diff --git a/main.py b/main.py index 2db32a7..f245394 100644 --- a/main.py +++ b/main.py @@ -11,6 +11,8 @@ from cryptography.hazmat.primitives.asymmetric import rsa from faker import Faker from sqlalchemy import MetaData, Table, select, create_engine, insert, func, update +CSR_TYPE_VENDOR_INDEPENDENT = "VI" + def build_user_unique_id(email: str) -> str: return md5(email.encode() + secrets.token_bytes(8)).hexdigest() @@ -149,14 +151,15 @@ class DataGenerator: ] ) - # The value of the keytype column is set to "MS" as this is the only supportable key type, "NS" is for - # SPKAC type signing requests and uses MD5, "VI" uses unsupported Microsoft CSR attributes + # The value of the keytype column is set to "VI" as this is the one of the supportable key type, "NS" is for + # SPKAC type signing requests and uses MD5, "MS" seems to be related to Microsoft browsers. "VI" might stand + # for "vendor independent". with self.engine.connect() as conn: stmt = insert(self.emailcerts_table).values( memid=user.id, CN=user.email, subject=f"/CN={user.get_name()}/emailAddress={user.email}", - keytype="MS", + keytype=CSR_TYPE_VENDOR_INDEPENDENT, created=func.now(), modified=func.now(), rootcert=root_cert,