def create_crl(self, serial_numbers: Iterable[int]) -> bytes:
timestamp = (datetime.utcnow().strftime("%Y%m%d%H%M%S") + "Z").encode("utf-8")
crl = CRL()
for serial_number in serial_numbers:
revoked = Revoked()
revoked.set_serial(hex(serial_number)[2:].encode("utf-8"))
revoked.set_rev_date(timestamp)
revoked.set_reason(b"cessationOfOperation")
crl.add_revoked(revoked)
return crl.export(self.__cert, self.__pkey, FILETYPE_PEM, 1, b"sha256")
def check_get_revoked(self):
"""
Create a CRL object with 100 Revoked objects, then call the
get_revoked method repeatedly.
"""
crl = CRL()
for i in xrange(100):
crl.add_revoked(Revoked())
for i in xrange(self.iterations):
crl.get_revoked()
def check_get_revoked(self):
"""
Create a CRL object with 100 Revoked objects, then call the
get_revoked method repeatedly.
"""
crl = CRL()
for i in xrange(100):
crl.add_revoked(Revoked())
for i in xrange(self.iterations):
crl.get_revoked()
def check_add_revoked(self):
"""
Call the add_revoked method repeatedly on an empty CRL.
"""
for i in xrange(self.iterations * 200):
CRL().add_revoked(Revoked())
def make_test_crl(issuer_cert, issuer_key, certs=()):
"""
Create a CRL.
:param list[X509] certs: A list of certificates to revoke.
:rtype: CRL
"""
crl = CRL()
for cert in certs:
revoked = Revoked()
serial = hex(cert.get_serial_number())[2:].encode('utf-8')
revoked.set_serial(serial)
revoked.set_reason(b'cessationOfOperation')
revoked.set_rev_date(b'20180601000000Z')
crl.add_revoked(revoked)
crl.set_version(1)
crl.set_lastUpdate(b'20180601000000Z')
crl.set_nextUpdate(b'20190601000000Z')
crl.sign(issuer_cert, issuer_key, digest=b'sha512')
return crl