Skip to content

Commit

Permalink
Added SKI and AKI extensions
Browse files Browse the repository at this point in the history
Signed-off-by: Tero Saarni <[email protected]>
  • Loading branch information
tsaarni committed Nov 3, 2024
1 parent 334f2d7 commit 8f37e8d
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 0 deletions.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ pip install certy
Create virtual environment by running `python3 -m venv .venv`, then activate it `source .venv/bin/activate`.
Install dependencies by running `pip install -r dev-requirements.txt`.
Run tests with `pytest`.
To build wheel, run `flit build` and check the generated wheel in `dist` directory.
To find out coverage of tests, execute `coverage run -m pytest` and then `coverage html`.
The coverage report is generated to `htmlcov/index.html`.

Expand Down
9 changes: 9 additions & 0 deletions src/certy/credential.py
Original file line number Diff line number Diff line change
Expand Up @@ -405,6 +405,15 @@ def generate(self) -> Credential:
)

builder = builder.add_extension(x509.BasicConstraints(ca=self._is_ca, path_length=None), critical=True)
builder = builder.add_extension(
x509.SubjectKeyIdentifier.from_public_key(self._private_key.public_key()), critical=False
)

if self._issuer is not None:
builder = builder.add_extension(
x509.AuthorityKeyIdentifier.from_issuer_public_key(effective_issuer._private_key.public_key()),
critical=False,
)

if self._subject_alt_names is not None:
builder = builder.add_extension(x509.SubjectAlternativeName(self._subject_alt_names), critical=False)
Expand Down

0 comments on commit 8f37e8d

Please sign in to comment.