From abfbfe3174f606090686bbb0e8460f357f05cb13 Mon Sep 17 00:00:00 2001 From: Edoardo Putti Date: Fri, 23 Sep 2016 17:05:08 +0200 Subject: [PATCH] draft for new descriptor API --- ca_manager.py | 102 ++++++++++++++++++-------------------------------- ca_shell.py | 19 ++++++---- 2 files changed, 48 insertions(+), 73 deletions(-) diff --git a/ca_manager.py b/ca_manager.py index 59567a6..c1cf18e 100755 --- a/ca_manager.py +++ b/ca_manager.py @@ -11,7 +11,8 @@ import sqlite3 import tempfile from certificate_requests import * -from paths import * +#from paths import * +from local import * __doc__= """ Define classes to interact with certificate requests and Certification Authority @@ -21,9 +22,11 @@ class CAManager(object): """ Middleware to interact with ssh-keygen """ + def __init__(self, path): self.path = path self.ca = CALookup(self.ssh_ca_dir, self.ssl_ca_dir) + self.request = RequestLookup() def __enter__(self): """ @@ -57,69 +60,6 @@ class CAManager(object): def ssl_ca_dir(self): return os.path.join(self.path, 'ssl_cas') - def create_ssh_ca(self, ca_id, ca_name): - """ - Create a new ssh certification authority, insert - it into the database - """ - ca_path = self._get_ssh_ca_path(ca_id) - - authority = SSHAuthority(ca_id, ca_name, ca_path) - - authority.generate() - - c = self.conn.cursor() - c.execute("""INSERT INTO cas VALUES (?, ?, 'ssh')""", - (ca_id, ca_name)) - self.conn.commit() - - def create_ssl_ca(self, ca_id, ca_name): - """ - Create a new ssl certification authority, insert - it into the database - """ - ca_path = self._get_ssl_ca_path(ca_id) - - authority = SSLAuthority(ca_id, ca_name, ca_path) - - authority.generate() - - c = self.conn.cursor() - c.execute("""INSERT INTO cas VALUES (?, ?, 'ssl')""", - (ca_id, ca_name)) - self.conn.commit() - - def get_cas_list(self): - """ - Get all the certification authorities saved in - the database - """ - c = self.conn.cursor() - - c.execute("""SELECT id, name, type FROM cas""") - - return c.fetchall() - - def get_ca(self, ca_id): - """ - Get a specific certification authority from the database - """ - c = self.conn.cursor() - c.execute("""SELECT name, type FROM cas WHERE id = ?""", (ca_id, )) - - result = c.fetchone() - if not result: - raise ValueError('Unknown CA "%s"'%ca_id) - - ca_name, ca_type = result - - if ca_type == 'ssh': - ca_path = self._get_ssh_ca_path(ca_id) - return SSHAuthority(ca_id, ca_name, ca_path) - elif ca_type == 'ssl': - ca_path = self._get_ssl_ca_path(ca_id) - return SSLAuthority(ca_id, ca_name, ca_path) - def get_requests(self, ca_type=None): req_objs = [] @@ -231,6 +171,38 @@ class CALookup(object): (ca_id, ca_name, ca_type.lower())) self.conn.commit() +class RequestLookup(object): + """ + Proxy to interact with the requests + """ + def __init__(self): + self.request_dir = REQUESTS_PATH + self.output_dir = OUTPUT_PATH + + def __iter__(self): + pass + #return iter(c.fetchall()) + + def __delitem__(self, request_id): + """ + Delete a specific certificate request + """ + os.unlink(os.path.join(self.request_dir, request_id)) + + def __getitem__(self, request_id): + """ + Get a specific certificate request + """ + request_path = os.path.join(self.request_dir, request_id) + + @property + def ssh(self): + pass + + @property + def ssl(self): + pass + def init_manager(paths): """ Initiate the manager by creating the @@ -269,7 +241,7 @@ def sign_request(ca_manager, request_name, authority_name): request = None try: - authority = ca_manager.get_ca(authority_name) + authority = ca_manager.ca[authority_name] except IndexError: print("Could not find CA '%d'" % choosen_ca) return diff --git a/ca_shell.py b/ca_shell.py index 719a8d7..4ee0c30 100755 --- a/ca_shell.py +++ b/ca_shell.py @@ -19,7 +19,7 @@ class CAManagerShell(cmd.Cmd, object): def __init__(self, ca_manager): super(CAManagerShell, self).__init__() - self.ca_manager= ca_manager + self.ca_manager = ca_manager def do_ls_ca(self, l): 'List the available certification authorities: LS_CA' @@ -75,7 +75,7 @@ class CAManagerShell(cmd.Cmd, object): return results def do_sign_request(self, l): - 'Sign a request using a CA: SIGN_REQUEST ca_name request_id' + 'Sign a request using a CA: SIGN_REQUEST ca_id request_id' argv = l.split() argc = len(argv) @@ -94,13 +94,14 @@ class CAManagerShell(cmd.Cmd, object): elif argc == 1: ca_type = None + ca_id = argv[0] try: - ca_type = self.ca_manager.get_ca(argv[0]).ca_type + ca_type = self.ca_manager.ca[ca_id].ca_type except Exception as e: print ("Error: %s"%e) return # print available requests - print("Available request for CA %s (type %s)"%(argv[0], ca_type)) + print("Available request for CA %s (type %s)" % (ca_id, ca_type)) print_available_requests(self.ca_manager, ca_type) print("==================") @@ -113,19 +114,21 @@ class CAManagerShell(cmd.Cmd, object): def complete_sign_request(self, text, line, begidx, endidx): results = '' - argc = len(("%send"%line).split()) + #too much magic + argc = len(( "%send" % line ).split() ) if argc == 2: - results = [a[0] for a in self.ca_manager.get_cas_list() if a[0].startswith(text)] + results = [a[0] for a in self.ca_manager.ca if a[0].startswith(text)] elif argc == 3: ca_type = None try: - ca_type = self.ca_manager.get_ca(line.split()[1]).ca_type + ca_id = line.split()[1] + ca_type = self.ca_manager.ca[ca_id].ca_type except Exception as e: print ("Error: %s"%e) return - results = [a for a in self.ca_manager.get_requests(ca_type) if str(a).startswith(text)] + results = [a for a in self.ca_manager.request[ca_type] if str(a).startswith(text)] return results def complete(self, text, state):