Projet

Général

Profil

« Précédent | Suivant » 

Révision 19b58bab

Ajouté par Remy Menard il y a plus de 11 ans

Version 1.9

  • All:
    - use TLS for secured links
    - SigMa is now fully functionnal
    - completed documention
    - a lot of bugs fixed!
  • SigMa:
    - signature creation from the canonical form of the event
    - signature creation using ECDSA algorithm
    - signature is correctly verified
  • ETa:
    - manage the extension identifying the owner of the event
    - if no identity is provided, the identity of the certificate is used
  • EpcisPHi:
    - access to the web interface of policy management is made by
    certificate
  • OMeGa:
    - if no identity is provided, the identity of the certificate is used
  • IoTa-Installer:
    - create and use certificates for TLS
    - configure Apache Tomcat for TLS
  • Greyc letters figures:
    - show SigMa library (SigMa-Commons)

Voir les différences:

IoTa-Installer/lib/cert.py
#
# This program is a part of the IoTa project.
#
# Copyright © 2012 Université de Caen Basse-Normandie, GREYC
#
# Copyright © 2012-2013 Université de Caen Basse-Normandie, GREYC
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
......
def __init__(self):
installer.Configurer.__init__(self, "Certificate and signing key", "cert", [
("Create a new private key/certificate", "cert", "create_keystore", {"type":"YN"}),
("Create a new private key/certificate?", "cert", "create_keystore", {"type":"YN"}),
("Enter the keystore file name", "cert", "keystore", {}),
("Enter the keystore password", "cert", "password", {}),
("Enter the key/certificate’s principal’s distinguished name (in the form: \"CN=<name>, OU=<unit>, O=<organization>, L=<location>, S=<state>, C=<country>\")",
......
{"when": ("cert", "create_keystore")}),
("Enter the key/certificate’s password (may be empty)", "cert", "keypassword",
{"when": ("cert", "create_keystore")}),
("Export the private key/certificate (needed fort TLS)", "cert", "create_certfile", {"type":"YN"}),
("Export the keystore to JKS?", "cert", "exportkeystore_tojks", {"type":"YN"}),
("Export the private key/certificate (needed fort TLS)?", "cert", "create_certfile", {"type":"YN"}),
("Enter the certificate file name", "cert", "certfile",
{"when": ("cert", "create_certfile")}),
("Create truststore with the exported key/certificate", "cert", "create_truststore", {"type":"YN"}),
("Create truststore with the exported key/certificate?", "cert", "create_truststore", {"type":"YN"}),
("Enter the truststore file name", "cert", "truststore",
{"when": ("cert", "create_truststore")}),
("Enter the truststore’s password", "cert", "trustpassword",
......
self.cget("keyalias"), self.cget("keypassword"),
[("-dname", self.cget("distinguished_name")),
("-keyalg", "RSA")])
if self.cisTrue("exportkeystore_tojks"):
jkskeystore = self.cget("keystore").rpartition(".")[0]
jkskeystore += ".jks"
self.cset("jks_keystore", jkskeystore)
utils.execSrcToDestKeyTool("Convert keystore type from PKCS#12 to JKS", "-importkeystore",
"pkcs12", self.cget("keystore"),
self.cget("password"), self.cget("keyalias"),
"jks", jkskeystore,
self.cget("password"), self.cget("keyalias"), [])
if self.cisTrue("create_certfile"):
utils.execKeytool("Exporting certificate", "-exportcert", "pkcs12",
self.cget("keystore"), self.cget("password"),
self.cget("keyalias"), self.cget("keypassword"),
[("-file", self.cget("certfile"))])
if self.cisTrue("create_trustore"):
if self.cisTrue("create_truststore"):
utils.execKeytool("Creating truststore", "-importcert", "jks",
self.cget("truststore"), self.cget("trustpassword"),
self.cget("trust_keyalias"), self.cget("trust_keypassword"),
[("-file", self.cget("certfile"))])
[("-file", self.cget("certfile")), ("-noprompt", "")])

Formats disponibles : Unified diff