def create_unsigned_certificates_from_roster(config): roster = os.path.join(config.abs_data_dir, config.roster) template = os.path.join(config.abs_data_dir, config.template_dir, config.template_file_name) issued_on = str(date.today()) output_dir = os.path.join(config.abs_data_dir, config.unsigned_certificates_dir) recipients = [] with open(roster, 'r') as theFile: reader = csv.DictReader(theFile) for line in reader: r = Recipient(line) recipients.append(r) with open(template) as template: cert_str = template.read() template = json.loads(cert_str) for recipient in recipients: uid = str(uuid.uuid4()) cert = copy.deepcopy(template) instantiate_assertion(config, cert, uid, issued_on) instantiate_recipient(config, cert, recipient) # validate certificate before writing schema_validator.validate_unsigned_v1_2(cert) with open(os.path.join(output_dir, uid + '.json'), 'w') as unsigned_cert: json.dump(cert, unsigned_cert)
def main(app_config): # find certificates to process certificates = find_unsigned_certificates(app_config) if not certificates: logging.info('No certificates to process') exit(0) batch_id = helpers.get_batch_id(list(certificates.keys())) logging.info('Processing %d certificates with batch id=%s', len(certificates), batch_id) # validate schema for uid, certificate in certificates.items(): with open(certificate.unsigned_certificate_file_name) as cert: cert_json = json.load(cert) schema_validator.validate_unsigned_v1_2(cert_json) # ensure they are not already signed. We want the user to know about this in case there # is a failure from a previous run for uid, certificate in certificates.items(): with open(certificate.unsigned_certificate_file_name) as cert: cert_json = json.load(cert) if 'signature' in cert_json and cert_json['signature']: logging.warning( 'Certificate with uid=%s has already been signed.', uid) exit(0) logging.info('Signing certificates and writing to folder %s', app_config.signed_certs_file_pattern) sign_certs(certificates) logging.info('Archiving unsigned files to archive folder %s', batch_id) helpers.archive_files(app_config.unsigned_certs_file_pattern, app_config.archive_path, app_config.unsigned_certs_file_part, batch_id)
def main(app_config): # find certificates to process certificates = find_unsigned_certificates(app_config) if not certificates: logging.info('No certificates to process') exit(0) batch_id = helpers.get_batch_id(list(certificates.keys())) logging.info('Processing %d certificates with batch id=%s', len(certificates), batch_id) # validate schema for uid, certificate in certificates.items(): with open(certificate.unsigned_certificate_file_name) as cert: cert_json = json.load(cert) schema_validator.validate_unsigned_v1_2(cert_json) # ensure they are not already signed. We want the user to know about this in case there # is a failure from a previous run for uid, certificate in certificates.items(): with open(certificate.unsigned_certificate_file_name) as cert: cert_json = json.load(cert) if 'signature' in cert_json and cert_json['signature']: logging.warning('Certificate with uid=%s has already been signed.', uid) exit(0) logging.info('Signing certificates and writing to folder %s', app_config.signed_certs_file_pattern) sign_certs(certificates) logging.info('Archiving unsigned files to archive folder %s', batch_id) helpers.archive_files(app_config.unsigned_certs_file_pattern, app_config.archive_path, app_config.unsigned_certs_file_part, batch_id)
def validate_schema(self): """ Ensure certificates are valid v1.2 schema :return: """ for _, certificate in self.certificates_to_issue.items(): with open(certificate.signed_certificate_file_name) as cert: cert_json = json.load(cert) schema_validator.validate_unsigned_v1_2(cert_json)
def main(app_config): unsigned_certs_dir = app_config.unsigned_certificates_dir signed_certs_dir = app_config.signed_certificates_dir signed_certs_file_pattern = str(os.path.join(signed_certs_dir, '*.json')) if os.path.exists(signed_certs_dir) and glob.glob(signed_certs_file_pattern): message = "The output directory {} is not empty. Make sure you have cleaned up results from your previous run".format(signed_certs_dir) logging.warning(message) raise NonemptyOutputDirectoryError(message) # find certificates to sign certificates = helpers.find_certificates_to_process(unsigned_certs_dir, signed_certs_dir) if not certificates: logging.warning('No certificates to process') raise NoCertificatesFoundError('No certificates to process') logging.info('Processing %d certificates', len(certificates)) # create output dir if it doesn't exist os.makedirs(signed_certs_dir, exist_ok=True) # validate schema for uid, certificate in certificates.items(): with open(certificate.unsigned_cert_file_name) as cert: cert_json = json.load(cert) schema_validator.validate_unsigned_v1_2(cert_json) # ensure they are not already signed. We want the user to know about this in case there # is a failure from a previous run for uid, certificate in certificates.items(): with open(certificate.unsigned_cert_file_name) as cert: cert_json = json.load(cert) if 'signature' in cert_json and cert_json['signature']: logging.warning('Certificate with uid=%s has already been signed.', uid) raise AlreadySignedError('Certificate has already been signed') logging.info('Signing certificates and writing to folder %s', signed_certs_dir) path_to_secret = os.path.join(app_config.usb_name, app_config.key_file) signer = Signer(FileSecretManager(path_to_secret=path_to_secret, disable_safe_mode=app_config.safe_mode)) signer.sign_certs(certificates) logging.info('Signed certificates are in folder %s', signed_certs_dir)
def test_v1_2_unsigned(self): with open('../examples/1.2/sample_unsigned_cert-1.2.json') as data_f: data = json.load(data_f) valid = schema_validator.validate_unsigned_v1_2(data['document']) self.assertTrue(valid)