Verified Commit 464129b7 authored by Vojtech Myslivec's avatar Vojtech Myslivec
Browse files

cryptography: Fix umask while creating private key

- It should disable group write, not group read
- It should not disable exec as it affects only directories
parent f1fcdd3e
......@@ -2,7 +2,7 @@
Sentinel:Certgen python package
"""
__version__ = '6.1.1'
__version__ = '6.1.2'
DEFAULT_CERT_API_HOSTNAME = "sentinel.turris.cz"
......
......@@ -80,7 +80,7 @@ def generate_priv_key_file(key_path):
backend=default_backend()
)
old_umask = os.umask(0o057)
old_umask = os.umask(0o027)
with open(key_path, "wb") as f:
f.write(key.private_bytes(
encoding=serialization.Encoding.PEM,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment