Revize 52f2eca4
Přidáno uživatelem Jan Pašek před téměř 4 roky(ů)
| src/services/certificate_service.py | ||
|---|---|---|
| 31 | 31 |
REQUIRED_USAGE_EXTENSION_FLAGS = {
|
| 32 | 32 |
CA_ID: ExtensionFieldFlags({CRITICAL, KEY_CERT_SIGN, CRL_SIGN}, {}, {CRITICAL, CA}),
|
| 33 | 33 |
SSL_ID: ExtensionFieldFlags({DIGITAL_SIGNATURE, KEY_ENCIPHERMENT, KEY_AGREEMENT}, {SERVER_AUTH}, {}),
|
| 34 |
SIGNATURE_ID: ExtensionFieldFlags({DIGITAL_SIGNATURE, NON_REPUDIATION}, {TIME_STAMPING}, {}),
|
|
| 34 |
SIGNATURE_ID: ExtensionFieldFlags({DIGITAL_SIGNATURE, NON_REPUDIATION}, {}, {}),
|
|
| 35 | 35 |
AUTHENTICATION_ID: ExtensionFieldFlags({DIGITAL_SIGNATURE}, {CLIENT_AUTH}, {})}
|
| 36 | 36 |
|
| 37 | 37 |
|
| tests/integration_tests/services/certificate_service_test.py | ||
|---|---|---|
| 129 | 129 |
X509v3 extensions: |
| 130 | 130 |
X509v3 Key Usage: |
| 131 | 131 |
Digital Signature, Non Repudiation |
| 132 |
X509v3 Extended Key Usage: |
|
| 133 |
Time Stamping |
|
| 134 | 132 |
""".replace("\r", "").replace("\n", "")
|
| 135 | 133 |
|
| 136 | 134 |
assert expected in cert_loaded_printed.replace("\n", "").replace("\r", "")
|
| tests/unit_tests/utils/usages_to_extensions_test.py | ||
|---|---|---|
| 21 | 21 |
usages[AUTHENTICATION_ID] = True |
| 22 | 22 |
|
| 23 | 23 |
expected = """keyUsage=digitalSignature,nonRepudiation |
| 24 |
extendedKeyUsage=clientAuth,timeStamping"""
|
|
| 24 |
extendedKeyUsage=clientAuth""" |
|
| 25 | 25 |
|
| 26 | 26 |
assert "\n".join(usages_to_extension_lines(usages, REQUIRED_USAGE_EXTENSION_FLAGS)) == expected |
Také k dispozici: Unified diff
Certificate usage hotfix before DEMO #4 - digital signature does not specify timestamping