Revize 03484d49
Přidáno uživatelem Michal Seják před více než 3 roky(ů)
| src/services/certificate_service.py | ||
|---|---|---|
| 17 | 17 |
from src.services.cryptography import CryptographyService |
| 18 | 18 |
|
| 19 | 19 |
import time |
| 20 |
from calendar import timegm |
|
| 20 | 21 |
|
| 21 | 22 |
from src.utils.usages_to_extensions import usages_to_extension_lines, ExtensionFieldFlags, CRITICAL, KEY_CERT_SIGN, \ |
| 22 | 23 |
CRL_SIGN, CA, DIGITAL_SIGNATURE, KEY_ENCIPHERMENT, KEY_AGREEMENT, SERVER_AUTH, NON_REPUDIATION, TIME_STAMPING, \ |
| ... | ... | |
| 124 | 125 |
# TODO this could be improved in the future in such way that calling openssl is not required to parse the dates |
| 125 | 126 |
subj, not_before, not_after = self.cryptography_service.parse_cert_pem(cert_pem) |
| 126 | 127 |
# format the parsed date |
| 127 |
not_before_formatted = time.strftime(VALID_FROM_TO_DATE_FORMAT, not_before)
|
|
| 128 |
not_after_formatted = time.strftime(VALID_FROM_TO_DATE_FORMAT, not_after)
|
|
| 128 |
not_before_formatted = int(timegm(not_before))
|
|
| 129 |
not_after_formatted = int(timegm(not_after))
|
|
| 129 | 130 |
|
| 130 | 131 |
# create a certificate wrapper |
| 131 | 132 |
certificate = Certificate(-1, not_before_formatted, not_after_formatted, cert_pem, cert_type, parent_id, |
| ... | ... | |
| 454 | 455 |
raise CertificateAlreadyRevokedException(id) |
| 455 | 456 |
|
| 456 | 457 |
revocation_timestamp = int(time.time()) |
| 457 |
updated = self.certificate_repository.set_certificate_revoked(id, str(revocation_timestamp), reason)
|
|
| 458 |
updated = self.certificate_repository.set_certificate_revoked(id, revocation_timestamp, reason)
|
|
| 458 | 459 |
|
| 459 | 460 |
if not updated: |
| 460 | 461 |
Logger.error(f"Repository returned 'false' from clear_certificate_revocation() " |
Také k dispozici: Unified diff
Re #8652 - Updated the way valid_from/to fields are stored (str -> int). Used `timegm` from `calendar` for time_struct to utc unix timestamp conversion.