Features
1. Clean OOP Abstraction / Models
Very clean OOP object abstraction, including database and exception handling.
Clean hierarchical Implementation Code
Clean hierarchical Service Call Metadata
Example Implementation Code.
1import abc
2
3from microesb import microesb
4
5
6class Cert(microesb.ClassHandler):
7
8 __metaclass__ = abc.ABCMeta
9
10 def __init__(self):
11 super().__init__()
12
13 @abc.abstractmethod
14 def _load_ref_cert_data(self):
15 """ Abstract _load_ref_cert_data() method.
16 """
17
18 @abc.abstractmethod
19 def _gen_openssl_cert(self):
20 """ Abstract _gen_openssl_cert() method.
21 """
22
23 @abc.abstractmethod
24 def _insert_cert_db_data(self):
25 """ Abstract _insert_cert_db_data() method.
26 """
27
28 def gen_cert(self):
29
30 self._load_ref_cert_data()
31
32 if getattr(self, 'Smartcard') is not None:
33 self._hsm_gen_keypair()
34 else:
35 self._gen_openssl_privkey()
36
37 self._gen_openssl_cert()
38 self._insert_cert_db_data()
39
40 def _gen_openssl_privkey(self):
41 print('Gen openssl private key.')
42
43 def _get_cert_dbdata_by_id(self):
44 print('Get cert data from db. Type: {}.'.format(self.type))
45
46 def _hsm_gen_keypair(self):
47 print('Smartcard container label:{}'.format(
48 self.Smartcard.SmartcardContainer.label)
49 )
50 self.Smartcard.gen_keypair()
51
52
53class CertCA(Cert):
54 def __init__(self):
55 self.type = 'ca'
56 super().__init__()
57
58 def _load_ref_cert_data(self):
59 pass
60
61 def _gen_openssl_cert(self):
62 print('Gen openssl cert type:{}.'.format(self.type))
63
64 def _insert_cert_db_data(self):
65 print('Insert cert data type:{} into db.'.format(self.type))
66
67
68class CertServer(Cert):
69 def __init__(self):
70 self.type = 'server'
71 super().__init__()
72
73 def _load_ref_cert_data(self):
74 self.CertCA._get_cert_dbdata_by_id()
75
76 def _gen_openssl_cert(self):
77 print('Gen openssl cert type:{}, rel to CA.'.format(self.type))
78
79 def _insert_cert_db_data(self):
80 print('Insert cert data type:{} into db.'.format(self.type))
81
82
83class CertClient(Cert):
84 def __init__(self):
85 self.type = 'client'
86 super().__init__()
87
88 def _load_ref_cert_data(self):
89 self.CertCA._get_cert_dbdata_by_id()
90 self.CertServer._get_cert_dbdata_by_id()
91
92 def _gen_openssl_cert(self):
93 print('Gen openssl cert type:{}, rel to cCA and cServer.'.format(self.type))
94
95 def _insert_cert_db_data(self):
96 print('Insert cert data type:{} into db.'.format(self.type))
97
98
99class Smartcard(microesb.ClassHandler):
100 def __init__(self):
101 super().__init__()
102
103 def gen_keypair(self):
104 print('Gen keypair on smartcard:{} with keypair label:{}'.format(
105 self.label,
106 self.SmartcardContainer.label
107 ))
108
109
110class SmartcardContainer(microesb.ClassHandler):
111 def __init__(self):
112 super().__init__()
Example Service Call Metadata.
call_JSON = {
'SYSServiceID': 'generateCertClient',
'data': [
{
'CertClient': {
'id': 'test-client1',
'CertCA': {
'id': 'test-ca1'
},
'CertServer': {
'id': 'test-server1'
},
'Smartcard': {
'label': 'smartcard_customer1',
'user_pin': 'pin2',
'SmartcardContainer': {
'label': 'testserver1_client1_keypair'
}
},
'country': 'DE',
'state': 'Berlin',
'locality': 'Berlin',
'org': 'WEBcodeX',
'org_unit': 'Security',
'common_name': 'testclient1@domain.com',
'email': 'pki@webcodex.de',
'valid_days': 365
}
}
]
}
Full example see 2. PKI Provisioning / Class Types.
2. Multi Object Abstraction
Process multiple hierarchical input metadata elements at once.
1service_metadata = {
2 'SYSServiceID': 'insertUserDomain',
3 'data': [
4 {
5 'User':
6 {
7 'SYSServiceMethod': 'init',
8 'name': 'testuser1',
9 'Domain': {
10 'SYSServiceMethod': 'add',
11 'name': 'testdomain1',
12 'ending': 'com',
13 'Host': [
14 {
15 'SYSServiceMethod': 'add',
16 'type': 'MX',
17 'value': 'mx01.mailserver.com',
18 'priority': 1
19 },
20 {
21 'SYSServiceMethod': 'add',
22 'name': 'host1',
23 'type': 'A',
24 'value': '5.44.111.165',
25 'ttl': 36000
26 }
27 ]
28 }
29 }
30 }
31 ]
32}
Full example see 1. Hosting Use Case.
3. Structured Service Call Metadata
Define structured service call properties.
1service_properties = {
2 'SYSBackendMethods': [
3 ('gen_cert', 'on_recursion_finish')
4 ],
5 'Cert': {
6 'properties': {
7 'id': {
8 'type': 'str',
9 'default': None,
10 'required': True,
11 'description': 'Textual cert database id'
12 },
13 'country': {
14 'type': 'str',
15 'default': 'DE',
16 'required': True,
17 'description': 'Certificate country ref'
18 },
19 'state': {
20 'type': 'str',
21 'default': None,
22 'required': True,
23 'description': 'Certificate state ref'
24 },
25 'locality': {
26 'type': 'str',
27 'default': None,
28 'required': True,
29 'description': 'Certificate locality ref'
30 },
31 'org': {
32 'type': 'str',
33 'default': None,
34 'required': True,
35 'description': 'Certificate organization ref'
36 },
37 'org_unit': {
38 'type': 'str',
39 'default': None,
40 'required': True,
41 'description': 'Certificate organization unit ref'
42 },
43 'common_name': {
44 'type': 'str',
45 'default': None,
46 'required': True,
47 'description': 'Certificate common name'
48 },
49 'email': {
50 'type': 'str',
51 'default': None,
52 'required': True,
53 'description': 'Certificate email ref'
54 },
55 'valid_days': {
56 'type': 'int',
57 'default': 365,
58 'required': True,
59 'description': 'Certificate validity range in days'
60 }
61 },
62 'methods': ['gen_cert']
63 },
64 'Smartcard': {
65 'properties': {
66 'label': {
67 'type': 'str',
68 'default': None,
69 'required': True,
70 'description': 'Smartcard textual label'
71 },
72 'user_pin': {
73 'type': 'str',
74 'default': None,
75 'required': True,
76 'description': 'Smartcard pin'
77 }
78 }
79 },
80 'SmartcardContainer': {
81 'properties': {
82 'label': {
83 'type': 'str',
84 'default': None,
85 'required': True,
86 'description': 'Container object on smartcards textual label'
87 }
88 }
89 }
90}
Full example see 2. PKI Provisioning / Class Types.
4. Planned Features
Service Registry
Service Registry Management
Service Based AAA (HSM / Smartcard)
Automatic Service Interface Documentation Generation
x0 JavaScript Framework Integration