| 1 |
fa03de5c
|
Captain_Trojan
|
from src.utils.file_anchor import FileAnchor
|
| 2 |
|
|
|
| 3 |
d2b0ef43
|
Stanislav Král
|
INMEMORY_DATABASE_FILE = ":memory:"
|
| 4 |
|
|
TEST_DATABASE_FILE = INMEMORY_DATABASE_FILE
|
| 5 |
bcdb15bd
|
David Friesecký
|
DATABASE_FILE = "db/database_sqlite.db"
|
| 6 |
fa03de5c
|
Captain_Trojan
|
DATABASE_FILE_LOCATION = FileAnchor("aswi2021jmsd", DATABASE_FILE)
|
| 7 |
493022a0
|
Jan Pašek
|
DATETIME_FORMAT = "%d.%m.%Y %H:%M:%S"
|
| 8 |
2c96b4a5
|
David Friesecký
|
|
| 9 |
ed35ce72
|
David Friesecký
|
LOG_DIR = "logs"
|
| 10 |
|
|
LOG_FILE = f"{LOG_DIR}/application.log"
|
| 11 |
1bdc90c0
|
David Friesecký
|
LOG_FILE_LOCATION = FileAnchor("aswi2021jmsd", LOG_FILE)
|
| 12 |
|
|
LOG_FORMAT = "%(levelname)-8s %(asctime)s - %(message)s"
|
| 13 |
ed35ce72
|
David Friesecký
|
LOG_NAME = "app_logger"
|
| 14 |
1bdc90c0
|
David Friesecký
|
|
| 15 |
163f57d0
|
David Friesecký
|
REV_REASON_UNSPECIFIED = "unspecified"
|
| 16 |
|
|
|
| 17 |
a0602bad
|
David Friesecký
|
# Types of certificates
|
| 18 |
2c96b4a5
|
David Friesecký
|
ROOT_CA_ID = 1
|
| 19 |
|
|
INTERMEDIATE_CA_ID = 2
|
| 20 |
|
|
CERTIFICATE_ID = 3
|
| 21 |
|
|
|
| 22 |
a0602bad
|
David Friesecký
|
# Usage types of certificates
|
| 23 |
2c96b4a5
|
David Friesecký
|
CA_ID = 1
|
| 24 |
|
|
SSL_ID = 2
|
| 25 |
|
|
SIGNATURE_ID = 3
|
| 26 |
|
|
AUTHENTICATION_ID = 4
|
| 27 |
993ee5a1
|
David Friesecký
|
DICT_USAGES = {CA_ID: False, SSL_ID: False, SIGNATURE_ID: False, AUTHENTICATION_ID: False}
|
| 28 |
|
|
|
| 29 |
b5114e4e
|
David Friesecký
|
# DB names of tables
|
| 30 |
993ee5a1
|
David Friesecký
|
TAB_CERTIFICATES = "Certificates"
|
| 31 |
|
|
TAB_PRIVATE_KEYS = "PrivateKeys"
|
| 32 |
|
|
TAB_CERTIFICATE_USAGES = "CertificateUsages"
|
| 33 |
bcdb15bd
|
David Friesecký
|
TAB_CERTIFICATE_TYPES = "CertificateTypes"
|
| 34 |
|
|
TAB_USAGE_TYPES = "UsageTypes"
|
| 35 |
b5114e4e
|
David Friesecký
|
|
| 36 |
|
|
# DB column names
|
| 37 |
|
|
COL_ID = "id"
|
| 38 |
2525db58
|
Captain_Trojan
|
COL_PK = "private_key"
|
| 39 |
b5114e4e
|
David Friesecký
|
|
| 40 |
993ee5a1
|
David Friesecký
|
# DB column names of Certificates table
|
| 41 |
b5114e4e
|
David Friesecký
|
COL_COMMON_NAME = "common_name"
|
| 42 |
|
|
COL_VALID_FROM = "valid_from"
|
| 43 |
|
|
COL_VALID_TO = "valid_to"
|
| 44 |
|
|
COL_PEM_DATA = "pem_data"
|
| 45 |
1f75a8f5
|
David Friesecký
|
COL_REVOCATION_DATE = "revocation_date"
|
| 46 |
|
|
COL_REVOCATION_REASON = "revocation_reason"
|
| 47 |
6425fa36
|
David Friesecký
|
COL_DELETION_DATE = "deletion_date"
|
| 48 |
b5114e4e
|
David Friesecký
|
COL_PRIVATE_KEY_ID = "private_key_id"
|
| 49 |
993ee5a1
|
David Friesecký
|
COL_TYPE_ID = "certificate_type_id"
|
| 50 |
47e0e828
|
David Friesecký
|
COL_PARENT_ID = "parent_certificate_id"
|
| 51 |
b5114e4e
|
David Friesecký
|
|
| 52 |
993ee5a1
|
David Friesecký
|
# DB column names of PrivateKeys table
|
| 53 |
b5114e4e
|
David Friesecký
|
COL_PRIVATE_KEY = "private_key"
|
| 54 |
|
|
COL_PASSWORD = "password"
|
| 55 |
993ee5a1
|
David Friesecký
|
|
| 56 |
|
|
# DB column names of PrivateKey table
|
| 57 |
|
|
COL_CERTIFICATE_ID = "certificate_id"
|
| 58 |
|
|
COL_USAGE_TYPE_ID = "usage_type_id"
|
| 59 |
c073a0fc
|
Jan Pašek
|
|
| 60 |
|
|
# configuration default
|
| 61 |
|
|
DEFAULT_CONNECTION_STRING = "db/database_sqlite.db"
|
| 62 |
a766e644
|
Jan Pašek
|
DEFAULT_SERVER_BASE_URL = "http://localhost"
|
| 63 |
d78aa613
|
Jan Pašek
|
DEFAULT_LOG_LEVEL = "DEBUG"
|
| 64 |
a766e644
|
Jan Pašek
|
|
| 65 |
|
|
# available certificate states and revocation reasons
|
| 66 |
|
|
CERTIFICATE_STATES = {"valid", "revoked"}
|
| 67 |
|
|
CERTIFICATE_REVOCATION_REASONS = {"unspecified", "keyCompromise",
|
| 68 |
94e89bb1
|
Jan Pašek
|
"CACompromise", "affiliationChanged",
|
| 69 |
a766e644
|
Jan Pašek
|
"superseded", "cessationOfOperation",
|
| 70 |
94e89bb1
|
Jan Pašek
|
"certificateHold", "removeFromCRL"}
|
| 71 |
94f8d5cf
|
Jan Pašek
|
CERTIFICATE_REVOCATION_REASON_HOLD = "certificateHold"
|
| 72 |
64cfca84
|
Jan Pašek
|
|
| 73 |
4beb92c2
|
Jan Pašek
|
CERTIFICATE_VALID = "valid"
|
| 74 |
|
|
CERTIFICATE_REVOKED = "revoked"
|
| 75 |
|
|
CERTIFICATE_EXPIRED = "expired"
|
| 76 |
|
|
|
| 77 |
64cfca84
|
Jan Pašek
|
|
| 78 |
|
|
# Insert values into the template using % (index_file, serial_file)
|
| 79 |
|
|
CRL_CONFIG = """[ ca ]
|
| 80 |
|
|
default_ca = crl_ca
|
| 81 |
|
|
|
| 82 |
|
|
[ crl_ext ]
|
| 83 |
|
|
authorityKeyIdentifier=keyid:always
|
| 84 |
|
|
|
| 85 |
|
|
[ crl_ca ]
|
| 86 |
|
|
database = %s
|
| 87 |
|
|
serial = %s
|
| 88 |
|
|
default_md = sha1
|
| 89 |
dd91fb7a
|
Jan Pašek
|
policy = crl_policy
|
| 90 |
64cfca84
|
Jan Pašek
|
default_crl_days = 30
|
| 91 |
|
|
|
| 92 |
dd91fb7a
|
Jan Pašek
|
[ crl_policy ]
|
| 93 |
64cfca84
|
Jan Pašek
|
commonName = supplied
|
| 94 |
|
|
stateOrProvinceName = optional
|
| 95 |
|
|
countryName = optional
|
| 96 |
|
|
emailAddress = optional
|
| 97 |
|
|
organizationName = optional
|
| 98 |
|
|
organizationalUnitName = optional
|
| 99 |
|
|
|
| 100 |
|
|
"""
|