Add base classes for representing certificates, bundles, and fingerprints.
Review Request #13158 — Created July 20, 2023 and submitted — Latest diff uploaded
This introduces a new
reviewboard.certsmodule, which will be used for
all SSL/TLS certificate management support going forward.
It currently contains representations for SSL/TLS certificates + keys,
CA bundles (containing root certs and intermediary certs), and
cryptography's certificate support for parsing out
information from a certificate, such as validity dates and fingerprints,
in order to avoid duplication of effort. These are lazily-parsed as
needed. The goal is to avoid loading this information when just passing
around basic certificate information.
Going forward, the plans are to introduce a
fetching/storing/deleting paths/data for certificates, and backends to
actually handle those operations. The default backend will manage this
We'll then begin to build UI around this and tie the manager into auth,
repository, and WebHook operations, allowing people to begin formally
providing self-signed certificates and internal CA-signed certificates
into all Review Board communication.
Unit tests pass.