lauri/certidude
1
0
Fork 0
mirror of https://github.com/laurivosandi/certidude synced 2024-12-22 08:15:18 +00:00
Code Issues Activity

Fix certificate serial numbering

Browse Source
This commit is contained in:
Lauri Võsandi 2018-04-13 07:57:49 +00:00
parent ffd1281b83
commit a0e263385b
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
certidude/api/ocsp.py
View File

@ -50,6 +50,7 @@ class OCSPResource(AuthorityHandler):
responses = [] responses = []
for item in ocsp_req["tbs_request"]["request_list"]: for item in ocsp_req["tbs_request"]["request_list"]:
serial = item["req_cert"]["serial_number"].native serial = item["req_cert"]["serial_number"].native
assert serial > 0, "Serial number correctness check failed"
try: try:
link_target = os.readlink(os.path.join(config.SIGNED_BY_SERIAL_DIR, "%x.pem" % serial)) link_target = os.readlink(os.path.join(config.SIGNED_BY_SERIAL_DIR, "%x.pem" % serial))

2
certidude/authority.py
View File

@ -380,7 +380,7 @@ def _sign(csr, buf, skip_notify=False, skip_push=False, overwrite=False, profile
builder = CertificateBuilder(dn, csr_pubkey) builder = CertificateBuilder(dn, csr_pubkey)
builder.serial_number = random.randint( builder.serial_number = random.randint(
0x1000000000000000000000000000000000000000, 0x1000000000000000000000000000000000000000,
0xffffffffffffffffffffffffffffffffffffffff) 0x7fffffffffffffffffffffffffffffffffffffff)
now = datetime.utcnow() now = datetime.utcnow()
builder.begin_date = now - timedelta(minutes=5) builder.begin_date = now - timedelta(minutes=5)