core/Projektarbeit-MYP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

"feat: Implement printer management

Browse Source
This commit is contained in:
Till Tomczak
2025-05-26 12:24:43 +02:00
parent 4282b52a3b
commit 57e306db08
11 changed files with 824 additions and 703 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
backend/app/config/settings.py
View File

@@ -128,95 +128,22 @@ def get_ssl_context():
def create_simple_ssl_cert():
"""
Erstellt ein einfaches selbstsigniertes Zertifikat mit Python.
Dies ist ein Fallback, falls OpenSSL nicht verfügbar ist.
Erstellt ein Mercedes-Benz SSL-Zertifikat mit dem neuen SSL-Manager.
"""
try:
import datetime
import socket
from cryptography import x509
from cryptography.x509.oid import NameOID
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives.serialization import Encoding, PrivateFormat, NoEncryption
# Generiere privaten Schlüssel
private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=4096, # Stärkere Schlüsselgröße
)
# Schreibe privaten Schlüssel
with open(SSL_KEY_PATH, "wb") as f:
f.write(private_key.private_bytes(
encoding=Encoding.PEM,
format=PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=NoEncryption()
))
# Aktuelles Datum und Ablaufdatum berechnen
now = datetime.datetime.now()
valid_until = now + datetime.timedelta(days=3650) # 10 Jahre gültig
# Erstelle Zertifikat mit erweiterten Attributen
subject = issuer = x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, SSL_HOSTNAME),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Mercedes-Benz AG"),
x509.NameAttribute(NameOID.ORGANIZATIONAL_UNIT_NAME, "Werk 040 Berlin"),
x509.NameAttribute(NameOID.COUNTRY_NAME, "DE"),
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "Berlin"),
x509.NameAttribute(NameOID.LOCALITY_NAME, "Berlin")
])
cert = x509.CertificateBuilder().subject_name(
subject
).issuer_name(
issuer
).public_key(
private_key.public_key()
).serial_number(
x509.random_serial_number()
).not_valid_before(
now
).not_valid_after(
valid_until
).add_extension(
x509.SubjectAlternativeName([
x509.DNSName(SSL_HOSTNAME),
x509.DNSName("localhost"),
x509.IPAddress(socket.inet_aton("127.0.0.1"))
]),
critical=False,
).add_extension(
x509.BasicConstraints(ca=True, path_length=None), critical=True
).add_extension(
x509.KeyUsage(
digital_signature=True,
content_commitment=False,
key_encipherment=True,
data_encipherment=False,
key_agreement=False,
key_cert_sign=True,
crl_sign=True,
encipher_only=False,
decipher_only=False
), critical=True
).add_extension(
x509.ExtendedKeyUsage([
x509.oid.ExtendedKeyUsageOID.SERVER_AUTH,
x509.oid.ExtendedKeyUsageOID.CLIENT_AUTH
]), critical=False
).sign(private_key, hashes.SHA256())
# Schreibe Zertifikat
with open(SSL_CERT_PATH, "wb") as f:
f.write(cert.public_bytes(Encoding.PEM))
# Verwende den neuen SSL-Manager
from utils.ssl_manager import ssl_manager
success = ssl_manager.generate_mercedes_certificate()
print(f"Verbessertes selbstsigniertes Zertifikat erstellt: {SSL_CERT_PATH}")
print(f"Gültig bis: {valid_until.strftime('%d.%m.%Y')}")
except ImportError:
print("Konnte keine SSL-Zertifikate erstellen: cryptography-Paket nicht installiert")
if success:
print(f"Mercedes-Benz SSL-Zertifikat erfolgreich erstellt: {SSL_CERT_PATH}")
return True
else:
print("Fehler beim Erstellen des Mercedes-Benz SSL-Zertifikats")
return None
except ImportError as e:
print(f"SSL-Manager nicht verfügbar: {e}")
return None
except Exception as e:
print(f"Fehler beim Erstellen der SSL-Zertifikate: {e}")