annotate libervia/backend/tools/common/tls.py @ 4332:71c939e34ca6

XEP-0373 (OX): Adjust to gpgme updates: generate with explicit algorithm and subkeys
author Syndace <me@syndace.dev>
date Sat, 13 Jul 2024 18:28:28 +0200
parents 0d7bb4df2343
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
1 #!/usr/bin/env python3
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
2
3480
7550ae9cfbac Renamed the project from "Salut à Toi" to "Libervia":
Goffi <goffi@goffi.org>
parents: 3479
diff changeset
3 # Libervia: an XMPP client
3479
be6d91572633 date update
Goffi <goffi@goffi.org>
parents: 3380
diff changeset
4 # Copyright (C) 2009-2021 Jérôme Poisson (goffi@goffi.org)
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
5
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
6 # This program is free software: you can redistribute it and/or modify
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
7 # it under the terms of the GNU Affero General Public License as published by
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
8 # the Free Software Foundation, either version 3 of the License, or
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
9 # (at your option) any later version.
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
10
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
11 # This program is distributed in the hope that it will be useful,
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
14 # GNU Affero General Public License for more details.
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
15
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
16 # You should have received a copy of the GNU Affero General Public License
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
17 # along with this program. If not, see <http://www.gnu.org/licenses/>.
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
18
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
19 """TLS handling with twisted"""
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
20
4071
4b842c1fb686 refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents: 4037
diff changeset
21 from libervia.backend.core.log import getLogger
4b842c1fb686 refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents: 4037
diff changeset
22 from libervia.backend.core import exceptions
4b842c1fb686 refactoring: renamed `sat` package to `libervia.backend`
Goffi <goffi@goffi.org>
parents: 4037
diff changeset
23 from libervia.backend.tools import config as tools_config
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
24
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
25
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
26 try:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
27 import OpenSSL
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
28 from twisted.internet import ssl
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
29 except ImportError:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
30 ssl = None
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
31
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
32
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
33 log = getLogger(__name__)
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
34
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
35
4037
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3480
diff changeset
36 def get_options_from_config(config, section=""):
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
37 options = {}
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
38 for option in ("tls_certificate", "tls_private_key", "tls_chain"):
4037
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3480
diff changeset
39 options[option] = tools_config.config_get(config, section, option)
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
40 return options
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
41
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
42
4037
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3480
diff changeset
43 def tls_options_check(options):
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
44 """Check options coherence if TLS is activated, and update missing values
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
45
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
46 Must be called only if TLS is activated
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
47 """
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
48 if not options["tls_certificate"]:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
49 raise exceptions.ConfigError(
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
50 "a TLS certificate is needed to activate HTTPS connection"
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
51 )
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
52 if not options["tls_private_key"]:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
53 options["tls_private_key"] = options["tls_certificate"]
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
54
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
55
4037
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3480
diff changeset
56 def load_certificates(f):
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
57 """Read a .pem file with a list of certificates
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
58
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
59 @param f (file): file obj (opened .pem file)
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
60 @return (list[OpenSSL.crypto.X509]): list of certificates
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
61 @raise OpenSSL.crypto.Error: error while parsing the file
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
62 """
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
63 # XXX: didn't found any method to load a .pem file with several certificates
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
64 # so the certificates split is done here
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
65 certificates = []
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
66 buf = []
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
67 while True:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
68 line = f.readline()
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
69 buf.append(line)
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
70 if "-----END CERTIFICATE-----" in line:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
71 certificates.append(
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
72 OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, "".join(buf))
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
73 )
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
74 buf = []
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
75 elif not line:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
76 log.debug(f"{len(certificates)} certificate(s) found")
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
77 return certificates
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
78
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
79
4037
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3480
diff changeset
80 def load_p_key(f):
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
81 """Read a private key from a .pem file
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
82
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
83 @param f (file): file obj (opened .pem file)
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
84 @return (list[OpenSSL.crypto.PKey]): private key object
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
85 @raise OpenSSL.crypto.Error: error while parsing the file
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
86 """
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
87 return OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM, f.read())
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
88
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
89
4037
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3480
diff changeset
90 def load_certificate(f):
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
91 """Read a public certificate from a .pem file
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
92
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
93 @param f (file): file obj (opened .pem file)
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
94 @return (list[OpenSSL.crypto.X509]): public certificate
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
95 @raise OpenSSL.crypto.Error: error while parsing the file
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
96 """
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
97 return OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, f.read())
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
98
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
99
4037
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3480
diff changeset
100 def get_tls_context_factory(options):
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
101 """Load TLS certificate and build the context factory needed for listenSSL"""
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
102 if ssl is None:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
103 raise ImportError("Python module pyOpenSSL is not installed!")
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
104
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
105 cert_options = {}
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
106
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
107 for name, option, method in [
4037
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3480
diff changeset
108 ("privateKey", "tls_private_key", load_p_key),
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3480
diff changeset
109 ("certificate", "tls_certificate", load_certificate),
524856bd7b19 massive refactoring to switch from camelCase to snake_case:
Goffi <goffi@goffi.org>
parents: 3480
diff changeset
110 ("extraCertChain", "tls_chain", load_certificates),
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
111 ]:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
112 path = options[option]
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
113 if not path:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
114 assert option == "tls_chain"
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
115 continue
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
116 log.debug(f"loading {option} from {path}")
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
117 try:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
118 with open(path) as f:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
119 cert_options[name] = method(f)
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
120 except IOError as e:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
121 raise exceptions.DataError(
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
122 f"Error while reading file {path} for option {option}: {e}"
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
123 )
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
124 except OpenSSL.crypto.Error:
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
125 raise exceptions.DataError(
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
126 f"Error while parsing file {path} for option {option}, are you sure "
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
127 f"it is a valid .pem file?"
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
128 )
4270
0d7bb4df2343 Reformatted code base using black.
Goffi <goffi@goffi.org>
parents: 4071
diff changeset
129 if option == "tls_private_key" and options["tls_certificate"] == path:
3287
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
130 raise exceptions.ConfigError(
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
131 f"You are using the same file for private key and public "
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
132 f"certificate, make sure that both a in {path} or use "
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
133 f"--tls_private_key option"
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
134 )
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
135
a4b8c9bcfb57 tools/common (tls): moved re-usable Twisted TLS code from Libervia to tools/common
Goffi <goffi@goffi.org>
parents:
diff changeset
136 return ssl.CertificateOptions(**cert_options)