in src/local_gpu_verifier/src/verifier/cc_admin_utils.py [0:0]
def build_ocsp_request(cert, issuer, nonce=None):
""" A static method to build the ocsp request message.
Args:
cert (OpenSSL.crypto.X509): the input certificate object.
issuer (OpenSSL.crypto.X509): the issuer certificate object.
nonce (bytes, optional): the nonce to be added in the ocsp request message. Defaults to None.
Returns:
[bytes]: the raw ocsp request message.
"""
request_builder = ocsp.OCSPRequestBuilder()
request_builder = request_builder.add_certificate(cert, issuer, SHA384())
if nonce is not None:
request_builder = request_builder.add_extension(extval=OCSPNonce(nonce), critical=True)
ocsp_request = request_builder.build()
# Log the OCSP request details
ocsp_cert_common_name = cert.subject.get_attributes_for_oid(x509.oid.NameOID.COMMON_NAME)[0].value
ocsp_cert_serial_number = cert.serial_number
ocsp_issuer_key_hash_base64 = base64.b64encode(ocsp_request.issuer_key_hash).decode('utf-8')
ocsp_issuer_name_hash_base64 = base64.b64encode(ocsp_request.issuer_name_hash).decode('utf-8')
event_log.debug(f"Building OCSP request for {ocsp_cert_common_name}:")
event_log.debug(f"\tSerial Number: {ocsp_cert_serial_number}")
event_log.debug(f"\tIssuer Key Hash: {ocsp_issuer_key_hash_base64}")
event_log.debug(f"\tIssuer Name Hash: {ocsp_issuer_name_hash_base64}")
return ocsp_request