Projekt

Obecné

Profil

« Předchozí | Další » 

Revize c15357a9

Přidáno uživatelem Jan Pašek před téměř 4 roky(ů)

Re #8707 - Implemented get_certificate_state() in CertificateRepository

Zobrazit rozdíly:

src/services/certificate_service.py
4 4 

  		




  5
  5
  
    
from src.config.configuration import Configuration


  		




  6
  6
  
    
from src.constants import ROOT_CA_ID, INTERMEDIATE_CA_ID, CA_ID, CERTIFICATE_ID, CERTIFICATE_STATES, \


  		




  7
  
  
    
    CERTIFICATE_REVOCATION_REASONS, SSL_ID, SIGNATURE_ID, AUTHENTICATION_ID


  		




  
  7
  
    
    CERTIFICATE_REVOCATION_REASONS, SSL_ID, SIGNATURE_ID, AUTHENTICATION_ID, CERTIFICATE_VALID, CERTIFICATE_EXPIRED, \


  		




  
  8
  
    
    CERTIFICATE_REVOKED


  		




  8
  9
  
    
from src.dao.certificate_repository import CertificateRepository


  		




  9
  10
  
    
from src.exceptions.certificate_not_found_exception import CertificateNotFoundException


  		




  10
  11
  
    
from src.exceptions.database_exception import DatabaseException


  		




  ......




  427
  428
  
    
        :return: certificates state from {valid, revoked, expired}


  		




  428
  429
  
    
        :raises CertificateNotFoundException: in case id of non-existing certificate is entered


  		




  429
  430
  
    
        """


  		




  430
  
  
    
        pass


  		




  
  431
  
    
        status = CERTIFICATE_VALID


  		




  
  432
  
    

  		




  
  433
  
    
        # Read the selected certificate from the repository


  		




  
  434
  
    
        certificate = self.certificate_repository.read(id)


  		




  
  435
  
    
        if certificate is None:


  		




  
  436
  
    
            raise CertificateNotFoundException(id)


  		




  
  437
  
    

  		




  
  438
  
    
        # check the expiration date using OpenSSL


  		




  
  439
  
    
        if not self.cryptography_service.verify_cert(certificate.pem_data):


  		




  
  440
  
    
            status = CERTIFICATE_EXPIRED


  		




  
  441
  
    

  		




  
  442
  
    
        # check certificate revocation


  		




  
  443
  
    
        all_revoked_by_parent = self.certificate_repository.get_all_revoked_by(certificate.parent_id)


  		




  
  444
  
    
        all_revoked_by_parent_ids = [cert.certificate_id for cert in all_revoked_by_parent]


  		




  
  445
  
    

  		




  
  446
  
    
        if id in all_revoked_by_parent_ids:


  		




  
  447
  
    
            status = CERTIFICATE_REVOKED


  		




  
  448
  
    

  		




  
  449
  
    
        return status


  		




  
  450
  
    

  		




  431
  451
  
    

  		




  432
  452
  
    
    def __get_crl_endpoint(self, ca_identifier: int) -> str:


  		




  433
  453
  
    
        """


  		












Také k dispozici:  Unified diff