pki.forms.owner_credentialΒΆ

Django forms for owner credential management.

Module ContentsΒΆ

class pki.forms.owner_credential.OwnerCredentialFileImportForm(data=None, files=None, auto_id='id_%s', prefix=None, initial=None, error_class=ErrorList, label_suffix=None, empty_permitted=False, field_order=None, use_required_attribute=None, renderer=None, bound_field_class=None)[source]ΒΆ

Bases: trustpoint.logger.LoggerMixin, django.forms.Form

Form for importing an DevOwnerID using separate files.

This form allows the user to upload a private key file, its password (optional), an DevOwnerID certificate file, and an optional certificate chain. The form validates the uploaded files, ensuring they are correctly formatted and within size limits.

unique_name[source]ΒΆ

A unique name for the Owner Credential.

Type:

CharField

private_key_file[source]ΒΆ

The private key file (.key, .pem).

Type:

FileField

private_key_file_password[source]ΒΆ

An optional password for the private key.

Type:

CharField

owner_certificateΒΆ

The DevOwnerID certificate file (.cer, .der, .pem, .p7b, .p7c).

Type:

FileField

owner_certificate_chainΒΆ

An optional certificate chain file.

Type:

FileField

unique_name[source]ΒΆ
certificate[source]ΒΆ
certificate_chain[source]ΒΆ
private_key_file[source]ΒΆ
private_key_file_password[source]ΒΆ
clean_private_key_file()[source]ΒΆ

Validates and parses the uploaded private key file.

This method checks if the private key file is provided, ensures it meets size constraints, and validates its contents. If a password is provided, it is used to decrypt the private key. Raises validation errors for missing, oversized, or corrupted private key files.

Returns:

A serializer containing the parsed private key.

Return type:

PrivateKeySerializer

Raises:
  • ValidationError – If the private key file is missing, too large, or

  • corrupted, or if the password is invalid or incompatible. –

clean_certificate()[source]ΒΆ

Validates and parses the uploaded certificate file.

This method ensures the provided certificate file is valid and not already associated with an existing DevOwnerID in the database. If the file is too large, corrupted, or already in use, a validation error is raised.

Returns:

A serializer containing the parsed certificate.

Return type:

CertificateSerializer

Raises:
  • ValidationError – If the file is missing, too large, corrupted, or already

  • associated with an existing Issuing CA. –

clean_certificate_chain()[source]ΒΆ

Validates and parses the uploaded certificate chain file.

This method checks if the optional certificate chain file is provided. If present, it validates and attempts to parse the file into a collection of certificates. Raises a validation error if parsing fails or the file appears corrupted.

Returns:

A serializer containing the parsed certificate chain if provided.

Return type:

CertificateCollectionSerializer

Raises:

ValidationError – If the certificate chain cannot be parsed.

clean()[source]ΒΆ

Cleans and validates the form data.

This method performs additional validation on the provided data, such as ensuring the unique name, private key file, and certificates are valid. It also initializes and saves the OwnerCredential configuration if all checks pass.

Raises:

ValidationError – If the form data is invalid or there is an error during processing.

Return type:

None

class pki.forms.owner_credential.OwnerCredentialTruststoreAssociationForm(*args, **kwargs)[source]ΒΆ

Bases: django.forms.Form

Form for associating a TLS truststore with a DevOwnerID’s NoOnboardingConfig.

Parameters:
  • args (Any)

  • kwargs (Any)

trust_store: django.forms.ModelChoiceField[Any][source]ΒΆ
instance: pki.models.OwnerCredentialModel[source]ΒΆ
save()[source]ΒΆ

Save the selected truststore to the owner credential’s config.

Return type:

None

class pki.forms.owner_credential.OwnerCredentialAddRequestEstNoOnboardingForm(data=None, files=None, auto_id='id_%s', prefix=None, initial=None, error_class=ErrorList, label_suffix=None, empty_permitted=False, field_order=None, use_required_attribute=None, renderer=None, bound_field_class=None)[source]ΒΆ

Bases: _OwnerCredentialEstBaseMixin

Form for requesting a DevOwnerID certificate via EST with username/password.

est_username[source]ΒΆ
est_password[source]ΒΆ
clean()[source]ΒΆ

Validate and save the owner credential via EST no-onboarding enrollment.

Return type:

dict[str, Any]

class pki.forms.owner_credential.OwnerCredentialAddRequestEstOnboardingForm(data=None, files=None, auto_id='id_%s', prefix=None, initial=None, error_class=ErrorList, label_suffix=None, empty_permitted=False, field_order=None, use_required_attribute=None, renderer=None, bound_field_class=None)[source]ΒΆ

Bases: _OwnerCredentialEstBaseMixin

Form for requesting a DevOwnerID certificate via EST with IDevID-based onboarding.

remote_path_domain_credential[source]ΒΆ
est_username[source]ΒΆ
est_password[source]ΒΆ
clean()[source]ΒΆ

Validate and prepare the owner credential via EST IDevID onboarding.

Return type:

dict[str, Any]