mock-ocsp/mock_ocspresponder.py at master · RasmusSoot/mock-ocsp · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
from datetime import datetime
from typing import Optional

from ocspbuilder import OCSPResponseBuilder
from ocspresponder import OCSPResponder, CertificateStatus

import monkeypatch

OCSPResponseBuilder.build = monkeypatch.build
OCSPResponder.serve = monkeypatch.serve

ISSUER_CERT = 'conf/issuer.crt'
OCSP_CERT = 'conf/cert.pem'
OCSP_KEY = 'conf/key.pem'


def validate(serial: int) -> (CertificateStatus, Optional[datetime]):
    return (CertificateStatus.good, None)


def get_cert(serial: int) -> str:
    """
    Assume the certificates are stored in the ``certs`` directory with the
    serial as base filename.
    """
    with open('certs/%s.cert.pem' % serial, 'r') as f:
        return f.read().strip()


app = OCSPResponder(
    ISSUER_CERT, OCSP_CERT, OCSP_KEY,
    validate_func=validate,
    cert_retrieve_func=get_cert,
)

if __name__ == "__main__":
    app.serve(port=8080, debug=True)