5jQAQDDkNmi2de2NszGJeT


  		




  
  83
  
    
yoGFJRBKxdenzSO14BVVEqLiyYFg3n1fgZRfwuB3n/UuxTdbQ2K2RaIul4FmsnCT


  		




  
  84
  
    
pJN0loECggEAIT6FqBz3t9DiT/fPesU72mnClT7/v6rwHBltAaSim58TN+Jnzrd3


  		




  
  85
  
    
EwW7s2qkFZo7dUFilzc4lsSMsqNDBMW1R11SjhBoahzgghoN+585YqrvVrb6Ls2A


  		




  
  86
  
    
vrzyaI2avnzkSm3sFvM8CTOqnDXoS8n7raIzDtAeC3kqZU/e0oLUsGknD6hlGwvK


  		




  
  87
  
    
TQiG/wg0pLCwMBxsqpUAz80WQ7khQyBMILMftYfyCch9tt0yrfOW1l6leK6XCKI1


  		




  
  88
  
    
x1NNIVzkkrXCAbS8AkRyAEsThMNxuMKPme4Un+v2n8agsAT5VqSbf/GzG0CzMcuO


  		




  
  89
  
    
tl2PdK14yyw9zEIm3ySjWZJ9UjJQL0gSNQKCAQAcFdl256kkJXcoWJVf/IKygiZu


  		




  
  90
  
    
e5EX2TQKnzipKZmkJTz+HjXcbIIYr0b168LFP8FymOuLbk9yJtcVI6w/DZPilS8y


  		




  
  91
  
    
1A2CIcPxLnc+n5Vryt8W2fhkcSe5722TvlG8NTBoFjkuWPxF/kLroFl1JD7tzEoC


  		




  
  92
  
    
wRwP3kx1rxfDaH80gSCJYQkEj7/1JcZpTPwkbwEelKzNk3hxaB25N77iz9chehTb


  		




  
  93
  
    
sDfG9TzH6gqVn6Oo6DtGcxOAdYyxg+wyvqzwEQim+BYfs1hpfLDBo7XkyoHDxmJJ


  		




  
  94
  
    
GibmG4gJkmxvw0FE64J7sYmHkvqQBY0z39JYPqh385HMkg/Swz+Cn52N3mS7


  		




  
  95
  
    
-----END RSA PRIVATE KEY-----


  		




  
  96
  
    
"""


  		




  
  97
  
    

  		




  
  98
  
    
INDEX = """R\t230401152645Z\t210401152748Z,keyCompromise\t01\tunknown\t/CN=IA CA/ST=Some-State/C=AU/O=Internet Widgits Pty Ltd


  		




  
  99
  
    
R\t230401153537Z\t210401152748Z,keyCompromise\t02\tunknown\t/CN=Pasek Jan/ST=Pilsen/C=CZ/O=Pasek s.r.o.


  		




  
  100
  
    
"""


  		




  
  101
  
    

  		




  
  102
  
    
EXPECTED_CRL = """-----BEGIN X509 CRL-----


  		




  
  103
  
    
MIIC5DCBzQIBATANBgkqhkiG9w0BAQUFADBVMQ4wDAYDVQQDDAVJQSBDQTETMBEG


  		




  
  104
  
    
A1UECAwKU29tZS1TdGF0ZTELMAkGA1UEBhMCQVUxITAfBgNVBAoMGEludGVybmV0


  		




  
  105
  
    
IFdpZGdpdHMgUHR5IEx0ZBcNMjEwNDIwMTc1ODUzWhcNMjEwNTIwMTc1ODUzWjBE


  		




  
  106
  
    
MCACAQEXDTIxMDQwMTE1Mjc0OFowDDAKBgNVHRUEAwoBATAgAgECFw0yMTA0MDEx


  		




  
  107
  
    
NTI3NDhaMAwwCgYDVR0VBAMKAQEwDQYJKoZIhvcNAQEFBQADggIBACY8D2BPpMf4


  		




  
  108
  
    
nVvcdketKVxzKsaZ+nUdOB4kOwMA3/rbPq3axTVQ0HBuMyoTS5sTgZxfEnEd0U9L


  		




  
  109
  
    
9sLk3464Mw6NH4Gmo1wiW3vIw0d4ml2hRytb64HIUAnRkZn3x/d2jA4mH0KRBO23


  		




  
  110
  
    
aCAy4qTp8J61EIoqQxMM0eJBjVxZnwY/E3SZlVTPVLXe6loSjVzT3rJItKLqMzqV


  		




  
  111
  
    
JUlMdMJSIvvCaIjihYa7eiH1iC9T3exyqV34sm/ktGOxxZshmGl0R3yJDgCJ/VG3


  		




  
  112
  
    
MEzU8jTys1cwwudUdlcouL4j6XMUpsnJhj+I/JaRXJqozsuyYJy1XmSsR1nlOjct


  		




  
  113
  
    
Mdx8chHiAFvQ3QmdfcGPxwtQXvWIh1nbNdoKHWH6CiTX3vhZiKsFwLYYcb+32DW7


  		




  
  114
  
    
9BOIAgD+Y+pcBwADWIP5QsIoGHBqbH+KQy8sSSvXK+ZySSHrAdMr7hts+djqQjKE


  		




  
  115
  
    
3pG2nH/AdiuyAneJu/YXvpYV9AV+IDVToB0kmwjaqYzGtNzgUMwyhBttR6+nfvkv


  		




  
  116
  
    
SQLDUuorwSzPPaROzHpX0TtULHxedZr2gPwjbIOIoB+0ZulpHpBRH6dQY15LaKw6


  		




  
  117
  
    
ZyjDy23+CVA/d3CvHuPaDkE0ucTJXNI/0c1giBGPJwdyYmeblZkzcaiYRboOI3kS


  		




  
  118
  
    
XlFRZbGV9ivNg6kM4L/7LgNTgBA5T63f


  		




  
  119
  
    
-----END X509 CRL-----


  		




  
  120
  
    
""".strip().replace("\r", "").replace("\n", "")


  		




  
  121
  
    

  		




  
  122
  
    
def test_generate_crl():


  		




  
  123
  
    
    # only PEM data are relevant for the testcase


  		




  
  124
  
    
    service = CryptographyService()


  		




  
  125
  
    
    cert = Certificate(-1, "", "", "",


  		




  
  126
  
    
                       CERTIFICATE_PEM, -1, -1, -1, {})


  		




  
  127
  
    
    key = PrivateKey(-1, KEY_PEM)


  		




  
  128
  
    
    # generate CRL


  		




  
  129
  
    
    with TemporaryFile("index", INDEX) as index_file:


  		




  
  130
  
    
        out = service.generate_crl(cert, key, index_file)


  		




  
  131
  
    

  		




  
  132
  
    
    # check first 25 bytes - the rest can differ due to different issuing date


  		




  
  133
  
    
    assert out.strip().replace("\r", "").replace("\n", "")[:CERT_TO_CHECK] == EXPECTED_CRL[:CERT_TO_CHECK]


  		












Také k dispozici:  Unified diff