ASWI - Pokročilé softwarové inženýrství » ASWI 2021 » Aplikace pro správu X.509 certifikátů (Yoso Czech s.r.o.) - JMSD

@app.route('/api/certificates/<id>/identity', methods=["POST"])

def generate_certificate_pkcs_identity(id, certificate_controller: CertController):

    return certificate_controller.generate_certificate_pkcs_identity(id)

from flask import request, Response

NAME = "name"

PASSWORD = "password"

E_IDENTITY_NAME_NOT_SPECIFIED = {"success": False, "data": "Invalid request, missing identity name."}

E_IDENTITY_PASSWORD_NOT_SPECIFIED = {"success": False, "data": "Invalid request, missing identity password."}

        return {"success": True, "data": "The certificate and its descendants have been successfully deleted."}

    def generate_certificate_pkcs_identity(self, id):

        """

        Generates a PKCS12 identity (including the chain of trust) of the certificate given by the specified ID.

        Response is of application/x-pkcs12 type.

        :param id: ID of a certificate whose PKCS12 identity should be generated

        :type id: int

        :rtype: Response

        """

        Logger.info(f"\n\t{request.referrer}"

                    f"\n\t{request.method}   {request.path}   {request.scheme}"

                    f"\n\tCertificate ID = {id}")

        # try to parse the supplied ID

        try:

            v = int(id)

        except ValueError:

            Logger.error(f"Invalid request, wrong parameters 'id'[{id}] (expected integer).")

            return E_WRONG_PARAMETERS, C_BAD_REQUEST

        # find a certificate using the given ID

        cert = self.certificate_service.get_certificate(v)

        if request.is_json:                                                         # accept JSON only

            body = request.get_json()

            # check whether the request is well formed meaning that it contains all required fields

            if NAME not in body.keys():

                return E_IDENTITY_NAME_NOT_SPECIFIED, C_BAD_REQUEST

            if PASSWORD not in body.keys():

                return E_IDENTITY_PASSWORD_NOT_SPECIFIED, C_BAD_REQUEST

            # parse required fields from the request

            identity_name = body[NAME]

            identity_password = body[PASSWORD]

            # check whether a certificated specified by the given ID exists

            if cert is None:

                Logger.error(f"No such certificate found 'ID = {v}'.")

                return E_NO_CERTIFICATES_FOUND, C_NOT_FOUND

            else:

                # try to load it's private key

                key = self.key_service.get_key(cert.private_key_id)

                if key is None:

                    Logger.error(

                        f"The private key 'ID = {cert.private_key_id}'of the certificate 'ID = {cert.certificate_id}' does not exist.")

                    return E_NO_CERTIFICATES_FOUND, C_INTERNAL_SERVER_ERROR

                else:

                    # generate PKCS12 identity

                    identity_byte_array = self.certificate_service.generate_pkcs_identity(cert.certificate_id, key,

                                                                                          identity_name,

                                                                                          identity_password)

                    return Response(identity_byte_array, mimetype='application/x-pkcs12')