Replace Python Cryptography with OpenSSL CLI for certificate generation#16
Conversation
This change migrates the certificate generation from the Python Cryptography library to OpenSSL CLI commands, following the same approach as PR #4 in the OpenPLC_v3 repository. Key changes: - Replaced credentials.py to use subprocess calls to OpenSSL instead of cryptography library - Upgraded from RSA 2048-bit to 4096-bit keys for enhanced security - Increased certificate validity from 365 days to 36500 days (~100 years) - Removed cryptography dependency from requirements.txt - Added platform detection to app.py: HTTPS on Linux, HTTP on other platforms - Maintained same CertGen class interface for backward compatibility Benefits: - OpenSSL is universally available on Linux systems - No complex Python library dependencies - Stronger security with 4096-bit keys - Cross-platform compatibility with HTTP fallback for non-Linux systems Implements the same changes as: - OpenPLC_v3 PR #4: Autonomy-Logic/OpenPLC_v3#4 - Commits: 1b82973, b3a1e65 Requested by: Thiago Alves (@thiagoralves) Devin run: https://app.devin.ai/sessions/7734798dc74e4823ab03bc8402ba6cfa Co-Authored-By: Thiago Alves <thiagoralves@gmail.com>
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
⚙️ Control Options:
|
There was a problem hiding this comment.
Pull Request Overview
This PR migrates the certificate generation system from the Python cryptography library to OpenSSL CLI commands, enhancing security and platform compatibility.
- Complete rewrite of certificate generation using OpenSSL subprocess calls instead of Python cryptography library
- Enhanced security with RSA 4096-bit keys and ~100-year certificate validity
- Added platform-specific HTTPS/HTTP handling based on operating system
Reviewed Changes
Copilot reviewed 2 out of 3 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| webserver/credentials.py | Complete rewrite to use OpenSSL CLI commands for certificate generation and validation |
| webserver/app.py | Added platform detection logic and HTTP mode for non-Linux systems |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| "-days", | ||
| "36500", | ||
| "-subj", | ||
| f"/CN={self.hostname}", |
There was a problem hiding this comment.
The hostname is directly interpolated into the OpenSSL command without validation or escaping. This could allow command injection if the hostname contains shell metacharacters. Consider validating the hostname format or using shell escaping.
| "-subj", | ||
| f"/CN={self.hostname}", | ||
| "-addext", | ||
| f"subjectAltName={san_string}", |
There was a problem hiding this comment.
The SAN string contains unvalidated IP addresses and hostnames that could contain shell metacharacters. This poses a command injection risk. Consider validating IP addresses and hostnames before constructing the command.
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 2 out of 3 changed files in this pull request and generated 2 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
|
||
| san_list = [f"DNS:{self.hostname}"] | ||
| for ip in self.ip_addresses: | ||
| san_list.append(f"IP:{ip}") |
There was a problem hiding this comment.
IP addresses from self.ip_addresses are directly interpolated into the OpenSSL command without validation. This could allow command injection if malicious IP values are provided. Consider validating IP addresses or using a safer method to construct the SAN extension.
|
|
||
| # Check if the certificate is valid | ||
| if not cert_gen.is_certificate_valid(CERT_FILE): | ||
| # logger.error("Invalid certificate. Cannot start https application") | ||
| print("Invalid certificate. Cannot start https application") # TODO: remove this temporary print once logger is functional again | ||
| sys.exit(1) | ||
|
|
There was a problem hiding this comment.
The certificate validation logic is flawed. The code generates a certificate when files don't exist, but then immediately checks if the certificate is valid and exits if it's not. This could cause the application to exit even after successfully generating a new certificate. The validation check should be moved into an elif block or the logic should be restructured.
| # Check if the certificate is valid | |
| if not cert_gen.is_certificate_valid(CERT_FILE): | |
| # logger.error("Invalid certificate. Cannot start https application") | |
| print("Invalid certificate. Cannot start https application") # TODO: remove this temporary print once logger is functional again | |
| sys.exit(1) | |
| else: | |
| # Check if the certificate is valid | |
| if not cert_gen.is_certificate_valid(CERT_FILE): | |
| # logger.error("Invalid certificate. Cannot start https application") | |
| print("Invalid certificate. Cannot start https application") # TODO: remove this temporary print once logger is functional again | |
| sys.exit(1) |
thiagoralves
deleted the
devin/1728420279-replace-cryptography-with-openssl
branch
Replace Python Cryptography with OpenSSL CLI for certificate generation
Summary
This PR migrates the certificate generation system from the Python
cryptographylibrary to OpenSSL CLI commands, following the same approach implemented in OpenPLC_v3 PR #4. The change includes:webserver/credentials.pyto usesubprocesscalls to OpenSSL instead of the cryptography librarycryptographyfromrequirements.txtCertGenclass interface remains unchanged to ensure existing code continues to workReview & Testing Checklist for Human
Notes
platform.system() == "Linux"to determine HTTPS vs HTTP modeRequested by: Thiago Alves (@thiagoralves)
Devin session: https://app.devin.ai/sessions/7734798dc74e4823ab03bc8402ba6cfa