def get_remote_certificates(self, primary_partition, scope_def_id=None): remote_certs = [] # request certs for this primary partition, where the server also has a private key for remote_certs_resp = self._request(api_urls.CERTIFICATE, params={'primary_partition': primary_partition}) # inflate remote certs into a list of unsaved models for cert in remote_certs_resp.json(): remote_certs.append(Certificate.deserialize(cert["serialized"], cert["signature"])) # filter certs by scope definition id, if provided if scope_def_id: remote_certs = [cert for cert in remote_certs if cert.scope_definition_id == scope_def_id] return remote_certs
def certificate_signing_request(self, parent_cert, scope_definition_id, scope_params, userargs=None, password=None): # if server cert does not exist locally, retrieve it from server if not Certificate.objects.filter(id=parent_cert.id).exists(): cert_chain_response = self._get_certificate_chain(parent_cert) # upon receiving cert chain from server, we attempt to save the chain into our records Certificate.save_certificate_chain(cert_chain_response.json(), expected_last_id=parent_cert.id) csr_key = Key() # build up data for csr data = { "parent": parent_cert.id, "profile": parent_cert.profile, "scope_definition": scope_definition_id, "scope_version": parent_cert.scope_version, "scope_params": json.dumps(scope_params), "public_key": csr_key.get_public_key_string() } csr_resp = self._request(api_urls.CERTIFICATE, method="POST", data=data, userargs=userargs, password=password) csr_data = csr_resp.json() # verify cert returned from server, and proceed to save into our records csr_cert = Certificate.deserialize(csr_data["serialized"], csr_data["signature"]) csr_cert.private_key = csr_key csr_cert.check_certificate() csr_cert.save() return csr_cert
def setUp(self): super(CertificateSerializationTestCase, self).setUp() self.root_cert_deserialized = Certificate.deserialize( self.root_cert.serialized, self.root_cert.signature) self.subset_cert_deserialized = Certificate.deserialize( self.subset_cert.serialized, self.subset_cert.signature)