Projekt

Obecné

Profil

« Předchozí | Další » 

Revize 94e89bb1

Přidáno uživatelem Jan Pašek před téměř 4 roky(ů)

Re #8576 - calling CryptographyService from CrlService, passphrase support

Zobrazit rozdíly:

src/services/crl/crl_service.py
3 3 
from injector import inject
4 4 

  		




  5
  5
  
    
from src.dao.certificate_repository import CertificateRepository


  		




  
  6
  
    
from src.dao.private_key_repository import PrivateKeyRepository


  		




  6
  7
  
    
from src.exceptions.certificate_not_found_exception import CertificateNotFoundException


  		




  
  8
  
    
from src.exceptions.private_key_not_found_exception import PrivateKeyNotFoundException


  		




  7
  9
  
    
from src.services.crl.ca_index_file_line_generator import create_index_file_revoked_line


  		




  8
  10
  
    
from src.services.cryptography import CryptographyService


  		




  9
  11
  
    
from src.utils.temporary_file import TemporaryFile


  		




  ......




  13
  15
  
    
    @inject


  		




  14
  16
  
    
    def __init__(self,


  		




  15
  17
  
    
                 certificate_repository: CertificateRepository,


  		




  
  18
  
    
                 key_repository: PrivateKeyRepository,


  		




  16
  19
  
    
                 cryptography_service: CryptographyService


  		




  17
  20
  
    
                 ):


  		




  
  21
  
    
        self.key_repository = key_repository


  		




  18
  22
  
    
        self.certificate_repository = certificate_repository


  		




  19
  23
  
    
        self.cryptography_service = cryptography_service


  		




  20
  24
  
    

  		




  ......




  53
  57
  
    
        :param ca_id: ID of a CA whose CRL shall be generated


  		




  54
  58
  
    
        :return: CRL in PEM format


  		




  55
  59
  
    
        """


  		




  56
  
  
    
        # check if the requested CA exists and if not throw an exception


  		




  57
  
  
    
        if self.certificate_repository.read(ca_id) is None:


  		




  
  60
  
    
        # get cert and check if the requested CA exists and if not throw an exception


  		




  
  61
  
    
        cert = self.certificate_repository.read(ca_id)


  		




  
  62
  
    
        if cert is None:


  		




  58
  63
  
    
            raise CertificateNotFoundException(ca_id)


  		




  59
  64
  
    

  		




  
  65
  
    
        # get key and check if it exists


  		




  
  66
  
    
        key = self.key_repository.read(cert.private_key_id)


  		




  
  67
  
    
        if key is None:


  		




  
  68
  
    
            raise PrivateKeyNotFoundException(ca_id)


  		




  
  69
  
    

  		




  60
  70
  
    
        # Create an index file and call cryptography service to generate CRL


  		




  61
  
  
    
        with TemporaryFile("crl.index", self.create_revoked_index(ca_id)) as index_path:


  		




  62
  
  
    
            crl_content = self.cryptography_service.generate_crl(index_path)


  		




  
  71
  
    
        with TemporaryFile("crl.index", f"{self.create_revoked_index(ca_id)}\n") as index_path:


  		




  
  72
  
    
            crl_content = self.cryptography_service.generate_crl(cert, key, index_path)


  		




  63
  73
  
    

  		




  64
  74
  
    
        return crl_content


  		












Také k dispozici:  Unified diff