def loadIdentityCertificateFromFile(filename):
with open(filename, 'r') as certFile:
encodedData = certFile.read()
decodedData = b64decode(encodedData)
cert = IdentityCertificate()
cert.wireDecode(Blob(decodedData, False))
return cert
def loadIdentityCertificateFromFile(filename):
with open(filename, 'r') as certFile:
encodedData = certFile.read()
decodedData = b64decode(encodedData)
cert = IdentityCertificate()
cert.wireDecode(Blob(decodedData, False))
return cert
def _lookupCertificate(self, certID, isPath):
"""
This looks up certificates specified as base64-encoded data or file names.
These are cached by filename or encoding to avoid repeated reading of files
or decoding.
:return: The certificate object, or None if not found.
:rtype: IdentityCertificate
"""
try:
certUri = self._fixedCertificateCache[certID]
except KeyError:
if isPath:
# load the certificate data (base64 encoded IdentityCertificate)
cert = TrustAnchorRefreshManager.loadIdentityCertificateFromFile(
certID)
else:
certData = b64decode(certID)
cert = IdentityCertificate()
cert.wireDecode(Blob(certData, False))
certUri = cert.getName()[:-1].toUri()
self._fixedCertificateCache[certID] = certUri
self._certificateCache.insertCertificate(cert)
else:
cert = self._certificateCache.getCertificate(Name(certUri))
return cert
def getCertificate(self, certificateName):
"""
Get a certificate from the identity storage.
:param Name certificateName: The name of the requested certificate.
:return: The requested certificate.
:rtype: IdentityCertificate
:raises SecurityException: if the certificate doesn't exist.
"""
cursor = self._database.cursor()
cursor.execute("SELECT certificate_data FROM Certificate WHERE cert_name=?",
(certificateName.toUri(), ))
row = cursor.fetchone()
if row != None:
(certData, ) = row
cursor.close()
certificate = IdentityCertificate()
try:
certificate.wireDecode(bytearray(certData))
except ValueError:
raise SecurityException(
"BasicIdentityStorage.getCertificate: The certificate cannot be decoded")
return certificate
else:
cursor.close()
raise SecurityException(
"BasicIdentityStorage.getCertificate: The certificate does not exist")
def _lookupCertificate(self, certID, isPath):
"""
This looks up certificates specified as base64-encoded data or file names.
These are cached by filename or encoding to avoid repeated reading of files
or decoding.
"""
try:
certUri = self._fixedCertificateCache[certID]
except KeyError:
if isPath:
# load the certificate data (base64 encoded IdentityCertificate)
cert = TrustAnchorRefreshManager.loadIdentityCertificateFromFile(
certID)
else:
certData = b64decode(certID)
cert = IdentityCertificate()
cert.wireDecode(certData)
certUri = cert.getName()[:-1].toUri()
self._fixedCertificateCache[certID] = certUri
self._certificateCache.insertCertificate(cert)
else:
cert = self._certificateCache.getCertificate(Name(certUri))
return cert
def getCertificate(self, certificateName):
"""
Get a certificate from the identity storage.
:param Name certificateName: The name of the requested certificate.
:return: The requested certificate.
:rtype: IdentityCertificate
:raises SecurityException: if the certificate doesn't exist.
"""
cursor = self._database.cursor()
cursor.execute(
"SELECT certificate_data FROM Certificate WHERE cert_name=?",
(certificateName.toUri(), ))
row = cursor.fetchone()
if row != None:
(certData, ) = row
cursor.close()
certificate = IdentityCertificate()
try:
certificate.wireDecode(bytearray(certData))
except ValueError:
raise SecurityException(
"BasicIdentityStorage::getCertificate: The certificate cannot be decoded"
)
return certificate
else:
cursor.close()
raise SecurityException(
"BasicIdentityStorage::getCertificate: The certificate does not exist"
)
def _lookupCertificate(self, certID, isPath):
"""
This looks up certificates specified as base64-encoded data or file names.
These are cached by filename or encoding to avoid repeated reading of files
or decoding.
:return: The certificate object, or None if not found.
:rtype: IdentityCertificate
"""
if not self._isSecurityV1:
raise SecurityException(
"lookupCertificate: For security v2, use lookupCertificateV2()")
try:
certUri = self._fixedCertificateCache[certID]
except KeyError:
if isPath:
# load the certificate data (base64 encoded IdentityCertificate)
cert = TrustAnchorRefreshManager.loadIdentityCertificateFromFile(
certID)
else:
certData = b64decode(certID)
cert = IdentityCertificate()
cert.wireDecode(Blob(certData, False))
certUri = cert.getName()[:-1].toUri()
self._fixedCertificateCache[certID] = certUri
self._certificateCache.insertCertificate(cert)
else:
cert = self._certificateCache.getCertificate(Name(certUri))
return cert
def getCertificate(self, certificateName, allowAny = False):
"""
Get a certificate from the identity storage.
:param Name certificateName: The name of the requested certificate.
:param bool allowAny: (optional) If False, only a valid certificate will
be returned, otherwise validity is disregarded. If omitted,
allowAny is False.
:return: The requested certificate. If not found, return None.
:rtype: IdentityCertificate
"""
if not self.doesCertificateExist(certificateName):
return None
if not allowAny:
raise RuntimeError(
"BasicIdentityStorage.getCertificate for not allowAny is not implemented")
cursor = self._database.cursor()
cursor.execute("SELECT certificate_data FROM Certificate WHERE cert_name=?",
(certificateName.toUri(), ))
(certData, ) = cursor.fetchone()
cursor.close()
certificate = IdentityCertificate()
certificate.wireDecode(bytearray(certData))
return certificate
def getCertificate(self, certificateName, allowAny=False):
"""
Get a certificate from the identity storage.
:param Name certificateName: The name of the requested certificate.
:param bool allowAny: (optional) If False, only a valid certificate will
be returned, otherwise validity is disregarded. If omitted,
allowAny is False.
:return: The requested certificate. If not found, return None.
:rtype: IdentityCertificate
"""
if not self.doesCertificateExist(certificateName):
return None
if not allowAny:
raise RuntimeError(
"BasicIdentityStorage.getCertificate for not allowAny is not implemented"
)
cursor = self._database.cursor()
cursor.execute(
"SELECT certificate_data FROM Certificate WHERE cert_name=?",
(certificateName.toUri()))
(certData, ) = cursor.fetchone()
cursor.close()
certificate = IdentityCertificate()
certificate.wireDecode(bytearray(certData))
return certificate
def getCertificate(self, certificateName):
"""
Fetch a certificate from the cache.
:param Name certificateName: The name of the certificate to remove.
Assumes there is no timestamp in the name.
"""
try:
cert = IdentityCertificate()
certData = self._cache[certificateName.toUri()]
cert.wireDecode(certData)
return cert
except KeyError:
return None
def getCertificate(self, certificateName):
"""
Fetch a certificate from the cache.
:param Name certificateName: The name of the certificate to remove.
Assumes there is no timestamp in the name.
"""
try:
cert = IdentityCertificate()
certData = self._cache[certificateName.toUri()]
cert.wireDecode(certData)
return cert
except KeyError:
return None