def ImportPEMIdentityCertificate(certMgr, certFile, keyFile): """ Import a PEM-formatted X509 identity certificate. @param certFile: File containing the certificate. @param keyFile: File containing the private key. """ try: print "Import PEM, looking for cb" cb = Toolkit.GetDefaultApplication().GetCertificateManagerUI( ).GetPassphraseCallback("Private key passphrase", "Enter the passphrase to your private key.") impCert = certMgr.ImportIdentityCertificatePEM( certMgr.GetCertificateRepository(), certFile, keyFile, cb) log.debug("Imported identity %s", str(impCert.GetSubject())) except CertificateRepository.RepoInvalidCertificate, ex: why = ex.args[0] log.exception("Import fails: %s. cert file %s keyfile %s", why, certFile, keyFile) dlg = wx.MessageDialog(None, "Error occurred during certificate import:\n" + why, "Error on import", style=wx.OK | wx.ICON_ERROR) dlg.ShowModal() dlg.Destroy() return
def OnSetDefault(self, event): cert = self.GetSelectedCertificate() if cert is None: return self.certMgr.SetDefaultIdentity(cert) Toolkit.GetDefaultApplication().GetCertificateManagerUI().InitEnvironment() self.Load()
def GetPassphrase(self,verifyFlag=0, prompt1="Enter the passphrase to your private key.", prompt2='Verify passphrase:'): # note: verifyFlag is unused from AccessGrid import Toolkit cb = Toolkit.GetDefaultApplication().GetCertificateManagerUI().GetPassphraseCallback(prompt1, prompt2) p1 = cb(0) passphrase = ''.join(p1) return passphrase
def OnDelete(self, event): cert = self.GetSelectedCertificate() if cert is None: return dlg = wx.MessageDialog( self, "Deleting a certificate is an irreversible operation.\n" + "Really delete certificate for identity " + cert.GetShortSubject() + "?", "Really delete?", style=wx.YES_NO | wx.NO_DEFAULT) ret = dlg.ShowModal() dlg.Destroy() if ret == wx.ID_NO: return self.certMgr.GetCertificateRepository().RemoveCertificate(cert) Toolkit.GetDefaultApplication().GetCertificateManagerUI( ).InitEnvironment() self.Load()
def ImportRequestedCertificate(self, userCert): repo = self.GetCertificateRepository() impCert = repo.ImportRequestedCertificate(userCert) log.debug("imported requested cert %s", impCert.GetSubject()) impCert.SetMetadata("AG.CertificateManager.certType", "identity") try: defID = self.GetDefaultIdentity() except NoCertificates: defID = None if defID is None: from AccessGrid import Toolkit self.SetDefaultIdentity(impCert) certMgrUI = Toolkit.GetDefaultApplication().GetCertificateManagerUI() certMgrUI.InitEnvironment() repo.NotifyObservers() return impCert
def OnDelete(self, event): cert = self.GetSelectedCertificate() if cert is None: return dlg = DeleteCertificateDialog(self, "Deleting a certificate is an irreversible operation.\n" + "Really delete certificate for identity " + cert.GetShortSubject() + "?") ret = dlg.ShowModal() retain = dlg.GetRetainPrivateKey() dlg.Destroy() if ret == wx.ID_NO: return self.certMgr.GetCertificateRepository().RemoveCertificate(cert, dlg.GetRetainPrivateKey()) Toolkit.GetDefaultApplication().GetCertificateManagerUI().InitEnvironment() self.Load()
def ImportCACertificates(self): sysConfDir = AGTkConfig.instance().GetConfigDir() caDir = os.path.join(sysConfDir,'CAcertificates') log.debug("Initializing from %s", caDir) # # Now handle the CA certs. # if caDir is not None: try: files = os.listdir(caDir) except: from AccessGrid import Toolkit certMgrUI = Toolkit.GetDefaultApplication().GetCertificateManagerUI() certMgrUI.ReportError("Error reading CA certificate directory\n" + caDir + "\n" + "You will have to import trusted CA certificates later.") files = [] # # Extract the files from the caDir that match OpenSSL's # 8-character dot index format. # regexp = re.compile(r"^[\da-fA-F]{8}\.\d$") possibleCertFiles = filter(lambda f, r = regexp: r.search(f), files) for f in possibleCertFiles: path = os.path.join(caDir, f); log.info("%s might be a cert" % (path)) # Check for existence of signing policy certbasename = f.split('.')[0] signingPolicyFile = '%s.signing_policy' % (certbasename,) signingPath = os.path.join(caDir,signingPolicyFile) if not os.path.isfile(signingPath): log.info("Not importing CA cert %s; couldn't find signing policy file %s", f,signingPath) continue try: # Import the certificate desc = self.ImportCACertificatePEM(self.certRepo, path) except: log.exception('import of ca cert failed') try: # # Copy the signing policy file # shutil.copyfile(signingPath, desc.GetFilePath("signing_policy")) log.info("Imported cert as %s.0", desc.GetSubject().get_hash()) except: # print "Failure to import ", path log.exception("failure importing %s", path)
return 0 if __name__ == "__main__": h = Log.StreamHandler() h.setFormatter(Log.GetFormatter()) Log.HandleLoggers(h, Log.GetDefaultLoggers()) os.mkdir("foo") log.debug("foo") try: cm = CertificateManager("foo") ui = CertificateManagerUserInterface(cm) x = cm.ImportIdentityCertificatePEM(cm.certRepo, r"v\venueServer_cert.pem", r"v\venueServer_key.pem", None) if 0: certMgrUI = Toolkit.GetDefaultApplication().GetCertificateManagerUI() passphraseCB = certMgrUI.GetPassphraseCallback("DOE cert", "") x = cm.ImportIdentityCertificatePEM(cm.certRepo, r"\temp\doe.pem", r"\temp\doe.pem", passphraseCB) cm.InitEnvironment() except Exception, e: print e os.removedirs("foo")
def OnCreate(self, event): #self.certMgr.CreateProxyCertificate() Toolkit.GetDefaultApplication().GetCertificateManagerUI().CreateProxy() self.Load()
print " Initialization Error: Missing Dependency: ", e sys.exit(-1) except Exception, e: print "Toolkit Initialization failed, exiting." print " Initialization Error: ", e sys.exit(-1) log = app.GetLog() Log.SetDefaultLevel(Log.ServiceManager, Log.DEBUG) port = app.GetOption("port") # Create the hosting environment hostname = app.GetHostname() if app.GetOption("secure"): context = Toolkit.GetDefaultApplication().GetContext() server = SecureServer((hostname, port), context) else: server = InsecureServer((hostname, port)) # Create the Service Manager gServiceManager = AGServiceManager(server) # Create the Service Manager Service smi = AGServiceManagerI(impl=gServiceManager, auth_method_name=None) server.RegisterObject(smi, path="/ServiceManager") url = server.FindURLForObject(gServiceManager) gServiceManager.SetName('%s:%d' % (hostname, port)) gServiceManager.SetUri(url) if app.GetOption("nodeService") is not None: