certauth: some cleanup for pep8, 2.6 compat

2025-03-15 08:04:49 +01:00 · 2014-07-26 21:06:28 -07:00 · 2014-07-26 21:06:28 -07:00 · 2a9197137e
commit 2a9197137e
parent ae35d92dde
1 changed files with 29 additions and 15 deletions
--- a/pywb/framework/certa.py
+++ b/pywb/framework/certa.py
@ -4,6 +4,7 @@ import OpenSSL
 import random


+#=================================================================
 class CertificateAuthority(object):
    logger = logging.getLogger('pywb.CertificateAuthority')

@ -21,7 +22,6 @@ class CertificateAuthority(object):
            self._read_ca(ca_file)

        if not os.path.exists(certs_dir):
-            self.logger.info("directory for generated certs {} doesn't exist, creating it".format(certs_dir))
            os.mkdir(certs_dir)


@ -41,23 +41,37 @@ class CertificateAuthority(object):
        self.cert.set_issuer(self.cert.get_subject())
        self.cert.set_pubkey(self.key)
        self.cert.add_extensions([
-            OpenSSL.crypto.X509Extension(b"basicConstraints", True, b"CA:TRUE, pathlen:0"),
-            OpenSSL.crypto.X509Extension(b"keyUsage", True, b"keyCertSign, cRLSign"),
-            OpenSSL.crypto.X509Extension(b"subjectKeyIdentifier", False, b"hash", subject=self.cert),
+            OpenSSL.crypto.X509Extension(b"basicConstraints",
+                                         True,
+                                         b"CA:TRUE, pathlen:0"),
+
+            OpenSSL.crypto.X509Extension(b"keyUsage",
+                                         True,
+                                         b"keyCertSign, cRLSign"),
+
+            OpenSSL.crypto.X509Extension(b"subjectKeyIdentifier",
+                                         False,
+                                         b"hash",
+                                         subject=self.cert),
            ])
        self.cert.sign(self.key, "sha1")

        with open(self.ca_file, 'wb+') as f:
-            f.write(OpenSSL.crypto.dump_privatekey(OpenSSL.SSL.FILETYPE_PEM, self.key))
-            f.write(OpenSSL.crypto.dump_certificate(OpenSSL.SSL.FILETYPE_PEM, self.cert))
-
-        self.logger.info('generated CA key+cert and wrote to {}'.format(self.ca_file))
+            f.write(OpenSSL.crypto.dump_privatekey(OpenSSL.SSL.FILETYPE_PEM,
+                                                   self.key))

+            f.write(OpenSSL.crypto.dump_certificate(OpenSSL.SSL.FILETYPE_PEM,
+                                                    self.cert))

    def _read_ca(self, filename):
-        self.cert = OpenSSL.crypto.load_certificate(OpenSSL.SSL.FILETYPE_PEM, open(filename).read())
-        self.key = OpenSSL.crypto.load_privatekey(OpenSSL.SSL.FILETYPE_PEM, open(filename).read())
-        self.logger.info('read CA key+cert from {}'.format(self.ca_file))
+        with open(filename) as cert_fh:
+            self.cert = OpenSSL.crypto.load_certificate(
+                OpenSSL.SSL.FILETYPE_PEM, cert_fh.read())
+
+            cert_fh.seek(0)
+
+            self.key = OpenSSL.crypto.load_privatekey(
+                OpenSSL.SSL.FILETYPE_PEM, cert_fh.read())

    def __getitem__(self, cn):
        cnp = os.path.sep.join([self.certs_dir, '%s.pem' % cn])
@ -83,9 +97,9 @@ class CertificateAuthority(object):
            cert.sign(self.key, 'sha1')

            with open(cnp, 'wb+') as f:
-                f.write(OpenSSL.crypto.dump_privatekey(OpenSSL.SSL.FILETYPE_PEM, key))
-                f.write(OpenSSL.crypto.dump_certificate(OpenSSL.SSL.FILETYPE_PEM, cert))
-
-            self.logger.info('wrote generated key+cert to {}'.format(cnp))
+                f.write(OpenSSL.crypto.dump_privatekey(
+                    OpenSSL.SSL.FILETYPE_PEM, key))
+                f.write(OpenSSL.crypto.dump_certificate(
+                    OpenSSL.SSL.FILETYPE_PEM, cert))

        return cnp