#!/usr/bin/env python3 # -*- coding: utf-8 -*- import cmd import sys from models.ssh import SSHAuthority from models.ssl import SSLAuthority from manager import sign_request __doc__= """ Class to make a shell and interact with the user """ class CAManagerShell(cmd.Cmd): intro= """# LILiK CA Manager # Welcome to the certification authority shell. Type help or ? to list commands. """ prompt= "(CA Manager)> " def __init__(self, ca_manager): super(CAManagerShell, self).__init__() self.ca_manager = ca_manager def do_ls_cas(self, l): 'List the available certification authorities: LS_CA' for i, authority in enumerate(self.ca_manager.ca): print('- %d - %s' % (i, authority)) def do_ls_certificates(self, l): 'List the issued certificates: LS_CERTIFICATE' for i, cert in enumerate(self.ca_manager.certificate): print('- %d - %s' % (i, cert)) def do_ls_requests(self, l): 'List the available certification requests: LS_REQUESTS' print_available_requests(self.ca_manager) def do_describe_cas(self, l): 'Show certification authority information: DESCRIBE_CAS' ca_id = l.split()[0] ca = self.ca_manager.ca[ca_id] if ca: ca_description = """ Certification authority: %s -------------------------------------------------- CA type: %s CA name: %s Serial: %s """ ca_info = ( ca_id, ca.__class__.__name__, ca.name, ca.serial, ) print(ca_description % ca_info) else: print("No CA found for id: '%s'" % request_id) def do_describe_certificate(self, l): 'Show certificate information: DESCRIBE_CERTIFICATE' certificate_id = l.split()[0] cert = self.ca_manager.certificate[certificate_id] if cert: cert_description = """ Certificate %s -------------------------------------------------- Signin authority: %s Signed on: %s Receiver: %s Certificate Serial: %s Validity Interval: %s """ request_info = ( certificate_id, cert.signed_by, cert.date_issued, cert.receiver, cert.serial_number, cert.validity_interval, ) print(cert_description % cert_info) else: print('No certificate found for id: "%s"' % cert_id) pass def do_describe_request(self, l): 'Show sign request information: DESCRIBE_REQUEST' request_id = l.split()[0] request = self.ca_manager.request[request_id] if request: request_description = """ Request %s -------------------------------------------------- Request type: %s %s Key %s """ request_info = ( request_id, request.__class__.__name__, request.fields, request.key_data, ) print(request_description % request_info) else: print('No request found for id: "%s"' % request_id) def do_drop_request(self, l): 'Delete a sign request: DROP_REQUEST' request_id = l.split()[0] del self.ca_manager.request[request_id] def do_gen_ssh(self, l): 'Generate a SSH Certification authority: GEN_SSH id name' argv = l.split(maxsplit=1) ca_id = argv[0] name = argv[1] new_auth = SSHAuthority( ca_id = ca_id, name = name, serial = 0, ) new_auth.generate() new_auth.save() def do_gen_ssl(self, l): 'Generate a SSL Certification authority' argv = l.split(maxsplit=1) ca_id = argv[0] name = argv[1] new_auth = SSLAuthority( ca_id = ca_id, name = name, serial = 0, ) new_auth.generate() new_auth.save() def do_sign_request(self, l): 'Sign a request using a CA: SIGN_REQUEST ca_id request_id' argv = l.split() argc = len(argv) # argument number is too low if argc < 2: if argc == 0: # print available ca print("Available authority") print_available_authorities(self.ca_manager) print("==================") # print available requests print("Available request") print_available_requests(self.ca_manager) else: authority_id, request_id = argv[0], argv[1] sign_request(self.ca_manager, request_id, authority_id) def complete_sign_request(self, text, line, begidx, endidx): ca_results = [ a for a in self.ca_manager.ca if a.ca_id.startswith(text) ] req_result = [ a for a in self.ca_manager.request if a.req_id.startswith(text) ] return ' '.join(results) def complete(self, text, state): results = super().complete(text, state) if results is not None: return "%s "%results return results def do_quit(self, l): 'Quit this shell' return True def print_available_authorities(ca_manager): for i, ca_item in enumerate(ca_manager.ca): print("- %d : %s" % (i , ca_item)) def print_available_requests(ca_manager): for i, request in enumerate(ca_manager.request): print("- %d : %s" % (i, request))