Get the Org CA keypair (lazy-init).
()
| 782 | |
| 783 | |
| 784 | def _get_ca_keypair() -> tuple[Any, bytes]: |
| 785 | """Get the Org CA keypair (lazy-init).""" |
| 786 | global _CA_KEYPAIR_CACHE |
| 787 | if _CA_KEYPAIR_CACHE is None: |
| 788 | from orgkernel.crypto_utils import _ensure_ca_keypair |
| 789 | ca_private_key, ca_public_bytes = _ensure_ca_keypair() |
| 790 | # Serialize private key to PEM |
| 791 | pem_bytes = ca_private_key.private_bytes( |
| 792 | encoding=serialization.Encoding.PEM, |
| 793 | format=serialization.PrivateFormat.PKCS8, |
| 794 | encryption_algorithm=serialization.NoEncryption(), |
| 795 | ) |
| 796 | _CA_KEYPAIR_CACHE = (pem_bytes.decode("utf-8"), ca_public_bytes) |
| 797 | return _CA_KEYPAIR_CACHE[0], _CA_KEYPAIR_CACHE[1] |
| 798 | |
| 799 | |
| 800 | def _ca_private_key_to_pem(private_key: Any) -> str: |
no test coverage detected