Revize da0fc952
Přidáno uživatelem Stanislav Král před téměř 4 roky(ů)
| app.py | ||
|---|---|---|
| 90 | 90 |
return certificate_controller.generate_certificate_pkcs_identity(id) |
| 91 | 91 |
|
| 92 | 92 |
|
| 93 |
@app.errorhandler(CryptographyException) |
|
| 94 |
def cryptography_error(e, certificate_controller: CertController): |
|
| 95 |
return certificate_controller.handle_cryptography_error(e) |
|
| 96 |
|
|
| 97 |
|
|
| 93 | 98 |
def initialize_app(application) -> bool: |
| 94 | 99 |
""" |
| 95 | 100 |
Initializes the application |
| requirements.txt | ||
|---|---|---|
| 4 | 4 |
Flask-Injector==0.12.3 |
| 5 | 5 |
pytest-cov==2.11.1 |
| 6 | 6 |
six==1.15.0 |
| 7 |
pytest-mock==3.6.1 |
|
| src/controllers/certificates_controller.py | ||
|---|---|---|
| 65 | 65 |
E_INVALID_EXTENSIONS = {"success": False, "data": "Error occurred while creating a certificate. "
|
| 66 | 66 |
"It may be caused by wrong format of extensions."} |
| 67 | 67 |
|
| 68 |
E_UNHANDLED_CRYPTOGRAPHY_ERROR = {"success": False, "data": "An unknown error has happened in the cryptography library."}
|
|
| 69 |
|
|
| 68 | 70 |
|
| 69 | 71 |
class CertController: |
| 70 | 72 |
USAGE_KEY_MAP = {'CA': CA_ID, 'SSL': SSL_ID, 'digitalSignature': SIGNATURE_ID, 'authentication': AUTHENTICATION_ID}
|
| ... | ... | |
| 768 | 770 |
identity_name, |
| 769 | 771 |
identity_password) |
| 770 | 772 |
return Response(identity_byte_array, mimetype='application/x-pkcs12') |
| 773 |
|
|
| 774 |
@staticmethod |
|
| 775 |
def handle_cryptography_error(e): |
|
| 776 |
Logger.error(f"An unhandled CryptographyException has been raised: {str(e)}")
|
|
| 777 |
return E_UNHANDLED_CRYPTOGRAPHY_ERROR, C_INTERNAL_SERVER_ERROR |
|
| src/services/cryptography.py | ||
|---|---|---|
| 520 | 520 |
|
| 521 | 521 |
def __str__(self): |
| 522 | 522 |
# TODO check log is valid here |
| 523 |
# TODO Standa does not think so... |
|
| 523 | 524 |
msg = f""" |
| 524 | 525 |
EXECUTABLE: {self.executable}
|
| 525 | 526 |
ARGS: {self.args}
|
| tests/integration_tests/rest_api/certificates_test.py | ||
|---|---|---|
| 3 | 3 |
# 2->3->4->5->6->7 |
| 4 | 4 |
# 2->8->9 |
| 5 | 5 |
from src.controllers.certificates_controller import E_IDENTITY_NAME_NOT_SPECIFIED, E_IDENTITY_PASSWORD_NOT_SPECIFIED, \ |
| 6 |
E_NO_CERTIFICATES_FOUND |
|
| 6 |
E_NO_CERTIFICATES_FOUND, E_UNHANDLED_CRYPTOGRAPHY_ERROR |
|
| 7 |
from src.services.cryptography import CryptographyException |
|
| 7 | 8 |
|
| 8 | 9 |
|
| 9 | 10 |
def make_root_ca(server, title="Root CA s.r.o."): |
| ... | ... | |
| 1295 | 1296 |
json={"password": "foopass", "name": "Foo"})
|
| 1296 | 1297 |
assert identity_ret.status_code == 404 |
| 1297 | 1298 |
assert identity_ret.json == E_NO_CERTIFICATES_FOUND |
| 1299 |
|
|
| 1300 |
|
|
| 1301 |
def test_cryptography_error_handler(server, mocker): |
|
| 1302 |
def mock_raises_cryptography_error(self, subject, key, config="", extensions="", key_pass=None, days=30, sn: int = None): |
|
| 1303 |
raise CryptographyException("openssl", ["x509", "-faulty"], "Faulty openssl call")
|
|
| 1304 |
|
|
| 1305 |
mocker.patch( |
|
| 1306 |
# patch create_sscrt in such way that a CryptographyException is raised |
|
| 1307 |
'src.services.cryptography.CryptographyService.create_sscrt', |
|
| 1308 |
mock_raises_cryptography_error |
|
| 1309 |
) |
|
| 1310 |
|
|
| 1311 |
ret = make_root_ca(server) |
|
| 1312 |
assert ret.status_code == 500 |
|
| 1313 |
assert ret.json == E_UNHANDLED_CRYPTOGRAPHY_ERROR |
|
Také k dispozici: Unified diff
Added a global error handler for CryptographyException errors.
Added a dependency ony pytest-mock library in order to be able to mock method calls in tests.
Covered the added global CryptographyException error handler in a test.