Chill-project/sign-pdf-worker
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Chill-project:main
Branches Tags
Chill-project:main
Chill-project:test-ts-sign
..
compare: Chill-project:test-ts-sign
Branches Tags
Chill-project:main
Chill-project:test-ts-sign

No commits in common. "main" and "test-ts-sign" have entirely different histories.
main ... test-ts-si

4 changed files with 6 additions and 9 deletions
Show Stats Expand all files Collapse all files

3
local.env.dist
View File

@ -5,6 +5,3 @@ TIMESTAMP_URL=http://freetsa.org/tsr
QUEUE_IN=to_python_sign QUEUE_IN=to_python_sign
EXCHANGE_OUT=signed_docs EXCHANGE_OUT=signed_docs
OUT_ROUTING_KEY=signed_doc OUT_ROUTING_KEY=signed_doc
TSA_CONFIG_PATH=/home/julien/dev/chill/sign-pdf-worker/ts-authority/rootca.conf
TSA_CERT_CHAIN=/home/julien/dev/chill/sign-pdf-worker/ts-authority/ca/tsa-chain.pem
TSA_KEY_PASSWORD=5678

5
pythonProject/sign.py
View File

@ -4,10 +4,11 @@ from typing import Optional
from pyhanko import stamp from pyhanko import stamp
from pyhanko.pdf_utils.incremental_writer import IncrementalPdfFileWriter from pyhanko.pdf_utils.incremental_writer import IncrementalPdfFileWriter
from pyhanko.sign import signers, fields from pyhanko.sign import signers, timestamps, fields
from pyhanko_certvalidator import ValidationContext
from typing_extensions import Buffer from typing_extensions import Buffer
from timestamp import LocalOpensslTimestamp from pythonProject.timestamp import LocalOpensslTimestamp
class SignOrchestrator: class SignOrchestrator:

5
pythonProject/worker.py
View File

@ -12,7 +12,7 @@ logging.basicConfig(level=logging.INFO, format=LOG_FORMAT)
LOGGER = logging.getLogger(__name__) LOGGER = logging.getLogger(__name__)
LOGGER.setLevel(os.environ.get('LOG_LEVEL', logging.INFO)) LOGGER.setLevel(os.environ.get('LOG_LEVEL', logging.INFO))
for v in ['AMQP_URL', 'PKCS12_PATH', 'QUEUE_IN', 'EXCHANGE_OUT', 'OUT_ROUTING_KEY', 'TSA_CONFIG_PATH', 'TSA_CERT_CHAIN', 'TSA_KEY_PASSWORD']: for v in ['AMQP_URL', 'PKCS12_PATH', 'TIMESTAMP_URL', 'QUEUE_IN', 'EXCHANGE_OUT', 'OUT_ROUTING_KEY']:
if v not in os.environ: if v not in os.environ:
LOGGER.error('Missing environment variable: %s', v) LOGGER.error('Missing environment variable: %s', v)
raise ValueError('Missing environment variable: ' + v) raise ValueError('Missing environment variable: ' + v)
@ -26,7 +26,7 @@ TSA_CONFIG_PATH = os.environ.get('TSA_CONFIG_PATH')
TSA_CERT_CHAIN = os.environ.get('TSA_CERT_CHAIN') TSA_CERT_CHAIN = os.environ.get('TSA_CERT_CHAIN')
TSA_KEY_PASSWORD = os.environ.get('TSA_KEY_PASSWORD') TSA_KEY_PASSWORD = os.environ.get('TSA_KEY_PASSWORD')
orchestrator = sign.SignOrchestrator(PKCS12_PATH, TSA_CONFIG_PATH, TSA_KEY_PASSWORD, TSA_CERT_CHAIN, pkcs12_password=None if os.environ.get('PKCS12_PASSWORD', None) is None else os.environ.get('PKCS12_PASSWORD').encode()) orchestrator = sign.SignOrchestrator(PKCS12_PATH, TSA_CONFIG_PATH, TSA_KEY_PASSWORD, TSA_CERT_CHAIN, pkcs12_password=os.environ.get('PKCS12_PASSWORD', None))
parameters = pika.URLParameters(DSN) parameters = pika.URLParameters(DSN)
connection = pika.BlockingConnection(parameters) connection = pika.BlockingConnection(parameters)
@ -76,7 +76,6 @@ def on_message(channel, method_frame, header_frame, body):
else: else:
LOGGER.warning(f"first try failed, signatureId: {body_content['signatureId']}") LOGGER.warning(f"first try failed, signatureId: {body_content['signatureId']}")
channel.basic_ack(delivery_tag=method_frame.delivery_tag) channel.basic_ack(delivery_tag=method_frame.delivery_tag)
raise e
if __name__ == '__main__': if __name__ == '__main__':

2
ts-authority/README.md
View File

@ -152,7 +152,7 @@ openssl ts -verify -data /etc/hosts -in /tmp/response.tsr -CAfile ca/root-ca.pem
``` ```
# Préparation à partir d'un certificat d'horodatage au format pkcs12 # Préparation pour Vendée
## Extraire les infos ## Extraire les infos