Revize 4a40b0d2
Přidáno uživatelem Stanislav Král před asi 4 roky(ů)
| src/services/certificate_service.py | ||
|---|---|---|
| 1 |
from src.dao.certificate_repository import CertificateRepository |
|
| 2 |
from src.dao.private_key_repository import PrivateKeyRepository |
|
| 3 |
from src.model.certificate import Certificate |
|
| 4 |
from src.model.subject import Subject |
|
| 5 |
from src.services.cryptography import CryptographyService |
|
| 6 |
|
|
| 7 |
|
|
| 8 |
class CertificateService: |
|
| 9 |
|
|
| 10 |
def __init__(self, cryptography_service: CryptographyService, certificate_repository: CertificateRepository): |
|
| 11 |
self.cryptography_service = cryptography_service |
|
| 12 |
self.certificate_repository = certificate_repository |
|
| 13 |
|
|
| 14 |
# TODO key passphrase is not present in class diagram |
|
| 15 |
def create_root_ca(self, key: PrivateKeyRepository, subject: Subject, extensions: str, config: str, |
|
| 16 |
key_passphrase: str): |
|
| 17 |
cert_pem = self.cryptography_service.create_sscrt(subject, key, key_pass=key_passphrase, extensions=extensions, |
|
| 18 |
config=config) |
|
| 19 |
|
|
| 20 |
certificate = Certificate(-1, subject.common_name, subject) |
|
| src/services/cryptography.py | ||
|---|---|---|
| 1 | 1 |
import subprocess |
| 2 |
import re |
|
| 2 | 3 |
|
| 3 | 4 |
# encryption method to be used when generating private keys |
| 4 | 5 |
from src.utils.temporary_file import TemporaryFile |
| ... | ... | |
| 225 | 226 |
# the process failed because of some other reason (incorrect cert format) |
| 226 | 227 |
raise CryptographyException(OPENSSL_EXECUTABLE, args, err.decode()) |
| 227 | 228 |
|
| 229 |
def parse_cert_pem(self, cert_pem): |
|
| 230 |
args = ["x509", "-noout", "-text", "-in", "-"] |
|
| 231 |
|
|
| 232 |
result = self.__run_for_output(args, proc_input=bytes(cert_pem, encoding="utf-8")).decode() |
|
| 233 |
match = re.search(r"Subject:\s(.*)", result) |
|
| 234 |
pass |
|
| 235 |
# TODO use logger |
|
| 236 |
if match is None: |
|
| 237 |
print(f"Could not find subject to parse: {result}")
|
|
| 238 |
else: |
|
| 239 |
found = re.findall(r"\s?([^=\s]+)\s?=\s?([^,\n]+)", match) |
|
| 240 |
print(found) |
|
| 241 |
for pair in found: |
|
| 242 |
print(pair) |
|
| 243 |
|
|
| 244 |
|
|
| 228 | 245 |
|
| 229 | 246 |
class CryptographyException(Exception): |
| 230 | 247 |
|
| tests/services/cryptography/parse_cert_pem_test.py | ||
|---|---|---|
| 1 |
def test_parse_cert_pem(service): |
|
| 2 |
cert_pem = """ |
|
| 3 |
-----BEGIN CERTIFICATE----- |
|
| 4 |
|
|
| 5 |
MIIGITCCBAmgAwIBAgIUb7xAdXd6AkevhmeQqy2BASDqv/IwDQYJKoZIhvcNAQEL |
|
| 6 |
BQAwgZ8xCzAJBgNVBAYTAkNaMRYwFAYDVQQIDA1QaWxzZW4gUmVnaW9uMQ8wDQYD |
|
| 7 |
VQQHDAZQaWxzZW4xFjAUBgNVBAoMDVJvb3RpbmcgUm9vdHMxHDAaBgNVBAsME0Rl |
|
| 8 |
cGFydG1lbnQgb2YgUk9vdHMxFDASBgNVBAMMC01haW4gUm9vdGVyMRswGQYJKoZI |
|
| 9 |
hvcNAQkBFgxyb290QHJvb3QuY3owHhcNMjEwMzIxMTAwMTUyWhcNMjYwMzIxMTAw |
|
| 10 |
MTUyWjCBnzELMAkGA1UEBhMCQ1oxFjAUBgNVBAgMDVBpbHNlbiBSZWdpb24xDzAN |
|
| 11 |
BgNVBAcMBlBpbHNlbjEWMBQGA1UECgwNUm9vdGluZyBSb290czEcMBoGA1UECwwT |
|
| 12 |
RGVwYXJ0bWVudCBvZiBST290czEUMBIGA1UEAwwLTWFpbiBSb290ZXIxGzAZBgkq |
|
| 13 |
hkiG9w0BCQEWDHJvb3RAcm9vdC5jejCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC |
|
| 14 |
AgoCggIBAMKozynv+ja1VkNWpldsrl6tEGYrkNuG9umyqF0ZOZmzWzR7PiszV8DW |
|
| 15 |
o+OQ3SY7MQ7o3qoE/pSiaApmNFxgarWvGxnVgouncrai1AKB92tFY1VnVfQYICD3 |
|
| 16 |
gdjSzo4Lbfc8+67DHTPc0N70oBZuMueQ6ifUQhrjuVaONwAOsZBdal+VWvctJcrf |
|
| 17 |
fd+s6Jkgb/qWuld21Bzea36PLmgwoe8/RNyS9yzspC8jwdU68BemAPy9NBf9Q8Is |
|
| 18 |
0R7aZ0YwKPsdln3lR5GixrNy+sQl0qwy0NgklWIbqpGbMAInJBbTBmBGIbS0zV3t |
|
| 19 |
Nwi+g1u2WaFn63NeoUswAoDtHDm6FXBFI2BabG5tFVRNdfzGU1PEbILprqk214rt |
|
| 20 |
5+j5xTtpaI07akjozYJfal8c6igKXmNJf+xxtASq5EESNLT0YHwVPlT1S/odGvkN |
|
| 21 |
Hk6OJv2dmcH6nHCgT72aUhaVPP9aUIxlnchPD/iprMqkOkfm/k/LZLmPTsZbfmax |
|
| 22 |
VB1PWRFSWozAR4R562QFNRLLzZBlqiN++XMRBnjX4rRNTjZZyrYG3rIv8SytY8N7 |
|
| 23 |
UU0Ya/k+iYs5inbbHBkC3vI2DT6evxlfaXw8b1QTL4mNwR0aK0HjmVU6XdNcmGYr |
|
| 24 |
/PAxyZNNDM+k9wkcj+Xf4iqVrmk9pHEfkRHHjRpOXvFaLogmx/drAgMBAAGjUzBR |
|
| 25 |
MB0GA1UdDgQWBBQSP3MTbRoAP80MfEriCKa9qoqlFDAfBgNVHSMEGDAWgBQSP3MT |
|
| 26 |
bRoAP80MfEriCKa9qoqlFDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA |
|
| 27 |
A4ICAQCXV3PxhN6U/vhRaXriAOr4RNhvGjdT7XnAC7r21GsfyH3omXPqD/RrrUov |
|
| 28 |
9ZWinxTiQ4xg3f+Iz9DCLXOmwmWoEpPU/LPa2UMENey2XOloQSO4JfdrbVVItWm6 |
|
| 29 |
F0W0aqdMxR9lzt7xoOwT/5wkAEJtHkUyCHB0xv6ZVRJYt07FGt8oipaJl3SlkyhH |
|
| 30 |
onKiCPsjwfcZ7W/lJ4PAFRY1DOLL+2CsLQjE9N2TAViY1HBpI3BfzfsDnXKEV2hS |
|
| 31 |
bNS25bpXbyLKGHqhcD9Y/wQID3fmKQilSSKezEn0nnPfnnb2WF32rWFR2pzgeym/ |
|
| 32 |
Q5vWcJRGSKcD0W58Ob1eLF8pG/FOijgjvHxWiotl2bB2rdEAR8BDJrzhRVxYavft |
|
| 33 |
zpLWb5NGJSjPO29cJ170OyBhXYS+/kpgFf3sxDtOacS6k7LOXcydlckAAHGFwllb |
|
| 34 |
0jkyZ0A2q+RGHIKirs1hWQpOb1O6Pvw+mNtxfghZsq8lnceHIUG9BduTXzWm0MEc |
|
| 35 |
Gh+KpX/I0JzuOc91ydNtvMEOjfIAp8mjLAqDCWRd0OzvE45rPbBAHJXPc4P76B1A |
|
| 36 |
XXwUYr8GuSFQZb1Q4BpCayCYvTLj+7q3z72BCqAA+jMJYV/qU0EpsuFjPvzU8apg |
|
| 37 |
7l9NhB7vf/qhW0XHDa4pv5+d+CXUiHPlW+UTIlni1AfgAel1Ww== |
|
| 38 |
-----END CERTIFICATE----- |
|
| 39 |
""" |
|
| 40 |
|
|
| 41 |
# service.parse_cert_pem(cert_pem) |
|
Také k dispozici: Unified diff
Re #8472 - WIP commit of adding a method capable of parsing a Subject from a cert PEM