lemur/lemur/constants.py

"""
.. module: lemur.constants
    :copyright: (c) 2018 by Netflix Inc.
    :license: Apache, see LICENSE for more details.
"""
from enum import IntEnum

SAN_NAMING_TEMPLATE = "SAN-{subject}-{issuer}-{not_before}-{not_after}"
DEFAULT_NAMING_TEMPLATE = "{subject}-{issuer}-{not_before}-{not_after}"
NONSTANDARD_NAMING_TEMPLATE = "{issuer}-{not_before}-{not_after}"

SUCCESS_METRIC_STATUS = "success"
FAILURE_METRIC_STATUS = "failure"

# when ACME attempts to resolve a certificate try in total 3 times
ACME_ADDITIONAL_ATTEMPTS = 2

CERTIFICATE_KEY_TYPES = [
    "RSA2048",
    "RSA4096",
    "ECCPRIME192V1",
    "ECCPRIME256V1",
    "ECCSECP192R1",
    "ECCSECP224R1",
    "ECCSECP256R1",
    "ECCSECP384R1",
    "ECCSECP521R1",
    "ECCSECP256K1",
    "ECCSECT163K1",
    "ECCSECT233K1",
    "ECCSECT283K1",
    "ECCSECT409K1",
    "ECCSECT571K1",
    "ECCSECT163R2",
    "ECCSECT233R1",
    "ECCSECT283R1",
    "ECCSECT409R1",
    "ECCSECT571R2",
]


# As per RFC 5280 section 5.3.1 (https://tools.ietf.org/html/rfc5280#section-5.3.1)
class CRLReason(IntEnum):
    unspecified = 0,
    keyCompromise = 1,
    cACompromise = 2,
    affiliationChanged = 3,
    superseded = 4,
    cessationOfOperation = 5,
    certificateHold = 6,
    removeFromCRL = 8,
    privilegeWithdrawn = 9,
    aACompromise = 10
initial commit 2015-06-22 22:47:27 +02:00			`"""`
			`.. module: lemur.constants`
Addressing comments. Updating copyrights. Added function to determine authorative name server 2018-05-29 19:18:16 +02:00			`:copyright: (c) 2018 by Netflix Inc.`
initial commit 2015-06-22 22:47:27 +02:00			`:license: Apache, see LICENSE for more details.`
			`"""`
CRL Reason for certificate revoke 2020-12-01 05:06:37 +01:00			`from enum import IntEnum`

initial commit 2015-06-22 22:47:27 +02:00			`SAN_NAMING_TEMPLATE = "SAN-{subject}-{issuer}-{not_before}-{not_after}"`
			`DEFAULT_NAMING_TEMPLATE = "{subject}-{issuer}-{not_before}-{not_after}"`
			`NONSTANDARD_NAMING_TEMPLATE = "{issuer}-{not_before}-{not_after}"`
Modifying the way we report metrics. Relying on metric tags instead of the the metric name for additional dimensions. (#1036) 2018-01-03 00:26:31 +01:00
Black lint all the things 2019-05-16 16:57:02 +02:00			`SUCCESS_METRIC_STATUS = "success"`
			`FAILURE_METRIC_STATUS = "failure"`
ecc: add the support for ECC (#1191) * ecc: add the support for ECC update generate_private_key to support ECC. Move key types to constant. Update UI for the new key types * ecc: Remove extra line to fix linting * ecc: Fix flake8 lint problems * Update options.tpl.html 2018-04-11 01:54:17 +02:00
introducing ACME_ADDITIONAL_ATTEMPTS 2021-01-29 01:53:15 +01:00			`# when ACME attempts to resolve a certificate try in total 3 times`
			`ACME_ADDITIONAL_ATTEMPTS = 2`

ecc: add the support for ECC (#1191) * ecc: add the support for ECC update generate_private_key to support ECC. Move key types to constant. Update UI for the new key types * ecc: Remove extra line to fix linting * ecc: Fix flake8 lint problems * Update options.tpl.html 2018-04-11 01:54:17 +02:00			`CERTIFICATE_KEY_TYPES = [`
Black lint all the things 2019-05-16 16:57:02 +02:00			`"RSA2048",`
			`"RSA4096",`
			`"ECCPRIME192V1",`
			`"ECCPRIME256V1",`
			`"ECCSECP192R1",`
			`"ECCSECP224R1",`
			`"ECCSECP256R1",`
			`"ECCSECP384R1",`
			`"ECCSECP521R1",`
			`"ECCSECP256K1",`
			`"ECCSECT163K1",`
			`"ECCSECT233K1",`
			`"ECCSECT283K1",`
			`"ECCSECT409K1",`
			`"ECCSECT571K1",`
			`"ECCSECT163R2",`
			`"ECCSECT233R1",`
			`"ECCSECT283R1",`
			`"ECCSECT409R1",`
			`"ECCSECT571R2",`
ecc: add the support for ECC (#1191) * ecc: add the support for ECC update generate_private_key to support ECC. Move key types to constant. Update UI for the new key types * ecc: Remove extra line to fix linting * ecc: Fix flake8 lint problems * Update options.tpl.html 2018-04-11 01:54:17 +02:00			`]`
CRL Reason for certificate revoke 2020-12-01 05:06:37 +01:00

Added RFC reference to enum 2020-12-02 03:44:13 +01:00			`# As per RFC 5280 section 5.3.1 (https://tools.ietf.org/html/rfc5280#section-5.3.1)`
CRL Reason for certificate revoke 2020-12-01 05:06:37 +01:00			`class CRLReason(IntEnum):`
			`unspecified = 0,`
			`keyCompromise = 1,`
			`cACompromise = 2,`
			`affiliationChanged = 3,`
			`superseded = 4,`
			`cessationOfOperation = 5,`
			`certificateHold = 6,`
			`removeFromCRL = 8,`
			`privilegeWithdrawn = 9,`
			`aACompromise = 10`