fix: better private key handling

PascalDR · PascalDR · commit cbf28ee41624 · 2025-06-27T15:20:03.000+02:00
diff --git a/pymdoccbor/mso/issuer.py b/pymdoccbor/mso/issuer.py
@@ -63,19 +63,21 @@ def __init__(
         :param revocation: dict: revocation status dict to include in the mso, it may include status_list and identifier_list keys
         """
 
-        if not hsm:
-            if private_key:
-                if isinstance(private_key, dict):
-                    self.private_key = CoseKey.from_dict(private_key)
-                    if not self.private_key.kid:
-                        self.private_key.kid = str(uuid.uuid4())
-                elif isinstance(private_key, CoseKey):
-                    self.private_key = private_key
-                else:
-                    raise ValueError("private_key must be a dict or CoseKey object")
+        if private_key:
+            if isinstance(private_key, dict):
+                self.private_key = CoseKey.from_dict(private_key)
+                if not self.private_key.kid:
+                    self.private_key.kid = str(uuid.uuid4())
+            elif isinstance(private_key, CoseKey):
+                self.private_key = private_key
             else:
+                raise ValueError("private_key must be a dict or CoseKey object")
+        else:
+            if not hsm:
                 raise MsoPrivateKeyRequired("MSO Writer requires a valid private key")
 
+        super().__init__(self.private_key)
+
         if not validity:
             raise ValueError("validity must be present")
 
diff --git a/pymdoccbor/x509.py b/pymdoccbor/x509.py
@@ -1,6 +1,8 @@
 from cwt import COSEKey
 from typing import Union
 
+from pycose.keys import CoseKey
+
 from cryptography import x509
 from cryptography.x509.oid import NameOID
 from cryptography.x509 import Certificate
@@ -13,6 +15,14 @@ class MsoX509FabricInteface:
     MsoX509Fabric helper class to create a new mso
     """
 
+    def __init__(self, private_key: CoseKey | None) -> None:
+        """
+        Initialize the MsoX509Fabric object
+
+        :param private_key: str: the private key in COSE format
+        """
+        self.private_key = private_key
+        
     def selfsigned_x509cert(self, encoding: str = "DER") -> Union[Certificate, bytes]:
         """
         Returns an X.509 certificate derived from the private key of the MSO Issuer
@@ -21,6 +31,10 @@ def selfsigned_x509cert(self, encoding: str = "DER") -> Union[Certificate, bytes
 
         :return: Union[Certificate, bytes]: the X.509 certificate
         """
+
+        if not self.private_key:
+            raise ValueError("private_key must be set")
+
         ckey = COSEKey.from_bytes(self.private_key.encode())
 
         subject = issuer = x509.Name([
