Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-05-05 14:34:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

Return a sha256 fingerprint rather than the entire tls certificate

Browse source
This commit is contained in:
Mark Haines 2015-04-14 19:10:09 +01:00
parent d488463fa3
commit 32e14d8181
3 changed files with 33 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
synapse/rest/key/v2/local_key_resource.py
View file

@ -19,6 +19,7 @@ from synapse.http.server import respond_with_json_bytes
from syutil.crypto.jsonsign import sign_json
from syutil.base64util import encode_base64
from syutil.jsonutil import encode_canonical_json
from hashlib import sha256
from OpenSSL import crypto
import logging
@ -88,12 +89,17 @@ class LocalKey(Resource):
crypto.FILETYPE_ASN1,
self.config.tls_certificate
)
sha256_fingerprint = sha256(x509_certificate_bytes).digest()
json_object = {
u"expires": self.expires,
u"valid_until": self.expires,
u"server_name": self.config.server_name,
u"verify_keys": verify_keys,
u"old_verify_keys": old_verify_keys,
u"tls_certificate": encode_base64(x509_certificate_bytes)
u"tls_fingerprints": [{
u"sha256": encode_base64(sha256_fingerprint),
}]
}
for key in self.config.signing_key:
json_object = sign_json(