diff options
Diffstat (limited to 'base/deploy/src/scriptlets/pkijython.py')
| -rw-r--r-- | base/deploy/src/scriptlets/pkijython.py | 45 |
1 files changed, 23 insertions, 22 deletions
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py index d67ff07d8..f1bb70f97 100644 --- a/base/deploy/src/scriptlets/pkijython.py +++ b/base/deploy/src/scriptlets/pkijython.py @@ -152,6 +152,7 @@ from netscape.security.x509 import X500Name # PKI Python Imports import pkiconfig as config from pkiconfig import PKIConfig +import pkihelper as util import pkimessages as log @@ -182,7 +183,7 @@ def generateCRMFRequest(token, keysize, subjectdn, dualkey): # 1st : Encryption key s1.addElement(crmfMsg) # 2nd : Signing Key - if config.str2bool(dualkey): + if util.str2bool(dualkey): javasystem.out.println(log.PKI_JYTHON_IS_DUALKEY) seq1 = SEQUENCE() certReqSigning = CertRequest(INTEGER(1), certTemplate, seq1) @@ -326,17 +327,17 @@ class rest_client: data.setBindDN(self.master['pki_ds_bind_dn']) data.setDatabase(self.master['pki_ds_database']) data.setBindpwd(self.sensitive['pki_ds_password']) - if config.str2bool(self.master['pki_ds_remove_data']): + if util.str2bool(self.master['pki_ds_remove_data']): data.setRemoveData("true") else: data.setRemoveData("false") - if config.str2bool(self.master['pki_ds_secure_connection']): + if util.str2bool(self.master['pki_ds_secure_connection']): data.setSecureConn("true") else: data.setSecureConn("false") def set_backup_parameters(self, data): - if config.str2bool(self.master['pki_backup_keys']): + if util.str2bool(self.master['pki_backup_keys']): data.setBackupKeys("true") data.setBackupFile(self.master['pki_backup_keys_p12']) data.setBackupPassword(self.sensitive['pki_backup_password']) @@ -352,7 +353,7 @@ class rest_client: data.setAdminSubjectDN(self.master['pki_admin_subject_dn']) if self.master['pki_admin_cert_request_type'] == "crmf": data.setAdminCertRequestType("crmf") - if config.str2bool(self.master['pki_admin_dualkey']): + if util.str2bool(self.master['pki_admin_dualkey']): crmf_request = generateCRMFRequest( token, self.master['pki_admin_keysize'], @@ -428,14 +429,14 @@ class rest_client: # Hierarchy if master['pki_instance_type'] == "Tomcat": if master['pki_subsystem'] == "CA": - if config.str2bool(master['pki_clone']): + if util.str2bool(master['pki_clone']): # Cloned CA # alee - is this correct? data.setHierarchy("root") - elif config.str2bool(master['pki_external']): + elif util.str2bool(master['pki_external']): # External CA data.setHierarchy("join") - elif config.str2bool(master['pki_subordinate']): + elif util.str2bool(master['pki_subordinate']): # Subordinate CA data.setHierarchy("join") else: @@ -444,20 +445,20 @@ class rest_client: # Cloning parameters if master['pki_instance_type'] == "Tomcat": - if config.str2bool(master['pki_clone']): + if util.str2bool(master['pki_clone']): self.set_cloning_parameters(data) else: data.setIsClone("false") # Security Domain if master['pki_subsystem'] != "CA" or\ - config.str2bool(master['pki_clone']) or\ - config.str2bool(master['pki_subordinate']): + util.str2bool(master['pki_clone']) or\ + util.str2bool(master['pki_subordinate']): # PKI KRA, PKI OCSP, PKI RA, PKI TKS, PKI TPS, # CA Clone, KRA Clone, OCSP Clone, TKS Clone, or # Subordinate CA self.set_existing_security_domain(data) - elif not config.str2bool(master['pki_external']): + elif not util.str2bool(master['pki_external']): # PKI CA self.set_new_security_domain(data) @@ -467,14 +468,14 @@ class rest_client: if master['pki_instance_type'] == "Tomcat": self.set_backup_parameters(data) - if not config.str2bool(master['pki_clone']): + if not util.str2bool(master['pki_clone']): self.set_admin_parameters(token, data) # Issuing CA Information if master['pki_subsystem'] != "CA" or\ - config.str2bool(master['pki_clone']) or\ - config.str2bool(master['pki_subordinate']) or\ - config.str2bool(master['pki_external']): + util.str2bool(master['pki_clone']) or\ + util.str2bool(master['pki_subordinate']) or\ + util.str2bool(master['pki_external']): # PKI KRA, PKI OCSP, PKI RA, PKI TKS, PKI TPS, # CA Clone, KRA Clone, OCSP Clone, TKS Clone, # Subordinate CA, or External CA @@ -485,14 +486,14 @@ class rest_client: # Create 'CA Signing Certificate' if master['pki_subsystem'] == "CA": - if not config.str2bool(master['pki_clone']): + if not util.str2bool(master['pki_clone']): cert = self.create_system_cert("ca_signing") cert.setSigningAlgorithm( master['pki_ca_signing_signing_algorithm']) systemCerts.add(cert) # Create 'OCSP Signing Certificate' - if not config.str2bool(master['pki_clone']): + if not util.str2bool(master['pki_clone']): if master['pki_subsystem'] == "CA" or\ master['pki_subsystem'] == "OCSP": # External CA, Subordinate CA, PKI CA, or PKI OCSP @@ -521,12 +522,12 @@ class rest_client: systemCerts.add(cert3) # Create 'Subsystem Certificate' - if not config.str2bool(master['pki_clone']): + if not util.str2bool(master['pki_clone']): cert4 = self.create_system_cert("subsystem") systemCerts.add(cert4) # Create 'Audit Signing Certificate' - if not config.str2bool(master['pki_clone']): + if not util.str2bool(master['pki_clone']): if master['pki_subsystem'] != "RA": cert5 = self.create_system_cert("audit_signing") cert5.setSigningAlgorithm( @@ -534,7 +535,7 @@ class rest_client: systemCerts.add(cert5) # Create DRM Transport and storage Certificates - if not config.str2bool(master['pki_clone']): + if not util.str2bool(master['pki_clone']): if master['pki_subsystem'] == "KRA": cert6 = self.create_system_cert("transport") systemCerts.add(cert6) @@ -568,7 +569,7 @@ class rest_client: javasystem.out.println(log.PKI_JYTHON_CDATA_REQUEST + " " +\ cdata.getRequest()) # Cloned PKI subsystems do not return an Admin Certificate - if not config.str2bool(master['pki_clone']): + if not util.str2bool(master['pki_clone']): admin_cert = response.getAdminCert().getCert() javasystem.out.println(log.PKI_JYTHON_RESPONSE_ADMIN_CERT +\ " " + admin_cert) |