backup/warcprox
1
0
Fork 0
mirror of https://github.com/internetarchive/warcprox.git synced 2025-01-18 13:22:09 +01:00
Code Issues Projects Releases Activity

Merge pull request #207 from vbanos/certauth-speedup

Browse Source 
Do not generate an RSA private key for every https connection to a new host

Thank you, @vbanos!
This commit is contained in:
Barbara Miller 2024-12-05 17:49:46 -08:00 committed by GitHub
commit d6b9058e3b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
warcprox/certauth.py
View File

@ -152,19 +152,12 @@ class CertificateAuthority(object):
host = host.encode('utf-8') host = host.encode('utf-8')
# Generate key
key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
backend=default_backend()
)
# Generate CSR # Generate CSR
csr = x509.CertificateSigningRequestBuilder().subject_name( csr = x509.CertificateSigningRequestBuilder().subject_name(
x509.Name([ x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, host.decode('utf-8')), x509.NameAttribute(NameOID.COMMON_NAME, host.decode('utf-8')),
]) ])
).sign(key, hash_func, default_backend()) ).sign(self.key, hash_func, default_backend())
# Generate Cert # Generate Cert
cert_builder = x509.CertificateBuilder().subject_name( cert_builder = x509.CertificateBuilder().subject_name(
@ -193,8 +186,8 @@ class CertificateAuthority(object):
cert = cert_builder.sign(root_key, hash_func, default_backend()) cert = cert_builder.sign(root_key, hash_func, default_backend())
# Write cert + key # Write cert + key
self.write_pem(host_filename, cert, key) self.write_pem(host_filename, cert, self.key)
return cert, key return cert, self.key
def write_pem(self, filename, cert, key): def write_pem(self, filename, cert, key):
with open(filename, 'wb+') as f: with open(filename, 'wb+') as f: