def __test():
import optparse
usage = "%prog [options]"
desc = "proxy and attribute cert test"
parser = optparse.OptionParser(usage=usage, description=desc)
parser.add_option("-c", "--cert", dest="icert", default="~/.ssl/encrypted.pem", help="user (issuer) certificate")
parser.add_option("-k", "--key", dest="ikey", default="~/.ssl/encrypted.pem", help="user (issuer) key")
parser.add_option("-s", "--scert", dest="scert", default=None, help="subject cert (e.g. proxy cert)")
parser.add_option("-a", "--attribute", dest="attr", action="store_true", help="make an attribute certificate")
parser.add_option("-r", "--role", dest="role", default=None, help="role to assign")
parser.add_option("-l", "--lifetime", dest="lt", default=7, help="certificate lifetime (default=%default)")
parser.add_option("-o", "--certout", dest="outcert", default=None, help="name of output certificate")
parser.add_option("-u", "--keyout", dest="outkey", default=None, help="name of output key file")
parser.add_option("-n", "--cn", dest="cn", default="12345678", help="common name to append to proxy subject")
options, args = parser.parse_args(sys.argv[1:])
from M2Crypto.util import passphrase_callback
passphrase = str(passphrase_callback(1, "Enter passphrase:", "Verify passphrase:"))
if options.attr and options.role and options.scert and options.outcert:
make_attribute_cert(options.icert, options.ikey, options.scert, options.role, options.outcert, passphrase)
if (not options.attr) and options.outcert and options.outkey:
make_proxy_cert(options.icert, options.ikey, options.outcert, options.outkey, options.cn, options.lt, passphrase)
"""
if os.path.exists(PASSPHRASEFILE):
try:
passphrase = open(PASSPHRASEFILE).readline()
passphrase = passphrase.strip()
return passphrase
except IOError, e:
print 'Error reading passphrase file %s: %s' % (PASSPHRASEFILE,
e.strerror)
else:
if debug:
print 'passphrase file %s does not exist' % (PASSPHRASEFILE)
if not "passphrase" in dir( PassPhraseCB ):
# Prompt user if PASSPHRASEFILE does not exist or could not be read.
from M2Crypto.util import passphrase_callback
PassPhraseCB.passphrase = passphrase_callback(v, prompt1, prompt2)
return PassPhraseCB.passphrase
def geni_am_response_handler(method, method_args):
"""Handles the GENI AM responses, which are different from the
ProtoGENI responses. ProtoGENI always returns a dict with three
keys (code, value, and output. GENI AM operations return the
value, or an XML RPC Fault if there was a problem.
"""
return apply(method, method_args)
def dotty():
counter = 0
while threading.currentThread().keep_going:
sys.stderr.write( ( "/-\\|"[ counter ] ) + "\010" )
counter = ( counter + 1 ) & 3
def _passphrase_callback(*args, **keywords):
passphrase = m2_util.passphrase_callback(*args, **keywords)
if passphrase is None:
return passphrase
return passphrase.encode()
callback. Return the passphrase.
"""
if os.path.exists(PASSPHRASEFILE):
try:
passphrase = open(PASSPHRASEFILE).readline()
passphrase = passphrase.strip()
return passphrase
except IOError, e:
print 'Error reading passphrase file %s: %s' % (PASSPHRASEFILE,
e.strerror)
else:
if debug:
print 'passphrase file %s does not exist' % (PASSPHRASEFILE)
# Prompt user if PASSPHRASEFILE does not exist or could not be read.
from M2Crypto.util import passphrase_callback
return passphrase_callback(v, prompt1, prompt2)
def geni_am_response_handler(method, method_args):
"""Handles the GENI AM responses, which are different from the
ProtoGENI responses. ProtoGENI always returns a dict with three
keys (code, value, and output. GENI AM operations return the
value, or an XML RPC Fault if there was a problem.
"""
return apply(method, method_args)
#
# Call the rpc server.
#
def do_method(module, method, params, URI=None, quiet=False, version=None,
response_handler=None):
callback. Return the passphrase.
"""
if os.path.exists(PASSPHRASEFILE):
try:
passphrase = open(PASSPHRASEFILE).readline()
passphrase = passphrase.strip()
return passphrase
except IOError, e:
print 'Error reading passphrase file %s: %s' % (PASSPHRASEFILE,
e.strerror)
else:
if debug:
print 'passphrase file %s does not exist' % (PASSPHRASEFILE)
# Prompt user if PASSPHRASEFILE does not exist or could not be read.
from M2Crypto.util import passphrase_callback
return passphrase_callback(v, prompt1, prompt2)
def geni_am_response_handler(method, method_args):
"""Handles the GENI AM responses, which are different from the
ProtoGENI responses. ProtoGENI always returns a dict with three
keys (code, value, and output. GENI AM operations return the
value, or an XML RPC Fault if there was a problem.
"""
return apply(method, method_args)
#
# Call the rpc server.
#
def do_method(module,
global passphrase
"""Acquire the encrypted certificate passphrase by reading a file or prompting the user.
This is an M2Crypto callback. If the passphrase file exists and is
readable, use it. If the passphrase file does not exist or is not
readable, delegate to the standard M2Crypto passphrase
callback. Return the passphrase.
"""
if os.path.exists(PASSPHRASEFILE):
try:
passphrase = open(PASSPHRASEFILE).readline()
passphrase = passphrase.strip()
return passphrase
except IOError, e:
print 'Error reading passphrase file %s: %s' % (PASSPHRASEFILE,e.strerror)
from M2Crypto.util import passphrase_callback
passphrase = str(passphrase_callback(1, prompt1, prompt2))
return passphrase
def noKey():
return ''
def generate_key_without_passphrase(keyfile,LOGFILE,debug):
if ',ENCRYPTED' in open(FILE).read():
key = RSA.load_key(FILE,gemini_util.PassPhraseCB)
key.save_key(mynopasskeyfile,None,noKey)
else:
return keyfile
def sshConnection(hostname,port,username,key_filename,what_to_do,cmd=None,localFile=None,remoteFile=None):
#' > /dev/null 2>&1 &'
def passwd_callback(self, v):
return util.passphrase_callback(v, prompt1="Enter Credential passphrase", prompt2=None)
import re
import stat
import xmlrpclib
from M2Crypto import SSL, X509
def RememberCB( c, prompt1 = '', prompt2 = '' ):
return passphrase
execfile( "test-common.py" )
if os.path.exists( PASSPHRASEFILE ):
Fatal( "A passphrase has already been stored." )
from M2Crypto.util import passphrase_callback
while True:
passphrase = passphrase_callback(0)
if not os.path.exists(CERTIFICATE):
print >> sys.stderr, "Warning:", CERTIFICATE, "not found; cannot " \
"verify passphrase."
break
try:
ctx = SSL.Context( "sslv23" )
ctx.load_cert( CERTIFICATE, CERTIFICATE, RememberCB )
except M2Crypto.SSL.SSLError, err:
print >> sys.stderr, "Could not decrypt key. Please try again."
continue
break
f = open( PASSPHRASEFILE, "w" )
"""
if os.path.exists(PASSPHRASEFILE):
try:
passphrase = open(PASSPHRASEFILE).readline()
passphrase = passphrase.strip()
return passphrase
except IOError, e:
print 'Error reading passphrase file %s: %s' % (PASSPHRASEFILE,
e.strerror)
else:
if debug:
print 'passphrase file %s does not exist' % (PASSPHRASEFILE)
if not "passphrase" in dir(PassPhraseCB):
# Prompt user if PASSPHRASEFILE does not exist or could not be read.
from M2Crypto.util import passphrase_callback
PassPhraseCB.passphrase = passphrase_callback(v, prompt1, prompt2)
return PassPhraseCB.passphrase
def geni_am_response_handler(method, method_args):
"""Handles the GENI AM responses, which are different from the
ProtoGENI responses. ProtoGENI always returns a dict with three
keys (code, value, and output. GENI AM operations return the
value, or an XML RPC Fault if there was a problem.
"""
return apply(method, method_args)
def dotty():
counter = 0
while threading.currentThread().keep_going:
def __test():
import optparse
usage = "%prog [options]"
desc = "proxy and attribute cert test"
parser = optparse.OptionParser(usage=usage, description=desc)
parser.add_option("-c",
"--cert",
dest="icert",
default="~/.ssl/encrypted.pem",
help="user (issuer) certificate")
parser.add_option("-k",
"--key",
dest="ikey",
default="~/.ssl/encrypted.pem",
help="user (issuer) key")
parser.add_option("-s",
"--scert",
dest="scert",
default=None,
help="subject cert (e.g. proxy cert)")
parser.add_option("-a",
"--attribute",
dest="attr",
action="store_true",
help="make an attribute certificate")
parser.add_option("-r",
"--role",
dest="role",
default=None,
help="role to assign")
parser.add_option("-l",
"--lifetime",
dest="lt",
default=7,
help="certificate lifetime (default=%default)")
parser.add_option("-o",
"--certout",
dest="outcert",
default=None,
help="name of output certificate")
parser.add_option("-u",
"--keyout",
dest="outkey",
default=None,
help="name of output key file")
parser.add_option("-n",
"--cn",
dest="cn",
default="12345678",
help="common name to append to proxy subject")
options, args = parser.parse_args(sys.argv[1:])
from M2Crypto.util import passphrase_callback
passphrase = str(
passphrase_callback(1, "Enter passphrase:", "Verify passphrase:"))
if options.attr and options.role and options.scert and options.outcert:
make_attribute_cert(options.icert, options.ikey, options.scert,
options.role, options.outcert, passphrase)
if (not options.attr) and options.outcert and options.outkey:
make_proxy_cert(options.icert, options.ikey, options.outcert,
options.outkey, options.cn, options.lt, passphrase)
