ASWI - Pokročilé softwarové inženýrství » ASWI 2021 » Aplikace pro správu X.509 certifikátů (Yoso Czech s.r.o.) - JMSD

    def get_root(self, unique_id: int):

        """

        Function that calls CertificateService.get_chain_of_trust() and extract root CA from the returned chain.

        :param unique_id: ID of the certificate to which to find the root CA

        :return: Instance of the Certificate class containing a root certificate which was found in the chain

        """

        Logger.debug("Function launched.")

        chain_of_trust = self.get_chain_of_trust(from_id=unique_id, exclude_root=False)

        if len(chain_of_trust) == 0:

            Logger.error(f"No such certificate found 'ID = {unique_id}'.")

            raise CertificateNotFoundException(unique_id)

        root_ca = chain_of_trust[len(chain_of_trust) - 1]

        if root_ca.type_id != ROOT_CA_ID or root_ca.certificate_id != root_ca.parent_id:

            Logger.error(f"Certificate id '{root_ca.certificate_id}' has not same parent_id '{root_ca.parent_id} "

                         f"or type_id '{root_ca.type_id}' is not a ROOT_CA_ID '{ROOT_CA_ID}'")

            raise InvalidRootCA(root_ca.type_id, root_ca.certificate_id, root_ca.parent_id)

        return root_ca

class InvalidRootCA(Exception):

    """

    Exception that denotes that certificate has invalid root CA parameters.

    """

    def __init__(self, type_id, id, parent_id):

        self.type_id = type_id

        self.id = id

        self.parent_id = parent_id

    def __str__(self):

        return f"Certificate id '{self.id}' has not same parent_id '{self.parent_id} " \

               f"or type_id '{self.type_id}' is not a ROOT_CA_ID '{ROOT_CA_ID}'"

def test_get_root(certificate_service_unique, private_key_service):

    root_ca_private_key_1 = private_key_service.create_new_key()

    root_ca_private_key_2 = private_key_service.create_new_key()

    inter_ca_private_key = private_key_service.create_new_key()

    end_cert_private_key = private_key_service.create_new_key()

    root_cert_1 = certificate_service_unique.create_root_ca(root_ca_private_key_1,

                                                            Subject(common_name="RootFoo1",

                                                                    organization_unit="Department of Foo"))

    inter_cert = certificate_service_unique.create_ca(inter_ca_private_key, Subject(common_name="Intermediate CA"),

                                                      root_cert_1, root_ca_private_key_1, usages={SSL_ID: True})

    end_cert = certificate_service_unique.create_end_cert(end_cert_private_key,

                                                          Subject("Foo Child", email_address="foo@bar.cz"), inter_cert,

                                                          inter_ca_private_key, usages={AUTHENTICATION_ID: True})

    root_cert_2 = certificate_service_unique.create_root_ca(root_ca_private_key_2,

                                                            Subject(common_name="RootFoo2",

                                                                    organization_unit="Department of Foo"))

    test_root = certificate_service_unique.get_root(unique_id=root_cert_1.certificate_id)

    assert test_root.certificate_id == root_cert_1.certificate_id

    test_root = certificate_service_unique.get_root(unique_id=inter_cert.certificate_id)

    assert test_root.certificate_id == root_cert_1.certificate_id

    test_root = certificate_service_unique.get_root(unique_id=end_cert.certificate_id)

    assert test_root.certificate_id == root_cert_1.certificate_id

    test_root = certificate_service_unique.get_root(unique_id=root_cert_2.certificate_id)

    assert test_root.certificate_id == root_cert_2.certificate_id