/ - Diff - Aplikace pro správu X.509 certifikátů (Yoso Czech s.r.o.) - JMSD - Redmine

src/constants.py
59	59	"CACompromise", "affiliationChanged",
60	60	"superseded", "cessationOfOperation",
61	61	"certificateHold", "removeFromCRL"}
	62	CERTIFICATE_REVOCATION_REASON_HOLD = "certificateHold"
62	63
63	64
64	65	# Insert values into the template using % (index_file, serial_file)

     from src.exceptions.unknown_exception import UnknownException
     from src.model.subject import Subject
     from src.services.certificate_service import CertificateService, RevocationReasonInvalidException, \
         CertificateStatusInvalidException, CertificateNotFoundException, CertificateAlreadyRevokedException
         CertificateStatusInvalidException, CertificateNotFoundException, CertificateAlreadyRevokedException, \
         CertificateCannotBeSetToValid
     #  responsibility.
     from src.services.key_service import KeyService
-...
                     return E_NO_CERTIFICATE_ALREADY_REVOKED, C_BAD_REQUEST
                 except CertificateNotFoundException:
                     return E_NO_CERTIFICATES_FOUND, C_NOT_FOUND
                 except CertificateCannotBeSetToValid as e:
                     return {"success": False, "data": str(e)}, C_BAD_REQUEST
                 return {"success": True,
                         "data": "Certificate status updated successfully."}, C_SUCCESS
             # throw an error in case the request does not contain a json body

     from src.config.configuration import Configuration
     from src.constants import ROOT_CA_ID, INTERMEDIATE_CA_ID, CA_ID, CERTIFICATE_ID, CERTIFICATE_STATES, \
         CERTIFICATE_REVOCATION_REASONS, SSL_ID, SIGNATURE_ID, AUTHENTICATION_ID
         CERTIFICATE_REVOCATION_REASONS, SSL_ID, SIGNATURE_ID, AUTHENTICATION_ID, CERTIFICATE_REVOCATION_REASON_HOLD
     from src.dao.certificate_repository import CertificateRepository
     from src.exceptions.certificate_not_found_exception import CertificateNotFoundException
     from src.exceptions.database_exception import DatabaseException
-...
             :param reason: reason for revocation
             :param id: identifier of the certificate whose status is to be changed
             :param status: new status of the certificate
             :raises CertificateStatusInvalidException: if status is not valid
             :raises RevocationReasonInvalidException: if reason is not valid
             :raises CertificateNotFoundException: if certificate with given id cannot be found
             :raises CertificateCannotBeSetToValid: if certificate was already revoked and not on hold,
                     it cannot be set revalidated
             :raises CertificateAlreadyRevokedException: if caller tries to revoke a certificate that is already revoked
             :raises UnknownException: if the database is corrupted
             """
             if status not in CERTIFICATE_STATES:
                 raise CertificateStatusInvalidException(status)
-...
             updated = False
             if status == STATUS_VALID:
                 # if the certificate is revoked but the reason is not certificateHold, it cannot be re-validated
                 #    -> throw an exception
                 if certificate.revocation_reason != "" and \
                    certificate.revocation_reason != CERTIFICATE_REVOCATION_REASON_HOLD:
                     raise CertificateCannotBeSetToValid(certificate.revocation_reason)
                 updated = self.certificate_repository.clear_certificate_revocation(id)
             elif status == STATUS_REVOKED:
                 # check if the certificate is not revoked already
-...
         def __str__(self):
             return f"Certificate id '{self.id}' is already revoked."
     class CertificateCannotBeSetToValid(Exception):
         """
         Exception that denotes that the caller was trying to
         set certificate to valid if the certificate was already
         revoked but not certificateHold.
         """
         def __init__(self, old_reason):
             self.old_state = old_reason
         def __str__(self):
             return "Cannot set revoked certificate back to valid when the certificate revocation reason is not " \
                    "certificateHold. " \
                    f"The revocation reason of the certificate is {self.old_state}"

         d = created_ret.json
         cert_id = d["data"]
         # hold certificate
         revocation_body = {
             "status": "revoked",
             "reason": "certificateHold"
+        }
         revoke_ret = server.patch(f"/api/certificates/{cert_id}", content_type="application/json", json=revocation_body)
         assert revoke_ret.status_code == 200
         assert "data" in revoke_ret.json
         assert "success" in revoke_ret.json
         assert revoke_ret.json["success"]
         # set back to valid again
         valid_body = {
             "status": "valid"
+        }
         valid_ret = server.patch(f"/api/certificates/{cert_id}", content_type="application/json", json=valid_body)
         assert valid_ret.status_code == 200
         assert "data" in valid_ret.json
         assert "success" in valid_ret.json
         assert valid_ret.json["success"]
         # revoke the certificate
         revocation_body = {
             "status": "revoked",
-...
+        }
         valid_ret = server.patch(f"/api/certificates/{cert_id}", content_type="application/json", json=valid_body)
         assert valid_ret.status_code == 200
         assert valid_ret.status_code == 400
         assert "data" in valid_ret.json
         assert "success" in valid_ret.json
         assert valid_ret.json["success"]
         assert not valid_ret.json["success"]
         # wrong status
         revocation_body = {

     from src.constants import SSL_ID, CA_ID, AUTHENTICATION_ID, INTERMEDIATE_CA_ID, ROOT_CA_ID, CERTIFICATE_ID, SIGNATURE_ID
     from src.model.subject import Subject
     from src.services.certificate_service import RevocationReasonInvalidException, CertificateStatusInvalidException, \
         CertificateNotFoundException, CertificateAlreadyRevokedException
         CertificateNotFoundException, CertificateAlreadyRevokedException, CertificateCannotBeSetToValid
     def export_crt(crt):
-...
                                                              root_ca_cert,
                                                              root_ca_private_key, usages={SSL_ID: True})
         certificate_service_unique.set_certificate_revocation_status(inter_ca_cert.certificate_id, "revoked", "unspecified")
         certificate_service_unique.set_certificate_revocation_status(inter_ca_cert.certificate_id, "revoked", "certificateHold")
         all_revoked = certificate_repository_unique.get_all_revoked_by(root_ca_cert.certificate_id)
         assert len(all_revoked) == 1
-...
         with pytest.raises(CertificateAlreadyRevokedException) as e:
             certificate_service_unique.set_certificate_revocation_status(root_ca_cert.certificate_id, "revoked",
                                                                          "unspecified")
         with pytest.raises(CertificateCannotBeSetToValid) as e:
             certificate_service_unique.set_certificate_revocation_status(root_ca_cert.certificate_id, "valid")

Projekt

Obecné

Profil

ASWI - Pokročilé softwarové inženýrství » ASWI 2021 » Aplikace pro správu X.509 certifikátů (Yoso Czech s.r.o.) - JMSD

Revize 94f8d5cf

Přidáno uživatelem Jan Pašek před téměř 4 roky(ů)

Projekt

Obecné

Profil

ASWI - Pokročilé softwarové inženýrství » ASWI 2021 » Aplikace pro správu X.509 certifikátů (Yoso Czech s.r.o.) - JMSD

Revize 94f8d5cf

Přidáno uživatelem Jan Pašek před téměř 4 roky(ů)

Související úkoly