OLD | NEW |
---|---|
1 # Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 # Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 # Use of this source code is governed by a BSD-style license that can be | 2 # Use of this source code is governed by a BSD-style license that can be |
3 # found in the LICENSE file. | 3 # found in the LICENSE file. |
4 | 4 |
5 import asn1 | 5 import asn1 |
6 import datetime | 6 import datetime |
7 import hashlib | 7 import hashlib |
8 import itertools | 8 import itertools |
9 import os | 9 import os |
10 import time | 10 import time |
(...skipping 269 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
280 cert_status = asn1.Raw(asn1.TagAndLength(0x80 | 0, 0)) | 280 cert_status = asn1.Raw(asn1.TagAndLength(0x80 | 0, 0)) |
281 serial -= 1 | 281 serial -= 1 |
282 else: | 282 else: |
283 raise ValueError('Bad OCSP state: ' + str(ocsp_state)) | 283 raise ValueError('Bad OCSP state: ' + str(ocsp_state)) |
284 | 284 |
285 now = datetime.datetime.fromtimestamp(time.mktime(time.gmtime())) | 285 now = datetime.datetime.fromtimestamp(time.mktime(time.gmtime())) |
286 if ocsp_date == OCSP_DATE_VALID: | 286 if ocsp_date == OCSP_DATE_VALID: |
287 thisUpdate = now - datetime.timedelta(days=1) | 287 thisUpdate = now - datetime.timedelta(days=1) |
288 nextUpdate = thisUpdate + datetime.timedelta(weeks=1) | 288 nextUpdate = thisUpdate + datetime.timedelta(weeks=1) |
289 elif ocsp_date == OCSP_DATE_OLD: | 289 elif ocsp_date == OCSP_DATE_OLD: |
290 thisUpdate = now - datetime.timedelta(hours=1, weeks=1) | 290 thisUpdate = now - datetime.timedelta(days=1, weeks=1) |
291 nextUpdate = thisUpdate + datetime.timedelta(weeks=1) | 291 nextUpdate = thisUpdate + datetime.timedelta(weeks=1) |
292 elif ocsp_date == OCSP_DATE_EARLY: | 292 elif ocsp_date == OCSP_DATE_EARLY: |
293 thisUpdate = now + datetime.timedelta(hours=1) | 293 thisUpdate = now + datetime.timedelta(days=1) |
294 nextUpdate = thisUpdate + datetime.timedelta(weeks=1) | 294 nextUpdate = thisUpdate + datetime.timedelta(weeks=1) |
295 elif ocsp_date == OCSP_DATE_LONG: | 295 elif ocsp_date == OCSP_DATE_LONG: |
296 thisUpdate = now - datetime.timedelta(days=365) | 296 thisUpdate = now - datetime.timedelta(days=365) |
297 nextUpdate = thisUpdate + datetime.timedelta(hours=1, days=365) | 297 nextUpdate = thisUpdate + datetime.timedelta(days=366) |
298 elif ocsp_date == OCSP_DATE_BEFORE_CERT: | |
299 thisUpdate = now - datetime.timedelta(days=1) | |
300 nextUpdate = thisUpdate + datetime.timedelta(weeks=1) | |
301 elif ocsp_date == OCSP_DATE_AFTER_CERT: | |
timvolodine
2016/07/22 12:35:49
also seeing OCSP_DATE_AFTER_CERT in src/net/tools/
| |
302 thisUpdate = now - datetime.timedelta(days=1) | |
303 nextUpdate = thisUpdate + datetime.timedelta(weeks=1) | |
304 else: | 298 else: |
305 raise ValueError('Bad OCSP date: ' + str(ocsp_date)) | 299 raise ValueError('Bad OCSP date: ' + str(ocsp_date)) |
306 | 300 |
307 return asn1.SEQUENCE([ # SingleResponse | 301 return asn1.SEQUENCE([ # SingleResponse |
308 asn1.SEQUENCE([ # CertID | 302 asn1.SEQUENCE([ # CertID |
309 asn1.SEQUENCE([ # hashAlgorithm | 303 asn1.SEQUENCE([ # hashAlgorithm |
310 HASH_SHA1, | 304 HASH_SHA1, |
311 None, | 305 None, |
312 ]), | 306 ]), |
313 issuer_name_hash, | 307 issuer_name_hash, |
(...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
437 OCSP_TYPE_BASIC, | 431 OCSP_TYPE_BASIC, |
438 asn1.OCTETSTRING(asn1.ToDER(basic_resp)), | 432 asn1.OCTETSTRING(asn1.ToDER(basic_resp)), |
439 ])), | 433 ])), |
440 ]) | 434 ]) |
441 ocsp_der = asn1.ToDER(resp) | 435 ocsp_der = asn1.ToDER(resp) |
442 else: | 436 else: |
443 ocsp_der = MakeOCSPResponse( | 437 ocsp_der = MakeOCSPResponse( |
444 ISSUER_CN, KEY, serial, ocsp_states, ocsp_dates, ocsp_produced) | 438 ISSUER_CN, KEY, serial, ocsp_states, ocsp_dates, ocsp_produced) |
445 | 439 |
446 return (cert_pem + KEY_PEM, ocsp_der) | 440 return (cert_pem + KEY_PEM, ocsp_der) |
OLD | NEW |