Categories

Https backend

Currently, I’m working on the backend, which will mainly register user by signing their certificates.

Technologies

I work with Flask because everybody in our group know Python and they will be able to understand and review my code !

I chose MongoDB because our db has no relation, it just stores usernames, public keys, and ids.

I work with the cryptography python package, it uses openssl and I found it to be really great (I tried pyOpenSSL, and pycrypto before).

Certificate format

I decided to use x509 certificates because they have already everything we need in them, and they give different serialisation options.

Advancement

My server can already generate and sign a certificate based on the username and the public key given in a http post, but it’s still far from being ready.

I still need to work on:

  • Write the API documentation
  • Write more tests
  • Find the best way to handle CA private key storage
  • Handle User ids
  • Deployment, we will use Heroku for development (of course if there is a real production one day, we will not use it)
  • Get a https certificate (Let’s encrypt !)

We will maybe create a github mirror so everyone will be able to see and try our code !

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>