Source code for octopoes.models.ooi.certificate

from __future__ import annotations

from datetime import datetime, timedelta
from enum import Enum
from typing import Literal

from octopoes.models import OOI, Reference
from octopoes.models.ooi.dns.zone import Hostname
from octopoes.models.ooi.network import IPAddress
from octopoes.models.persistence import ReferenceField




[docs]
class AlgorithmType(Enum):
    """Represents the Algorithm Type from TLS certificates.

    Possible values
    ---------------
    RSA, ECC
    """

    RSA = "RSA"
    ECC = "ECC"






[docs]
class X509Certificate(OOI):
    """Represents X509 certificates.

    Possible values
    ---------------
    Subject, issuer, valid from, valid intil, PK Algorithm, PK size, PK number, serial number,
    expires in
    """

    object_type: Literal["X509Certificate"] = "X509Certificate"

    subject: str | None = None
    issuer: str | None = None
    valid_from: str
    valid_until: str
    pk_algorithm: str | None = None
    pk_size: int | None = None
    pk_number: str | None = None
    signed_by: Reference | None = ReferenceField(
        "X509Certificate", max_issue_scan_level=1, max_inherit_scan_level=0, default=None
    )
    serial_number: str
    expires_in: timedelta | None = None

    _natural_key_attrs = ["issuer", "serial_number"]

    @property
    def expired(self):
        return datetime.now() > datetime.fromisoformat(self.valid_until)

    _reverse_relation_names = {"signed_by": "signed_certificates"}



[docs]
    @classmethod
    def format_reference_human_readable(cls, reference: Reference) -> str:
        return f"{reference.tokenized.issuer} ({reference.tokenized.serial_number})"








[docs]
class SubjectAlternativeName(OOI):
    """Represents alternative subject names in X509 Certificate objects."""

    certificate: Reference = ReferenceField(X509Certificate)

    _natural_key_attrs = ["certificate"]






[docs]
class SubjectAlternativeNameHostname(SubjectAlternativeName):
    """Represents subject alternative names for hostnames in X509 Certificate objects.

    Possible values
    ---------------
    hostnames

    Example value
    -------------
    mispo.es
    """

    object_type: Literal["SubjectAlternativeNameHostname"] = "SubjectAlternativeNameHostname"
    hostname: Reference = ReferenceField(Hostname, max_issue_scan_level=1, max_inherit_scan_level=0)

    _natural_key_attrs = ["certificate", "hostname"]



[docs]
    @classmethod
    def format_reference_human_readable(cls, reference: Reference) -> str:
        return reference.tokenized.hostname.name








[docs]
class SubjectAlternativeNameIP(SubjectAlternativeName):
    """Represents subject alternative names for IPs in X509 Certificate objects.

    Possible values
    ---------------
    IPv4 or IPv6 address

    Example value
    -------------
    192.168.1.1
    """

    object_type: Literal["SubjectAlternativeNameIP"] = "SubjectAlternativeNameIP"
    address: Reference = ReferenceField(IPAddress)

    _natural_key_attrs = ["certificate", "address"]



[docs]
    @classmethod
    def format_reference_human_readable(cls, reference: Reference) -> str:
        return reference.tokenized.address.address








[docs]
class SubjectAlternativeNameQualifier(SubjectAlternativeName):
    """Represents subject alternative names qualifier in X509 Certificate objects.

    Possible values
    ---------------
    hostnames

    Example value
    -------------
    mispo.es
    """

    object_type: Literal["SubjectAlternativeNameQualifier"] = "SubjectAlternativeNameQualifier"
    name: str

    _natural_key_attrs = ["certificate", "name"]



[docs]
    @classmethod
    def format_reference_human_readable(cls, reference: Reference) -> str:
        return reference.tokenized.name






X509Certificate.model_rebuild()
SubjectAlternativeNameHostname.model_rebuild()
SubjectAlternativeNameIP.model_rebuild()
SubjectAlternativeNameQualifier.model_rebuild()