def ParseX509Parameters(args, is_ca_command):
"""Parses the X509 parameters flags into an API X509Parameters.
Args:
args: The parsed argument values.
is_ca_command: Whether the current command is on a CA. If so, certSign and
crlSign key usages are added.
Returns:
An X509Parameters object.
"""
preset_profile_set = args.IsKnownAndSpecified('use_preset_profile')
# TODO(b/183243757): Change to args.IsSpecified once --use-preset-profile flag
# is registered.
has_inline_values = any([
args.IsKnownAndSpecified(flag) for flag in [
'key_usages', 'extended_key_usages', 'max_chain_length',
'is_ca_cert'
]
])
if preset_profile_set and has_inline_values:
raise exceptions.InvalidArgumentException(
'--use-preset-profile',
'--use-preset-profile may not be specified if one or more of '
'--key-usages, --extended-key-usages or --max-chain-length are '
'specified.')
if preset_profile_set:
return preset_profiles.GetPresetX509Parameters(args.use_preset_profile)
base_key_usages = args.key_usages or []
is_ca = is_ca_command or (args.IsKnownAndSpecified('is_ca_cert')
and args.is_ca_cert)
if is_ca:
# A CA should have these KeyUsages to be RFC 5280 compliant.
base_key_usages.extend(['cert_sign', 'crl_sign'])
key_usage_dict = {}
for key_usage in base_key_usages:
key_usage = text_utils.SnakeCaseToCamelCase(key_usage)
key_usage_dict[key_usage] = True
extended_key_usage_dict = {}
for extended_key_usage in args.extended_key_usages or []:
extended_key_usage = text_utils.SnakeCaseToCamelCase(
extended_key_usage)
extended_key_usage_dict[extended_key_usage] = True
messages = privateca_base.GetMessagesModule('v1')
return messages.X509Parameters(
keyUsage=messages.KeyUsage(
baseKeyUsage=messages_util.DictToMessageWithErrorCheck(
key_usage_dict, messages.KeyUsageOptions),
extendedKeyUsage=messages_util.DictToMessageWithErrorCheck(
extended_key_usage_dict, messages.ExtendedKeyUsageOptions)),
caOptions=messages.CaOptions(
isCa=is_ca,
# Don't include maxIssuerPathLength if it's None.
maxIssuerPathLength=int(args.max_chain_length)
if is_ca and args.max_chain_length is not None else None))
def ParseReusableConfig(args, required=False):
"""Parses the reusable config flags into an API ReusableConfigWrapper.
Args:
args: The parsed argument values.
required: Whether a reusable config is required.
Returns:
A ReusableConfigWrapper object.
"""
resource = args.CONCEPTS.reusable_config.Parse()
has_inline = args.IsSpecified('key_usages') or args.IsSpecified(
'extended_key_usages') or args.IsSpecified('max_chain_length')
messages = privateca_base.GetMessagesModule()
if resource and has_inline:
raise exceptions.InvalidArgumentException(
'--reusable-config',
'--reusable-config may not be specified if one or more of '
'--key-usages, --extended-key-usages or --max-chain-length are '
'specified.')
if resource:
return messages.ReusableConfigWrapper(
reusableConfig=resource.RelativeName())
if not has_inline:
if required:
raise exceptions.InvalidArgumentException(
'--reusable-config',
'Either --reusable-config or one or more of --key-usages, '
'--extended-key-usages and --max-chain-length must be specified.'
)
return messages.ReusableConfigWrapper()
key_usage_dict = {}
for key_usage in args.key_usages or []:
key_usage = text_utils.SnakeCaseToCamelCase(key_usage)
key_usage_dict[key_usage] = True
extended_key_usage_dict = {}
for extended_key_usage in args.extended_key_usages or []:
extended_key_usage = text_utils.SnakeCaseToCamelCase(
extended_key_usage)
extended_key_usage_dict[extended_key_usage] = True
max_issuer_length = (int(args.max_chain_length)
if args.IsSpecified('max_chain_length') else None)
return messages.ReusableConfigWrapper(
reusableConfigValues=messages.
ReusableConfigValues(keyUsage=messages.KeyUsage(
baseKeyUsage=messages_util.DictToMessageWithErrorCheck(
key_usage_dict, messages.KeyUsageOptions),
extendedKeyUsage=messages_util.DictToMessageWithErrorCheck(
extended_key_usage_dict, messages.ExtendedKeyUsageOptions)),
caOptions=messages.CaOptions(
maxIssuerPathLength=max_issuer_length)))
def ParseReusableConfig(args):
"""Parses the reusable config flags into an API ReusableConfigWrapper.
Args:
args: The parsed argument values.
Returns:
A ReusableConfigWrapper object.
"""
resource = args.CONCEPTS.reusable_config.Parse()
# If key_usages or extended_usages or max_chain_length or is_ca_cert are
# provided OR nothing was provided, use inline values (with defaults).
has_inline = args.IsSpecified('key_usages') or args.IsSpecified(
'extended_key_usages') or args.IsSpecified('max_chain_length') or (
'is_ca_cert' in vars(args) and args.IsSpecified('is_ca_cert'))
messages = privateca_base.GetMessagesModule()
if resource and has_inline:
raise exceptions.InvalidArgumentException(
'--reusable-config',
'--reusable-config may not be specified if one or more of '
'--key-usages, --extended-key-usages or --max-chain-length are '
'specified.')
if resource:
return messages.ReusableConfigWrapper(
reusableConfig=resource.RelativeName())
key_usage_dict = {}
for key_usage in args.key_usages or []:
key_usage = text_utils.SnakeCaseToCamelCase(key_usage)
key_usage_dict[key_usage] = True
extended_key_usage_dict = {}
for extended_key_usage in args.extended_key_usages or []:
extended_key_usage = text_utils.SnakeCaseToCamelCase(
extended_key_usage)
extended_key_usage_dict[extended_key_usage] = True
if 'is_ca_cert' in vars(args):
is_ca_val = args.is_ca_cert
else:
# For Reusable Configs in CA commands, the command is always creating a
# CA certificate.
is_ca_val = True
return messages.ReusableConfigWrapper(
reusableConfigValues=messages.
ReusableConfigValues(keyUsage=messages.KeyUsage(
baseKeyUsage=messages_util.DictToMessageWithErrorCheck(
key_usage_dict, messages.KeyUsageOptions),
extendedKeyUsage=messages_util.DictToMessageWithErrorCheck(
extended_key_usage_dict, messages.ExtendedKeyUsageOptions)),
caOptions=messages.CaOptions(
isCa=is_ca_val,
maxIssuerPathLength=int(args.max_chain_length)
if is_ca_val else None)))
def GetProperField(field_name, is_log_entry):
"""Retrieve the proper atrribute from LogEntry depending if it is in MessageModule or GapiClient format."""
if not is_log_entry:
return field_name
return text_utils.SnakeCaseToCamelCase(field_name)
def ParseReusableConfig(args, location, is_ca):
"""Parses the reusable config flags into an API ReusableConfigWrapper.
Args:
args: The parsed argument values.
location: The location of the resource with which this reusable config will
be used.
is_ca: Whether the current operation is on a CA. If so, certSign and crlSign
key usages are added.
Returns:
A ReusableConfigWrapper object.
"""
messages = privateca_base.GetMessagesModule()
has_resource = args.IsSpecified('reusable_config')
has_inline_values = any([
flag in vars(args) and args.IsSpecified(flag) for flag in
['key_usages', 'extended_key_usages', 'max_chain_length', 'is_ca_cert']
])
if has_resource and has_inline_values:
raise exceptions.InvalidArgumentException(
'--reusable-config',
'--reusable-config may not be specified if one or more of '
'--key-usages, --extended-key-usages or --max-chain-length are '
'specified.')
if has_resource:
# TODO(b/149316889): Use concepts library once attribute fallthroughs work.
resource = resources.REGISTRY.Parse(
args.reusable_config,
collection='privateca.projects.locations.reusableConfigs',
params={
'projectsId': api_constants.PREDEFINED_REUSABLE_CONFIG_PROJECT,
'locationsId': location,
})
return messages.ReusableConfigWrapper(
reusableConfig=resource.RelativeName())
base_key_usages = args.key_usages or []
if is_ca:
# A CA should have these KeyUsages to be RFC 5280 compliant.
base_key_usages.extend(['cert_sign', 'crl_sign'])
key_usage_dict = {}
for key_usage in base_key_usages:
key_usage = text_utils.SnakeCaseToCamelCase(key_usage)
key_usage_dict[key_usage] = True
extended_key_usage_dict = {}
for extended_key_usage in args.extended_key_usages or []:
extended_key_usage = text_utils.SnakeCaseToCamelCase(extended_key_usage)
extended_key_usage_dict[extended_key_usage] = True
return messages.ReusableConfigWrapper(
reusableConfigValues=messages.ReusableConfigValues(
keyUsage=messages.KeyUsage(
baseKeyUsage=messages_util.DictToMessageWithErrorCheck(
key_usage_dict, messages.KeyUsageOptions),
extendedKeyUsage=messages_util.DictToMessageWithErrorCheck(
extended_key_usage_dict, messages.ExtendedKeyUsageOptions)),
caOptions=messages.CaOptions(
isCa=is_ca,
maxIssuerPathLength=int(args.max_chain_length) if is_ca else None)
))
def testSnakeCaseToCamelCaseStartsWithLowercase(self):
self.assertEqual(text_utils.SnakeCaseToCamelCase('Wd1_wd2'), 'wd1Wd2')
def testSnakeCaseToCamelCaseMultipleWords(self):
self.assertEqual(text_utils.SnakeCaseToCamelCase('wd1_wd2'), 'wd1Wd2')
def testSnakeCaseToCamelCaseSingleWord(self):
self.assertEqual(text_utils.SnakeCaseToCamelCase('word'), 'word')
