def ca0_crt(self, ca0_key, now):
ca0_csr = CSR.new(ca0_key, "CN=Trusted CA", hash.sha256())
return CRT.selfsign(
ca0_csr, ca0_key,
not_before=now, not_after=now + dt.timedelta(days=90),
serial_number=0x123456,
basic_constraints=BasicConstraints(True, -1))
def ca1_crt(self, ca1_key, ca0_crt, ca0_key, now):
ca1_csr = CSR.new(ca1_key, "CN=Intermediate CA", hash.sha256())
return ca0_crt.sign(
ca1_csr,
ca0_key,
now,
now + dt.timedelta(days=90),
0x234567,
basic_constraints=BasicConstraints(True, 1),
)
def ee0_crt(self, ee0_key, ca1_crt, ca1_key, now):
ee0_csr = CSR.new(ee0_key, "CN=End Entity", hash.sha256())
return ca1_crt.sign(ee0_csr, ca1_key, now, now + dt.timedelta(days=90),
0x345678)
def digestmod(self):
return hash.sha256()
def algorithm(self):
return md_hash.sha256()
