def test_cert(self): with TemporaryDirectory(prefix='/tmp/test_cert_utils') as temp_dir: cert = _create_dummy_cert() cert_file = os.path.join(temp_dir, 'test.cert') cu.write_cert(cert.public_bytes(serialization.Encoding.DER), cert_file) cert_load = cu.load_cert(cert_file) self.assertEqual(cert, cert_load)
async def _request_sign_done_success(self, cert): if not self._is_valid_certificate(cert): BOOTSTRAP_EXCEPTION.labels(cause='RequestSignDoneInvalidCert').inc() self._schedule_next_bootstrap(hard_failure=True) return try: cert_utils.write_key(self._gateway_key, self._gateway_key_file) cert_utils.write_cert(cert.cert_der, self._gateway_cert_file) except Exception as exp: BOOTSTRAP_EXCEPTION.labels(cause='RequestSignDoneWriteCert:%s' % type(exp).__name__).inc() logging.error('Failed to write cert: %s', exp) # need to restart control_proxy await self._bootstrap_success_cb(True) self._gateway_key = None self._schedule_next_bootstrap_check() logging.info("Bootstrapped Successfully!")
def _request_sign_done(self, future): """Callback for RequestSign.future 1. check whether future correctly returns 2. check whether returned cert is valid 3. write key and cert into files, reset self._gateway_key to None If any steps fails, call _retry_bootstrap, Otherwise call _schedule_periodic_bootstrap_check. Args: future: Future object returned by async RequestSign gRPC call """ err = future.exception() if err: err = 'RequestSign error! [%s], %s' % (err.code(), err.details()) BOOTSTRAP_EXCEPTION.labels(cause='RequestSignDoneResp').inc() logging.error(err) self._retry_bootstrap(hard_failure=False) return cert = future.result() if not self._is_valid_certificate(cert): BOOTSTRAP_EXCEPTION.labels( cause='RequestSignDoneInvalidCert').inc() self._retry_bootstrap(hard_failure=True) return try: cert_utils.write_key(self._gateway_key, self._gateway_key_file) cert_utils.write_cert(cert.cert_der, self._gateway_cert_file) except Exception as exp: BOOTSTRAP_EXCEPTION.labels(cause='RequestSignDoneWriteCert:%s' % type(exp).__name__).inc() logging.error('Failed to write cert: %s', exp) logging.info('Bootstrap succeeds') # need to restart control_proxy self._bootstrap_success_cb(True) self._gateway_key = None self._schedule_periodic_bootstrap_check()