ASWI - Pokročilé softwarové inženýrství » ASWI 2021 » Aplikace pro správu X.509 certifikátů (Yoso Czech s.r.o.) - JMSD

from src.services.cryptography import CryptographyException

EXTENSIONS = "extensions"

            key = self.key_service.create_new_key()                                 # TODO pass key

            extensions = None

            if EXTENSIONS in body:

                extensions = body[EXTENSIONS]

            try:

                if CA not in body or body[CA] is None:                              # if issuer omitted (legal) or none

                    cert = self.certificate_service.create_root_ca(                 # create a root CA

                        key,

                        subject,

                        usages=usages_dict,                                         # TODO ignoring usages -> discussion

                        days=body[VALIDITY_DAYS],

                        extensions=extensions

                    )

                else:

                    issuer = self.certificate_service.get_certificate(body[CA])     # get base issuer info

                    if issuer is None:                                              # if such issuer does not exist

                        Logger.error(f"No certificate authority with such unique ID exists 'ID = {key.private_key_id}'.")

                        self.key_service.delete_key(key.private_key_id)             # free

                        return E_NO_ISSUER_FOUND, C_BAD_REQUEST                     # and throw

                    issuer_key = self.key_service.get_key(issuer.private_key_id)    # get issuer's key, which must exist

                    if issuer_key is None:                                          # if it does not

                        Logger.error(f"Internal server error (corrupted database).")

                        self.key_service.delete_key(key.private_key_id)             # free

                        return E_CORRUPTED_DATABASE, C_INTERNAL_SERVER_ERROR        # and throw

                    f = self.certificate_service.create_ca if CA_ID in usages_dict and usages_dict[CA_ID] else \

                        self.certificate_service.create_end_cert

                    # noinspection PyArgumentList

                    cert = f(                                                       # create inter CA or end cert

                        key,                                                        # according to whether 'CA' is among

                        subject,                                                    # the usages' fields

                        issuer,

                        issuer_key,

                        usages=usages_dict,

                        days=body[VALIDITY_DAYS],

                        extensions=extensions

                    )

            except CryptographyException as e:

                return {"success": False, "data": e.message}, C_INTERNAL_SERVER_ERROR