"""Module to handle revocation logic for devices and device credentials."""from__future__importannotationsfrompki.models.certificateimportRevokedCertificateModelfromdevices.modelsimportIssuedCredentialModel
[docs]classDeviceCredentialRevocation:"""Class to handle revocation logic for devices and device credentials."""@staticmethod
[docs]defrevoke_certificate(issued_credential_id:int,reason:str)->tuple[bool,str]:"""Revokes a certificate given an ID of an IssuedCredentialModel instance."""try:issued_credential=IssuedCredentialModel.objects.get(id=issued_credential_id)exceptIssuedCredentialModel.DoesNotExist:returnFalse,'The credential to revoke does not exist.'primary_cert=issued_credential.credential.certificateifnotprimary_cert:returnFalse,'The associated certificate to revoke was not found.'ifhasattr(primary_cert,'revoked_certificate'):returnFalse,'The certificate is already revoked.'RevokedCertificateModel.objects.create(certificate=primary_cert,revocation_reason=reason,ca=issued_credential.domain.issuing_ca)returnTrue,'Certificate successfully revoked.'