def validate_config(self, imageinfo): self._validate_config(imageinfo.cert_config, imageinfo.general_properties) BaseSigner._validate_oid_values(self, imageinfo.signing_attributes, imageinfo.general_properties)
def validate_config(self, imageinfo): cass_signer_attributes = self.config.signing.signer_attributes.cass_signer_attributes self._validate_config(cass_signer_attributes) BaseSigner._validate_oid_values(self, imageinfo.signing_attributes, imageinfo.general_properties, mandatory=False)
def initialize(self, imageinfo): """ The following should be set at the end of the call self.certs[self.ROOT].cert self.certs[self.CA].cert self.certs[self.ATTEST].cert self.signature """ # Initialize the base signer BaseSigner.initialize(self, imageinfo) # Create the request packet attrs = SigningAttributes() attrs.update_from_image_info_attrs(self.signing_attributes) request = { 'machine': platform.node(), 'sign_id': imageinfo.sign_id, 'to_sign': BinString(self.hash_to_sign), 'authority': imageinfo.authority, 'signing_attributes': self.get_general_properties_dict(imageinfo.general_properties), } # Send the signing request remote_host, remote_port = self.resolve_remote_server_info() client = QtiRemoteClient(host=remote_host, port=remote_port) logger.info('Signing with the remote server at ' + remote_host + ':' + str(remote_port) + '. Please wait for signing to complete.') response = client.sign_hash(request=request) # Check return code if response['retcode'] != 0: raise RuntimeError('Qti remote signing failed [' + str(response['retcode']) + ']: ' + str(response['errstr'])) # Set the local vars root_cert, ca_cert, attest_cert, signature = ( str(response['sig_pkg']['root']), str(response['sig_pkg']['ca']), str(response['sig_pkg']['attest']), str(response['sig_pkg']['signature'])) # Make sure all assets are present if signature is None: raise RuntimeError("Signature is missing") if attest_cert is None: raise RuntimeError("Attestation Certificate is missing") if ca_cert is None: raise RuntimeError("CA Certificate is missing") if root_cert is None: raise RuntimeError("Root Certificate is missing") # Set all the variables self.certs[self.ROOT].cert = cert.get_cert_in_format( root_cert, utils.FORMAT_PEM) self.certs[self.CA].cert = cert.get_cert_in_format( ca_cert, utils.FORMAT_PEM) self.certs[self.ATTEST].cert = cert.get_cert_in_format( attest_cert, utils.FORMAT_PEM) self.signature = signature
def __init__(self, config): BaseSigner.__init__(self, config) self.openssl_info = openssl_fetch_module.OpenSSLPathsObject(config)
def __init__(self, config): BaseSigner.__init__(self, config)