def __init__(self, config, ca_type):
if ca_type not in [CA_ROOT, CA_INTERMEDIARY, CA_AUTOSIGN]:
log.error('Invalid ca_type: {0}'.format(ca_type))
ca_name = '{0}-{1}'.format(config['common']['name'], ca_type)
basedir = '{0}/{1}'.format(config['common']['workspace'], ca_name)
basedir = os.path.abspath(basedir)
self.ca_data = {
'basedir': basedir,
'templates': '{0}/templates'.format(config['common']['workspace']),
'cfg': '{0}/cfg/{1}.cfg'.format(basedir, ca_name),
'key': '{0}/private/{1}.key'.format(basedir, ca_name),
'csr': '{0}/csr/{1}.csr'.format(basedir, ca_name),
'crt': '{0}/certs/{1}.pem'.format(basedir, ca_name),
'bundle': '{0}/certs/{1}-bundle.pem'.format(basedir, ca_name),
'crl': '{0}/crl/{1}.crl'.format(basedir, ca_name),
'db': '{0}/db/{1}.db'.format(basedir, ca_name),
'db_attr': '{0}/db/{1}.db_attr'.format(basedir, ca_name),
'crt_idx': '{0}/db/{1}-crt.idx'.format(basedir, ca_name),
'crl_idx': '{0}/db/{1}-crl.idx'.format(basedir, ca_name),
'certsdir': '{0}/certs'.format(basedir),
'ca_type': ca_type,
}
self.ca_data.update(config['common'])
self.ca_data.update(config[ca_type])
self.ca_data['crypto'] = config['crypto']
self.ca_data['name'] = ca_name
def __init__(self, config):
if not self.ca_type:
log.error('ca_type not defined')
self.config = config
common = config['common']
# Setup base variables
self.name = '{0}-{1}'.format(common['name'], self.ca_type)
self.workspace = common['workspace']
self.basedir = '{0}/{1}'.format(common['workspace'], self.name)
self.crtdir = '{0}/certs'.format(self.basedir)
cfgdir = '{0}/cfg'.format(self.basedir)
csrdir = '{0}/csr'.format(self.basedir)
crldir = '{0}/crl'.format(self.basedir)
keydir = '{0}/private'.format(self.basedir)
dbdir = '{0}/db'.format(self.basedir)
# Some strings are just too long
bundle_name = '{0}/{1}-bundle.pem'.format(self.crtdir, self.name)
db_attr_name = '{0}/{1}-db.attr'.format(dbdir, self.name)
crt_idx_name = '{0}/{1}-crt.idx'.format(dbdir, self.name)
crl_idx_name = '{0}/{1}-crl.idx'.format(dbdir, self.name)
# Bundle ca details into a dictionary
self.ca_data = {
'baseurl': common['baseurl'],
'ocspurl': common['ocspurl'],
'cfg': utils.fpath('{0}/{1}.cfg'.format(cfgdir, self.name)),
'csr': utils.fpath('{0}/{1}.csr'.format(csrdir, self.name)),
'crl': utils.fpath('{0}/{1}.crl'.format(crldir, self.name)),
'key': utils.fpath('{0}/{1}.key'.format(keydir, self.name)),
'crt': utils.fpath('{0}/{1}.pem'.format(self.crtdir, self.name)),
'bundle': utils.fpath(bundle_name),
'db': utils.fpath('{0}/{1}.db'.format(dbdir, self.name)),
'db_attr': utils.fpath(db_attr_name),
'crt_idx': utils.fpath(crt_idx_name),
'crl_idx': utils.fpath(crl_idx_name),
}
try:
self.days = self.config[self.ca_type]['days']
except KeyError:
self.days = common['days']
if not os.path.exists(self.basedir):
os.mkdir(self.basedir)
ssl.OpenSSL.__init__(
self,
self.basedir,
self.ca_data['cfg'],
self.ca_data['crl']
)
def setup(self):
"""Initialize the file structure for this CA
"""
log.info('Setup directories for {0} CA'.format(self.name))
ca_directories = ['certs', 'cfg', 'crl', 'csr', 'db', 'private']
for directory in ca_directories:
fdir = '{0}/{1}'.format(self.basedir, directory)
if not os.path.exists(fdir):
log.info('Creating {0}/{1}'.format(self.name, directory))
os.mkdir(fdir)
log.info('Initialize databases for {0} CA'.format(self.name))
for empty_file in [self.ca_data['db'], self.ca_data['db_attr']]:
open(empty_file, 'w').write('')
for serial_file in [self.ca_data['crt_idx'], self.ca_data['crl_idx']]:
open(serial_file, 'w').write('01\n')
log.info('Installing configuration file for {0} CA'.format(self.name))
cfgfile = '{0}/cfg/{1}.cfg'.format(self.basedir, self.name)
cfg = {}
cfg.update(self.config['common'])
if self.ca_type != CA_PARENT:
cfg.update(self.config[self.ca_type])
else:
cfg['cn'] = '{0} CA'.format(CA_PARENT)
cfg.update(self.ca_data)
cfg['crypto'] = self.config['crypto']
cfg['basedir'] = self.basedir
cfg['ca_type'] = self.ca_type
cfg['name'] = self.name
cfg['days'] = self.days
cfg['certsdir'] = self.crtdir
template_file = '{0}/templates/root.template'.format(self.workspace)
if not os.path.exists(template_file):
log.error('{0} not found'.format(template_file))
template_data = open(template_file, 'r').read()
template = mako.template.Template(template_data)
cfg_data = template.render(**cfg)
open(cfgfile, 'w').write('{0}\n'.format(cfg_data))
def test_error_heading(self):
the_message = 'Error message'
log.error(the_message)
output = open(LOG_FILE, 'r').read().strip()
assert 'ERROR' in output
def test_error_output(self):
the_message = 'Error message'
log.error(the_message)
output = open(LOG_FILE, 'r').read().strip()
assert the_message in output
def test_error_no_handler(self):
log.LOGGER = None
assert log.error('Error message') is None
log.LOGGER = log.get_handler(CFG_FILE, LOG_HANDLER)
