Revize dea7f12f
Přidáno uživatelem Stanislav Král před téměř 4 roky(ů)
| src/services/cryptography.py | ||
|---|---|---|
| 462 | 462 |
:return: byte array containing the generated identity |
| 463 | 463 |
""" |
| 464 | 464 |
with TemporaryFile("cert_key.pem", cert_key_pem) as cert_key_pem_file:
|
| 465 |
if identity_passphrase is None: |
|
| 466 |
identity_passphrase = "" |
|
| 467 |
|
|
| 465 | 468 |
args = ["pkcs12", "-export", "-name", identity_name, "-in", "-", "-inkey", cert_key_pem_file, "-passout", f"pass:{identity_passphrase}", "-passin", f"pass:{cert_key_passphrase}"]
|
| 466 | 469 |
proc_input = cert_pem |
| 467 | 470 |
# when the chain of trust is not empty append the -CAfile argument and the concatenated list of CoT PEMs |
Také k dispozici: Unified diff
Re #8708 - Added a unit test covering a scenario in which an empty identity password is passed to the generate_pkcs_identity method of the CryptographyService
Improved the generate_pkcs_identity method in such way that when None is passed as the identity password then an empty string literal ("") is used instead.