/src/controllers/certificates_controller.py - Komentovat - Aplikace pro správu X.509 certifikátů (Yoso Czech s.r.o.) - JMSD - Redmine

| Větev: | Tag: | Revize:

aswi2021jmsd-gitlab/src/controllers/certificates_controller.py @ 5f8a2c07

1	ed55c677	Jan Pašek	import json
2	5b57121e	Captain_Trojan	from datetime import datetime
3			from itertools import chain
4	6422796d	Stanislav Král	from json import JSONDecodeError
5
6	5b57121e	Captain_Trojan	from flask import request
7	1fa243ca	Jan Pašek	from injector import inject
8
9			from src.constants import CA_ID, \
10			SSL_ID, SIGNATURE_ID, AUTHENTICATION_ID, \
11			DATETIME_FORMAT, ROOT_CA_ID, INTERMEDIATE_CA_ID, CERTIFICATE_ID # TODO DATABASE_FILE - not the Controller's
12	2cecaf70	Jan Pašek	from src.exceptions.database_exception import DatabaseException
13	9cf9a19d	Captain_Trojan	from src.exceptions.unknown_exception import UnknownException
14	5b57121e	Captain_Trojan	from src.model.subject import Subject
15	2cecaf70	Jan Pašek	from src.services.certificate_service import CertificateService, RevocationReasonInvalidException, \
16	9e6f791a	Jan Pašek	CertificateStatusInvalidException, CertificateNotFoundException, CertificateAlreadyRevokedException
17	1fa243ca	Jan Pašek	# responsibility.
18	5b57121e	Captain_Trojan	from src.services.key_service import KeyService
19
20	9247d70a	Captain_Trojan	TREE_NODE_TYPE_COUNT = 3
21
22	5b57121e	Captain_Trojan	FILTERING = "filtering"
23			ISSUER = "issuer"
24			US = "usage"
25			NOT_AFTER = "notAfter"
26			NOT_BEFORE = "notBefore"
27			COMMON_NAME = "CN"
28			ID = "id"
29	9247d70a	Captain_Trojan	USAGE = "usage"
30			SUBJECT = "subject"
31			VALIDITY_DAYS = "validityDays"
32			CA = "CA"
33	2cecaf70	Jan Pašek	STATUS = "status"
34			REASON = "reason"
35	9c704fb1	Jan Pašek	REASON_UNDEFINED = "unspecified"
36	9247d70a	Captain_Trojan
37			E_NO_ISSUER_FOUND = {"success": False, "data": "No certificate authority with such unique ID exists."}
38	d53c2fdc	Captain_Trojan	E_NO_CERTIFICATES_FOUND = {"success": False, "data": "No such certificate found."}
39	9e6f791a	Jan Pašek	E_NO_CERTIFICATE_ALREADY_REVOKED = {"success": False, "data": "Certificate is already revoked."}
40	cfda1725	Stanislav Král	E_NO_CERT_PRIVATE_KEY_FOUND = {"success": False,
41			"data": "Internal server error (certificate's private key cannot be found)."}
42	5b57121e	Captain_Trojan	E_NOT_JSON_FORMAT = {"success": False, "data": "The request must be JSON-formatted."}
43			E_CORRUPTED_DATABASE = {"success": False, "data": "Internal server error (corrupted database)."}
44			E_GENERAL_ERROR = {"success": False, "data": "Internal server error (unknown origin)."}
45			E_MISSING_PARAMETERS = {"success": False, "data": "Invalid request, missing parameters."}
46			E_WRONG_PARAMETERS = {"success": False, "data": "Invalid request, wrong parameters."}
47
48	9247d70a	Captain_Trojan	C_CREATED_SUCCESSFULLY = 201
49			C_BAD_REQUEST = 400
50	cfda1725	Stanislav Král	C_NOT_FOUND = 404
51	2cecaf70	Jan Pašek	C_NO_DATA = 205 # TODO related to 204 issue # TODO related to 204 issue
52	9247d70a	Captain_Trojan	C_INTERNAL_SERVER_ERROR = 500
53			C_SUCCESS = 200
54	5b57121e	Captain_Trojan
55
56			class CertController:
57	5b6d9513	Captain_Trojan	KEY_MAP = {'CA': CA_ID, 'SSL': SSL_ID, 'digitalSignature': SIGNATURE_ID, 'authentication': AUTHENTICATION_ID}
58			INVERSE_KEY_MAP = {k: v for v, k in KEY_MAP.items()}
59	5b57121e	Captain_Trojan
60	1fa243ca	Jan Pašek	@inject
61			def __init__(self, certificate_service: CertificateService, key_service: KeyService):
62			self.certificate_service = certificate_service
63			self.key_service = key_service
64
65			def create_certificate(self):
66	5b57121e	Captain_Trojan	"""create new certificate
67
68	9247d70a	Captain_Trojan	Create a new certificate based on given information
69	5b57121e	Captain_Trojan
70			:param body: Certificate data to be created
71			:type body: dict \| bytes
72
73			:rtype: CreatedResponse
74			"""
75	9247d70a	Captain_Trojan	required_keys = {SUBJECT, USAGE, VALIDITY_DAYS} # required fields of the POST req
76	5b57121e	Captain_Trojan
77	9247d70a	Captain_Trojan	if request.is_json: # accept JSON only
78	5b57121e	Captain_Trojan	body = request.get_json()
79	9247d70a	Captain_Trojan	if not all(k in body for k in required_keys): # verify that all keys are present
80			return E_MISSING_PARAMETERS, C_BAD_REQUEST
81	5b57121e	Captain_Trojan
82	9247d70a	Captain_Trojan	if not isinstance(body[VALIDITY_DAYS], int): # type checking
83			return E_WRONG_PARAMETERS, C_BAD_REQUEST
84	5b57121e	Captain_Trojan
85	9247d70a	Captain_Trojan	subject = Subject.from_dict(body[SUBJECT]) # generate Subject from passed dict
86	5b57121e	Captain_Trojan
87	9247d70a	Captain_Trojan	if subject is None: # if the format is incorrect
88			return E_WRONG_PARAMETERS, C_BAD_REQUEST
89	5b57121e	Captain_Trojan
90	5b6d9513	Captain_Trojan	usages_dict = {}
91	5b57121e	Captain_Trojan
92	9247d70a	Captain_Trojan	if not isinstance(body[USAGE], dict): # type checking
93			return E_WRONG_PARAMETERS, C_BAD_REQUEST
94	5b57121e	Captain_Trojan
95	9247d70a	Captain_Trojan	for k, v in body[USAGE].items(): # for each usage
96			if k not in CertController.KEY_MAP: # check that it is a valid usage
97			return E_WRONG_PARAMETERS, C_BAD_REQUEST # and throw if it is not
98			usages_dict[CertController.KEY_MAP[k]] = v # otherwise translate key and set
99	5b57121e	Captain_Trojan
100	1fa243ca	Jan Pašek	key = self.key_service.create_new_key() # TODO pass key
101	5b57121e	Captain_Trojan
102	493022a0	Jan Pašek	if CA not in body or body[CA] is None: # if issuer omitted (legal) or none
103	1fa243ca	Jan Pašek	cert = self.certificate_service.create_root_ca( # create a root CA
104	5b57121e	Captain_Trojan	key,
105			subject,
106	9247d70a	Captain_Trojan	usages=usages_dict, # TODO ignoring usages -> discussion
107	5b57121e	Captain_Trojan	days=body[VALIDITY_DAYS]
108			)
109			else:
110	1fa243ca	Jan Pašek	issuer = self.certificate_service.get_certificate(body[CA]) # get base issuer info
111	5b57121e	Captain_Trojan
112	9247d70a	Captain_Trojan	if issuer is None: # if such issuer does not exist
113	1fa243ca	Jan Pašek	self.key_service.delete_key(key.private_key_id) # free
114	9247d70a	Captain_Trojan	return E_NO_ISSUER_FOUND, C_BAD_REQUEST # and throw
115	5b57121e	Captain_Trojan
116	1fa243ca	Jan Pašek	issuer_key = self.key_service.get_key(issuer.private_key_id) # get issuer's key, which must exist
117	5b57121e	Captain_Trojan
118	9247d70a	Captain_Trojan	if issuer_key is None: # if it does not
119	1fa243ca	Jan Pašek	self.key_service.delete_key(key.private_key_id) # free
120	9247d70a	Captain_Trojan	return E_CORRUPTED_DATABASE, C_INTERNAL_SERVER_ERROR # and throw
121	5b57121e	Captain_Trojan
122	1fa243ca	Jan Pašek	f = self.certificate_service.create_ca if CA_ID in usages_dict and usages_dict[CA_ID] else \
123			self.certificate_service.create_end_cert
124	5b57121e	Captain_Trojan
125	9247d70a	Captain_Trojan	# noinspection PyTypeChecker
126			cert = f( # create inter CA or end cert
127			key, # according to whether 'CA' is among
128			subject, # the usages' fields
129	5b57121e	Captain_Trojan	issuer,
130			issuer_key,
131			usages=usages_dict,
132			days=body[VALIDITY_DAYS]
133			)
134
135			if cert is not None:
136			return {"success": True,
137	9247d70a	Captain_Trojan	"data": cert.certificate_id}, C_CREATED_SUCCESSFULLY
138			else: # if this fails, then
139	1fa243ca	Jan Pašek	self.key_service.delete_key(key.private_key_id) # free
140	9247d70a	Captain_Trojan	return {"success": False, # and wonder what the cause is,
141			"data": "Internal error: The certificate could not have been created."}, C_BAD_REQUEST
142			# as obj/None carries only one bit
143			# of error information
144	5b57121e	Captain_Trojan	else:
145	9247d70a	Captain_Trojan	return E_NOT_JSON_FORMAT, C_BAD_REQUEST # throw in case of non-JSON format
146	5b57121e	Captain_Trojan
147	1fa243ca	Jan Pašek	def get_certificate_by_id(self, id):
148	5b57121e	Captain_Trojan	"""get certificate by ID
149
150	9247d70a	Captain_Trojan	Get certificate in PEM format by ID
151	5b57121e	Captain_Trojan
152			:param id: ID of a certificate to be queried
153			:type id: dict \| bytes
154
155			:rtype: PemResponse
156			"""
157	fb987403	Captain_Trojan	try:
158			v = int(id)
159			except ValueError:
160	9247d70a	Captain_Trojan	return E_WRONG_PARAMETERS, C_BAD_REQUEST
161	fb987403	Captain_Trojan
162	1fa243ca	Jan Pašek	cert = self.certificate_service.get_certificate(v)
163	fb987403	Captain_Trojan
164			if cert is None:
165	9cf9a19d	Captain_Trojan	return E_NO_CERTIFICATES_FOUND, C_NO_DATA
166	fb987403	Captain_Trojan	else:
167	9247d70a	Captain_Trojan	return {"success": True, "data": cert.pem_data}, C_SUCCESS
168	5b57121e	Captain_Trojan
169	1fa243ca	Jan Pašek	def get_certificate_details_by_id(self, id):
170	5b57121e	Captain_Trojan	"""get certificate's details by ID
171
172	9247d70a	Captain_Trojan	Get certificate details by ID
173	5b57121e	Captain_Trojan
174			:param id: ID of a certificate whose details are to be queried
175			:type id: dict \| bytes
176
177			:rtype: CertificateResponse
178			"""
179	5b6d9513	Captain_Trojan	try:
180			v = int(id)
181			except ValueError:
182	9247d70a	Captain_Trojan	return E_WRONG_PARAMETERS, C_BAD_REQUEST
183	5b6d9513	Captain_Trojan
184	1fa243ca	Jan Pašek	cert = self.certificate_service.get_certificate(v)
185	5b6d9513	Captain_Trojan
186			if cert is None:
187	9cf9a19d	Captain_Trojan	return E_NO_CERTIFICATES_FOUND, C_NO_DATA
188	5b6d9513	Captain_Trojan	else:
189	1fa243ca	Jan Pašek	data = self.cert_to_dict_full(cert)
190	5b6d9513	Captain_Trojan	if data is None:
191	9247d70a	Captain_Trojan	return E_CORRUPTED_DATABASE, C_INTERNAL_SERVER_ERROR
192			return {"success": True, "data": data}, C_SUCCESS
193	5b57121e	Captain_Trojan
194	1fa243ca	Jan Pašek	def get_certificate_list(self):
195	5b57121e	Captain_Trojan	"""get list of certificates
196
197	9247d70a	Captain_Trojan	Lists certificates based on provided filtering options
198	5b57121e	Captain_Trojan
199			:param filtering: Filter certificate type to be queried
200			:type filtering: dict \| bytes
201
202			:rtype: CertificateListResponse
203			"""
204	9247d70a	Captain_Trojan	targets = {ROOT_CA_ID, INTERMEDIATE_CA_ID, CERTIFICATE_ID} # all targets
205	ed55c677	Jan Pašek
206			# the filtering parameter can be read as URL argument or as a request body
207			if request.is_json or "filtering" in request.args.keys(): # if the request carries JSON data
208			if request.is_json:
209			data = request.get_json() # get it
210			else:
211	6422796d	Stanislav Král	try:
212			data = {"filtering": json.loads(request.args["filtering"])}
213			except JSONDecodeError:
214			return E_NOT_JSON_FORMAT, C_BAD_REQUEST
215
216	9247d70a	Captain_Trojan	if FILTERING in data: # if the 'filtering' field exists
217			if isinstance(data[FILTERING], dict): # and it is also a 'dict'
218			if CA in data[FILTERING]: # containing 'CA'
219			if isinstance(data[FILTERING][CA], bool): # which is a 'bool',
220			if data[FILTERING][CA]: # then filter according to 'CA'.
221	5b57121e	Captain_Trojan	targets.remove(CERTIFICATE_ID)
222			else:
223			targets.remove(ROOT_CA_ID)
224			targets.remove(INTERMEDIATE_CA_ID)
225			else:
226	9247d70a	Captain_Trojan	return E_WRONG_PARAMETERS, C_BAD_REQUEST
227	5b57121e	Captain_Trojan	else:
228	9247d70a	Captain_Trojan	return E_WRONG_PARAMETERS, C_BAD_REQUEST
229	5b57121e	Captain_Trojan
230	9247d70a	Captain_Trojan	if len(targets) == TREE_NODE_TYPE_COUNT: # = 3 -> root node,
231			# intermediate node,
232			# or leaf node
233
234			# if filtering did not change the
235			# targets,
236	1fa243ca	Jan Pašek	certs = self.certificate_service.get_certificates() # fetch everything
237	9247d70a	Captain_Trojan	else: # otherwise fetch targets only
238	1fa243ca	Jan Pašek	certs = list(chain(*(self.certificate_service.get_certificates(target) for target in targets)))
239	5b57121e	Captain_Trojan
240			if certs is None:
241	9247d70a	Captain_Trojan	return E_GENERAL_ERROR, C_INTERNAL_SERVER_ERROR
242	5b57121e	Captain_Trojan	elif len(certs) == 0:
243	9cf9a19d	Captain_Trojan	return E_NO_CERTIFICATES_FOUND, C_NO_DATA
244	5b57121e	Captain_Trojan	else:
245			ret = []
246			for c in certs:
247	1fa243ca	Jan Pašek	data = self.cert_to_dict_partial(c)
248	5b6d9513	Captain_Trojan	if data is None:
249	9247d70a	Captain_Trojan	return E_CORRUPTED_DATABASE, C_INTERNAL_SERVER_ERROR
250	5b57121e	Captain_Trojan	ret.append(
251	5b6d9513	Captain_Trojan	data
252	5b57121e	Captain_Trojan	)
253	9247d70a	Captain_Trojan	return {"success": True, "data": ret}, C_SUCCESS
254	5b57121e	Captain_Trojan
255	1fa243ca	Jan Pašek	def get_certificate_root_by_id(self, id):
256	5b57121e	Captain_Trojan	"""get certificate's root of trust chain by ID
257
258	9247d70a	Captain_Trojan	Get certificate's root of trust chain in PEM format by ID
259	5b57121e	Captain_Trojan
260			:param id: ID of a child certificate whose root is to be queried
261			:type id: dict \| bytes
262
263			:rtype: PemResponse
264			"""
265	d53c2fdc	Captain_Trojan	try:
266			v = int(id)
267			except ValueError:
268	9247d70a	Captain_Trojan	return E_WRONG_PARAMETERS, C_BAD_REQUEST
269	d53c2fdc	Captain_Trojan
270	1fa243ca	Jan Pašek	cert = self.certificate_service.get_certificate(v)
271	d53c2fdc	Captain_Trojan
272			if cert is None:
273	11a90594	Jan Pašek	return E_NO_CERTIFICATES_FOUND, C_NO_DATA
274	d53c2fdc	Captain_Trojan
275	1fa243ca	Jan Pašek	trust_chain = self.certificate_service.get_chain_of_trust(cert.parent_id, exclude_root=False)
276			if trust_chain is None or len(trust_chain) == 0:
277	11a90594	Jan Pašek	return E_NO_CERTIFICATES_FOUND, C_NO_DATA
278	d53c2fdc	Captain_Trojan
279	11a90594	Jan Pašek	return {"success": True, "data": trust_chain[-1].pem_data}, C_SUCCESS
280	5b57121e	Captain_Trojan
281	1fa243ca	Jan Pašek	def get_certificate_trust_chain_by_id(self, id):
282	5b57121e	Captain_Trojan	"""get certificate's trust chain by ID
283
284	9247d70a	Captain_Trojan	Get certificate trust chain in PEM format by ID
285	5b57121e	Captain_Trojan
286			:param id: ID of a child certificate whose chain is to be queried
287			:type id: dict \| bytes
288
289			:rtype: PemResponse
290			"""
291
292	aa740737	Captain_Trojan	try:
293			v = int(id)
294			except ValueError:
295	9247d70a	Captain_Trojan	return E_WRONG_PARAMETERS, C_BAD_REQUEST
296	aa740737	Captain_Trojan
297	1fa243ca	Jan Pašek	cert = self.certificate_service.get_certificate(v)
298	aa740737	Captain_Trojan
299			if cert is None:
300	9cf9a19d	Captain_Trojan	return E_NO_CERTIFICATES_FOUND, C_NO_DATA
301	aa740737	Captain_Trojan
302	11a90594	Jan Pašek	if cert.parent_id is None:
303			return E_NO_CERTIFICATES_FOUND, C_NO_DATA
304	aa740737	Captain_Trojan
305	1fa243ca	Jan Pašek	trust_chain = self.certificate_service.get_chain_of_trust(cert.parent_id)
306	11a90594	Jan Pašek
307			ret = []
308			for intermediate in trust_chain:
309			ret.append(intermediate.pem_data)
310	5b6d9513	Captain_Trojan
311	9247d70a	Captain_Trojan	return {"success": True, "data": "".join(ret)}, C_SUCCESS
312	5b6d9513	Captain_Trojan
313	2cecaf70	Jan Pašek	def set_certificate_status(self, id):
314			"""
315			Revoke a certificate given by ID
316			- revocation request may contain revocation reason
317			- revocation reason is verified based on the possible predefined values
318			- if revocation reason is not specified 'undefined' value is used
319			:param id: Identifier of the certificate to be revoked
320			:type id: int
321
322			:rtype: SuccessResponse \| ErrorResponse (see OpenAPI definition)
323			"""
324			required_keys = {STATUS} # required keys
325
326			# try to parse certificate identifier -> if it is not int return error 400
327			try:
328			identifier = int(id)
329			except ValueError:
330			return E_WRONG_PARAMETERS, C_BAD_REQUEST
331
332			# check if the request contains a JSON body
333			if request.is_json:
334			request_body = request.get_json()
335			# verify that all required keys are present
336			if not all(k in request_body for k in required_keys):
337			return E_MISSING_PARAMETERS, C_BAD_REQUEST
338
339			# get status and reason from the request
340			status = request_body[STATUS]
341			reason = request_body.get(REASON, REASON_UNDEFINED)
342			try:
343			# set certificate status using certificate_service
344	9c704fb1	Jan Pašek	self.certificate_service.set_certificate_revocation_status(identifier, status, reason)
345	9e6f791a	Jan Pašek	except (RevocationReasonInvalidException, CertificateStatusInvalidException):
346	2cecaf70	Jan Pašek	# these exceptions are thrown in case invalid status or revocation reason is passed to the controller
347			return E_WRONG_PARAMETERS, C_BAD_REQUEST
348	9e6f791a	Jan Pašek	except CertificateAlreadyRevokedException:
349			return E_NO_CERTIFICATE_ALREADY_REVOKED, C_BAD_REQUEST
350			except CertificateNotFoundException:
351			return E_NO_CERTIFICATES_FOUND, C_NOT_FOUND
352	2cecaf70	Jan Pašek	return {"success": True,
353	9c704fb1	Jan Pašek	"data": "Certificate status updated successfully."}, C_SUCCESS
354	2cecaf70	Jan Pašek	# throw an error in case the request does not contain a json body
355			else:
356			return E_NOT_JSON_FORMAT, C_BAD_REQUEST
357
358	1fa243ca	Jan Pašek	def cert_to_dict_partial(self, c):
359	9247d70a	Captain_Trojan	"""
360			Dictionarizes a certificate directly fetched from the database. Contains partial information.
361			:param c: target cert
362			:return: certificate dict (compliant with some parts of the REST API)
363			"""
364	1fa243ca	Jan Pašek	c_issuer = self.certificate_service.get_certificate(c.parent_id)
365	5b6d9513	Captain_Trojan	if c_issuer is None:
366			return None
367
368			return {
369			ID: c.certificate_id,
370			COMMON_NAME: c.common_name,
371			NOT_BEFORE: datetime.strptime(c.valid_from, DATETIME_FORMAT).date(),
372			NOT_AFTER: datetime.strptime(c.valid_to, DATETIME_FORMAT).date(),
373			USAGE: {CertController.INVERSE_KEY_MAP[k]: v for k, v in c.usages.items()},
374			ISSUER: {
375			ID: c_issuer.certificate_id,
376			COMMON_NAME: c_issuer.common_name
377			}
378			}
379
380	1fa243ca	Jan Pašek	def cert_to_dict_full(self, c):
381	9247d70a	Captain_Trojan	"""
382			Dictionarizes a certificate directly fetched from the database, but adds subject info.
383			Contains full information.
384			:param c: target cert
385			:return: certificate dict (compliant with some parts of the REST API)
386			"""
387	1fa243ca	Jan Pašek	subj = self.certificate_service.get_subject_from_certificate(c)
388			c_issuer = self.certificate_service.get_certificate(c.parent_id)
389	5b6d9513	Captain_Trojan	if c_issuer is None:
390			return None
391
392			return {
393			SUBJECT: subj.to_dict(),
394			NOT_BEFORE: datetime.strptime(c.valid_from, DATETIME_FORMAT).date(),
395			NOT_AFTER: datetime.strptime(c.valid_to, DATETIME_FORMAT).date(),
396			USAGE: {CertController.INVERSE_KEY_MAP[k]: v for k, v in c.usages.items()},
397			CA: c_issuer.certificate_id
398			}
399	cfda1725	Stanislav Král
400	ce8b9aaf	Stanislav Král	def get_private_key_of_a_certificate(self, id):
401	cfda1725	Stanislav Král	"""
402			Get a private key used to sign a certificate in PEM format specified by certificate's ID
403
404	ce8b9aaf	Stanislav Král	:param id: ID of a certificate whose private key is to be queried
405			:type id: dict \| bytes
406
407			:rtype: PemResponse
408			"""
409
410			# try to parse the supplied ID
411			try:
412			v = int(id)
413			except ValueError:
414			return E_WRONG_PARAMETERS, C_BAD_REQUEST
415
416	eade7427	Stanislav Král	# find a certificate using the given ID
417	ce8b9aaf	Stanislav Král	cert = self.certificate_service.get_certificate(v)
418
419			if cert is None:
420			return E_NO_CERTIFICATES_FOUND, C_NOT_FOUND
421			else:
422			# certificate exists, fetch it's private key
423			private_key = self.key_service.get_key(cert.private_key_id)
424			if cert is None:
425			return E_NO_CERT_PRIVATE_KEY_FOUND, C_INTERNAL_SERVER_ERROR
426			else:
427			return {"success": True, "data": private_key.private_key}, C_SUCCESS
428
429			def get_public_key_of_a_certificate(self, id):
430			"""
431			Get a public key of a certificate in PEM format specified by certificate's ID
432
433	cfda1725	Stanislav Král	:param id: ID of a certificate whose public key is to be queried
434			:type id: dict \| bytes
435
436			:rtype: PemResponse
437			"""
438
439			# try to parse the supplied ID
440			try:
441			v = int(id)
442			except ValueError:
443			return E_WRONG_PARAMETERS, C_BAD_REQUEST
444
445	eade7427	Stanislav Král	# find a certificate using the given ID
446	cfda1725	Stanislav Král	cert = self.certificate_service.get_certificate(v)
447
448			if cert is None:
449			return E_NO_CERTIFICATES_FOUND, C_NOT_FOUND
450			else:
451	d3bfacfc	Stanislav Král	return {"success": True, "data": self.certificate_service.get_public_key_from_certificate(cert)}, C_SUCCESS
452	9cf9a19d	Captain_Trojan
453			def delete_certificate(self, id):
454			"""
455			Deletes a certificate identified by ID, including its corresponding subtree (all descendants).
456			:param id: target certificate ID
457			:rtype: DeleteResponse
458			"""
459			try:
460			v = int(id)
461			except ValueError:
462			return E_WRONG_PARAMETERS, C_BAD_REQUEST
463
464			try:
465			self.certificate_service.delete_certificate(v)
466			except CertificateNotFoundException:
467			return E_NO_CERTIFICATES_FOUND, C_NOT_FOUND
468			except DatabaseException:
469			return E_CORRUPTED_DATABASE, C_INTERNAL_SERVER_ERROR
470			except CertificateStatusInvalidException or RevocationReasonInvalidException or UnknownException:
471			return E_GENERAL_ERROR, C_INTERNAL_SERVER_ERROR
472
473			return {"success": True, "data": "The certificate and its descendants have been successfully deleted."}

Projekt

Obecné

Profil

ASWI - Pokročilé softwarové inženýrství » ASWI 2021 » Aplikace pro správu X.509 certifikátů (Yoso Czech s.r.o.) - JMSD