PUSH THE BACKEND TO THE LIMIT

py/api.py

@@ -3,10 +3,12 @@ from flask_cors import CORS
 import secrets
 from ai import AI
 from db import DB
+from OpenSSL import crypto
 
 
 class API:
     def __init__(self):
+        self.crypt_size = 4096
         self.app = Flask(__name__)
         self.ai_response = {}
         self.ai = AI()
@@ -16,7 +18,7 @@ class API:
     def run(self):
         @self.app.route('/interstellar/api/ai_create', methods=['GET'])
         def create_ai():
-            access_token = secrets.token_urlsafe(4096)
+            access_token = secrets.token_urlsafe(self.crypt_size)
             self.ai_response[access_token] = ""
             return jsonify({'status': 200, 'access_token': access_token})
 
@@ -51,7 +53,40 @@ class API:
             if action == "check_credentials":
                 self.db.check_credentials(data)
 
-        ssl_context = ('cert.pem', 'key.pem')
+        email_address = "emailAddress"
+        common_name = "commonName"
+        country_name = "NT"
+        locality_name = "localityName"
+        state_or_province_name = "stateOrProvinceName"
+        organization_name = "organizationName"
+        organization_unit_name = "organizationUnitName"
+        serial_number = 0
+        validity_start_in_seconds = 0
+        validity_end_in_seconds = 10 * 365 * 24 * 60 * 60
+        k = crypto.PKey()
+        k.generate_key(crypto.TYPE_RSA, 4096)
+        cert = crypto.X509()
+        cert.get_subject().C = country_name
+        cert.get_subject().ST = state_or_province_name
+        cert.get_subject().L = locality_name
+        cert.get_subject().O = organization_name
+        cert.get_subject().OU = organization_unit_name
+        cert.get_subject().CN = common_name
+        cert.get_subject().emailAddress = email_address
+        cert.set_serial_number(serial_number)
+        cert.gmtime_adj_notBefore(validity_start_in_seconds)
+        cert.gmtime_adj_notAfter(validity_end_in_seconds)
+        cert.set_issuer(cert.get_subject())
+        cert.set_pubkey(k)
+        cert.sign(k, 'sha512')
+
+        with open("cert.pem", "wt") as f:
+            f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode("utf-8"))
+
+        with open("key.pem", "wt") as f:
+            f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, k).decode("utf-8"))
+
+        ssl_context = ("cert.pem", "key.pem")
         self.app.run(debug=True, host='0.0.0.0', port=5000, ssl_context=ssl_context)
 
 

py/install.sh

@@ -1,4 +1,3 @@
-openssl req -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365
 python -m venv venv
 source venv/bin/activate
 pip install -r requirements.txt

py/requirements.txt

@@ -2,3 +2,4 @@ flask
 flask-cors
 ollama
 mistralai
+pyOpenSSL