Projekt

Obecné

Profil

« Předchozí | Další » 

Revize ea1229ee

Přidáno uživatelem Jan Pašek před téměř 4 roky(ů)

Re #8576 - Fix of specifying CRL and OCSP endpoint

Zobrazit rozdíly:

src/services/certificate_service.py
51 51 
            usages = {}
52 52 

  		




  53
  53
  
    
        cert_id = self.certificate_repository.get_next_id()


  		




  54
  
  
    
        extensions = extensions + "\n" + CRL_EXTENSION + " " + self.__get_crl_endpoint(cert_id)


  		




  55
  
  
    
        extensions = extensions + "\n" + OCSP_EXTENSION + " " + self.__get_ocsp_endpoint(cert_id)


  		




  56
  54
  
    

  		




  57
  55
  
    
        # create a new self signed  certificate


  		




  58
  56
  
    
        cert_pem = self.cryptography_service.create_sscrt(subject, key.private_key, key_pass=key.password,


  		




  ......




  116
  114
  
    
        extensions = extensions + "\n" + CA_EXTENSIONS


  		




  117
  115
  
    
        # Add CRL and OCSP distribution point to certificate extensions


  		




  118
  116
  
    
        cert_id = self.certificate_repository.get_next_id()


  		




  119
  
  
    
        extensions = extensions + "\n" + CRL_EXTENSION + " " + self.__get_crl_endpoint(cert_id)


  		




  120
  
  
    
        extensions = extensions + "\n" + OCSP_EXTENSION + " " + self.__get_ocsp_endpoint(cert_id)


  		




  
  117
  
    
        extensions = extensions + "\n" + CRL_EXTENSION + " " + self.__get_crl_endpoint(issuer_cert.certificate_id)


  		




  
  118
  
    
        extensions = extensions + "\n" + OCSP_EXTENSION + " " + self.__get_ocsp_endpoint(issuer_cert.certificate_id)


  		




  121
  119
  
    

  		




  122
  120
  
    
        # TODO implement AIA URI via extensions


  		




  123
  121
  
    
        cert_pem = self.cryptography_service.create_crt(subject, subject_key.private_key, issuer_cert.pem_data,


  		




  ......




  176
  174
  
    
        # get the next certificate ID in order to be able to specify the serial number


  		




  177
  175
  
    
        cert_id = self.certificate_repository.get_next_id()


  		




  178
  176
  
    

  		




  
  177
  
    
        # Add CRL and OCSP distribution point to certificate extensions


  		




  
  178
  
    
        extensions = extensions + "\n" + CRL_EXTENSION + " " + self.__get_crl_endpoint(issuer_cert.certificate_id)


  		




  
  179
  
    
        extensions = extensions + "\n" + OCSP_EXTENSION + " " + self.__get_ocsp_endpoint(issuer_cert.certificate_id)


  		




  
  180
  
    

  		




  179
  181
  
    
        # generate a new certificate


  		




  180
  182
  
    
        cert_pem = self.cryptography_service.create_crt(subject, subject_key.private_key, issuer_cert.pem_data,


  		




  181
  183
  
    
                                                        issuer_key.private_key,


  		












Také k dispozici:  Unified diff