def __set_domain_component_id(self, resource_cid):
"""
Retrieve domain URN from component ID.
"""
try:
self.debug("Getting Domain info from resource-id: %s" %
(resource_cid, ))
# First part of the tuple
resource_hrn = xrn.urn_to_hrn(resource_cid)[0]
# Conversion from HRN to URN sometimes translates
# "." by "\.". Corrected here
resource_hrn = resource_hrn.replace("\.", ".")
# Auth URN is already there
#resource_auth = xrn.get_authority(resource_hrn)
resource_auth = resource_hrn
resource_cid = xrn.hrn_to_urn(resource_auth, "authority")
self.domain_urn = resource_cid
self.info("The URN is well-formed, update domain-urn: %s" %
(self.domain_urn, ))
except Exception as e:
self.error("Malformed URN on resource_detector. Exception: %s" %
str(e))
# XXX_FIXME_XXX: this is just a workaround.
# We reuse the component-id as prefix of the "autority" string.
# We also introduce "malformed" just to point out this case!
self.domain_urn = resource_cid + "+malformed+" + "authority+sa"
self.warning("Malformed Domain URN: %s" % (self.domain_urn, ))
def get_auth_ticket(self, xrn):
hrn, type = urn_to_hrn(xrn)
auth_info = self.get_auth_info(hrn)
gid = auth_info.get_gid_object()
ticket = SfaTicket(subject=hrn)
ticket.set_gid_caller(gid)
ticket.set_gid_object(gid)
ticket.set_delegate(True)
ticket.set_pubkey(auth_info.get_gid_object().get_pubkey())
parent_hrn = get_authority(hrn)
if not parent_hrn:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
ticket.set_issuer(auth_info.get_pkey_object(), hrn)
else:
# we need the parent's private key in order to sign this GID
parent_auth_info = self.get_auth_info(parent_hrn)
ticket.set_issuer(parent_auth_info.get_pkey_object(),
parent_auth_info.hrn)
ticket.set_parent(self.get_auth_cred(parent_hrn))
ticket.encode()
ticket.sign()
return ticket
def auth_exists(self, xrn):
hrn, type = urn_to_hrn(xrn)
(directory, gid_filename, privkey_filename) = \
self.get_auth_filenames(hrn)
print directory, gid_filename, privkey_filename
return os.path.exists(gid_filename) and os.path.exists(privkey_filename)
def __init__(self,
create=False,
subject=None,
string=None,
filename=None,
uuid=None,
hrn=None,
urn=None,
lifeDays=1825,
email=None):
self.uuid = None
self.hrn = None
self.urn = None
self.email = None # for adding to the SubjectAltName
Certificate.__init__(self, lifeDays, create, subject, string, filename)
if subject:
print "Creating GID for subject: %s" % subject
if uuid:
self.uuid = int(uuid)
if hrn:
self.hrn = hrn
self.urn = hrn_to_urn(hrn, 'unknown')
if urn:
self.urn = urn
self.hrn, type = urn_to_hrn(urn)
if email:
self.set_email(email)
def __set_domain_component_id(self, resource_cid):
"""
Retrieve domain URN from component ID.
"""
try:
self.debug("Getting Domain info from resource-id: %s" %
(resource_cid,))
# First part of the tuple
resource_hrn = xrn.urn_to_hrn(resource_cid)[0]
# Conversion from HRN to URN sometimes translates
# "." by "\.". Corrected here
resource_hrn = resource_hrn.replace("\.", ".")
# Auth URN is already there
#resource_auth = xrn.get_authority(resource_hrn)
resource_auth = resource_hrn
resource_cid = xrn.hrn_to_urn(resource_auth, "authority")
self.domain_urn = resource_cid
self.info("The URN is well-formed, update domain-urn: %s" %
(self.domain_urn,))
except Exception as e:
self.error("Malformed URN on resource_detector. Exception: %s" %
str(e))
# XXX_FIXME_XXX: this is just a workaround.
# We reuse the component-id as prefix of the "autority" string.
# We also introduce "malformed" just to point out this case!
self.domain_urn = resource_cid + "+malformed+" + "authority+sa"
self.warning("Malformed Domain URN: %s" % (self.domain_urn,))
def get_auth_cred(self, xrn, kind="authority"):
hrn, type = urn_to_hrn(xrn)
auth_info = self.get_auth_info(hrn)
gid = auth_info.get_gid_object()
cred = Credential(subject=hrn)
cred.set_gid_caller(gid)
cred.set_gid_object(gid)
cred.set_privileges(kind)
cred.get_privileges().delegate_all_privileges(True)
#cred.set_pubkey(auth_info.get_gid_object().get_pubkey())
parent_hrn = get_authority(hrn)
if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
cred.set_issuer_keys(auth_info.get_privkey_filename(), auth_info.get_gid_filename())
else:
# we need the parent's private key in order to sign this GID
parent_auth_info = self.get_auth_info(parent_hrn)
cred.set_issuer_keys(parent_auth_info.get_privkey_filename(), parent_auth_info.get_gid_filename())
cred.set_parent(self.get_auth_cred(parent_hrn, kind))
cred.encode()
cred.sign()
return cred
def get_auth_ticket(self, xrn):
hrn, type = urn_to_hrn(xrn)
auth_info = self.get_auth_info(hrn)
gid = auth_info.get_gid_object()
ticket = SfaTicket(subject=hrn)
ticket.set_gid_caller(gid)
ticket.set_gid_object(gid)
ticket.set_delegate(True)
ticket.set_pubkey(auth_info.get_gid_object().get_pubkey())
parent_hrn = get_authority(hrn)
if not parent_hrn:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
ticket.set_issuer(auth_info.get_pkey_object(), hrn)
else:
# we need the parent's private key in order to sign this GID
parent_auth_info = self.get_auth_info(parent_hrn)
ticket.set_issuer(parent_auth_info.get_pkey_object(), parent_auth_info.hrn)
ticket.set_parent(self.get_auth_cred(parent_hrn))
ticket.encode()
ticket.sign()
return ticket
def get_auth_cred(self, xrn, kind="authority"):
hrn, type = urn_to_hrn(xrn)
auth_info = self.get_auth_info(hrn)
gid = auth_info.get_gid_object()
cred = Credential(subject=hrn)
cred.set_gid_caller(gid)
cred.set_gid_object(gid)
cred.set_privileges(kind)
cred.get_privileges().delegate_all_privileges(True)
#cred.set_pubkey(auth_info.get_gid_object().get_pubkey())
parent_hrn = get_authority(hrn)
if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
cred.set_issuer_keys(auth_info.get_privkey_filename(),
auth_info.get_gid_filename())
else:
# we need the parent's private key in order to sign this GID
parent_auth_info = self.get_auth_info(parent_hrn)
cred.set_issuer_keys(parent_auth_info.get_privkey_filename(),
parent_auth_info.get_gid_filename())
cred.set_parent(self.get_auth_cred(parent_hrn, kind))
cred.encode()
cred.sign()
return cred
def auth_exists(self, xrn):
hrn, type = urn_to_hrn(xrn)
(directory, gid_filename, privkey_filename) = \
self.get_auth_filenames(hrn)
print directory, gid_filename, privkey_filename
return os.path.exists(gid_filename) and os.path.exists(
privkey_filename)
def get_auth_filenames(self, xrn):
hrn, type = urn_to_hrn(xrn)
leaf = get_leaf(hrn)
parent_hrn = get_authority(hrn)
directory = os.path.join(self.basedir, hrn.replace(".", "/"))
gid_filename = os.path.join(directory, leaf+".gid")
privkey_filename = os.path.join(directory, leaf+".pkey")
return (directory, gid_filename, privkey_filename)
def get_auth_filenames(self, xrn):
hrn, type = urn_to_hrn(xrn)
leaf = get_leaf(hrn)
parent_hrn = get_authority(hrn)
directory = os.path.join(self.basedir, hrn.replace(".", "/"))
gid_filename = os.path.join(directory, leaf + ".gid")
privkey_filename = os.path.join(directory, leaf + ".pkey")
return (directory, gid_filename, privkey_filename)
def __init__(self, create=False, subject=None, string=None, filename=None, uuid=None, hrn=None, urn=None, lifeDays=1825):
Certificate.__init__(self, lifeDays, create, subject, string, filename)
if subject:
logger.debug("Creating GID for subject: %s" % subject)
if uuid:
self.uuid = int(uuid)
if hrn:
self.hrn = hrn
self.urn = hrn_to_urn(hrn, 'unknown')
if urn:
self.urn = urn
self.hrn, type = urn_to_hrn(urn)
def nodes(self):
nodes = []
# Retrieve interfaces from links and postprocess
# the data before returning the links
links = self.links()
for n in self.rspec.iterchildren("{%s}node" % (self.xmlns)):
# sliver = None
available = n.find("{%s}available" % (self.xmlns))
if available is not None:
available = available.attrib.get("now")
node = Node(n.attrib.get("component_id"),
n.attrib.get("component_manager_id"),
n.attrib.get("component_name"),
n.attrib.get("exclusive"), available)
self.__update_protogeni_cm_uuid(n, node)
# node_id = xrn.urn_to_hrn(n.get("component_id"))[0]
for link in links:
if len(link["links"]) <= 0:
continue
# Retrieve source_id of link to find the
# interfaces of the current node
node_interface = xrn.urn_to_hrn(link["links"][0]["source_id"])
# Otherwise, retrieve dest_id of link to find the interfaces
# of the current node
node_interface = node_interface or\
xrn.urn_to_hrn(link["links"][0]["dest_id"])
if node_interface:
# Get last part of the interface resource
node_interface =\
xrn.urn_to_hrn(node_interface[0])[0].split(".")[-1]
node.add_interface(node_interface)
nodes.append(node.serialize())
return nodes
def fetch_user_name_from_geni_users(geni_users):
"""
Given the GENI 'geni_users' structure, retrieves the proper
client or user identifier (may be a name, hrn or urn).
@param geni_users geni_users structure, passed from handler
@return user identifier
"""
client_urn = None
if len(geni_users) >= 1:
# Any could be used
#client_urn = geni_users[0]["urn"]
client_urn = xrn.urn_to_hrn(geni_users[0]["urn"])[0].replace("\\","")
#client_urn = xrn.get_leaf(xrn.urn_to_hrn(geni_users[0]["urn"])[0])
return client_urn
def fetch_user_name_from_geni_users(geni_users):
"""
Given the GENI 'geni_users' structure, retrieves the proper
client or user identifier (may be a name, hrn or urn).
@param geni_users geni_users structure, passed from handler
@return user identifier
"""
client_urn = None
if len(geni_users) >= 1:
# Any could be used
#client_urn = geni_users[0]["urn"]
client_urn = xrn.urn_to_hrn(geni_users[0]["urn"])[0].replace(
"\\", "")
#client_urn = xrn.get_leaf(xrn.urn_to_hrn(geni_users[0]["urn"])[0])
return client_urn
def get_auth_info(self, xrn):
hrn, type = urn_to_hrn(xrn)
if not self.auth_exists(hrn):
raise MissingAuthority(hrn)
(directory, gid_filename, privkey_filename, ) = \
self.get_auth_filenames(hrn)
auth_info = AuthInfo(hrn, gid_filename, privkey_filename)
# check the GID and see if it needs to be refreshed
gid = auth_info.get_gid_object()
gid_refreshed = self.refresh_gid(gid)
if gid != gid_refreshed:
auth_info.update_gid_object(gid_refreshed)
return auth_info
def get_auth_info(self, xrn):
hrn, type = urn_to_hrn(xrn)
if not self.auth_exists(hrn):
raise MissingAuthority(hrn)
(directory, gid_filename, privkey_filename, ) = \
self.get_auth_filenames(hrn)
auth_info = AuthInfo(hrn, gid_filename, privkey_filename)
# check the GID and see if it needs to be refreshed
gid = auth_info.get_gid_object()
gid_refreshed = self.refresh_gid(gid)
if gid != gid_refreshed:
auth_info.update_gid_object(gid_refreshed)
return auth_info
def get_felix_authority_from_urn(urn):
authority = ""
hrn, hrn_type = urn_to_hrn(urn)
# Remove leaf (the component_manager part)
hrn_list = hrn.split(".")
hrn = ".".join(hrn_list[:-1])
for hrn_element in hrn_list:
if hrn_element in URNUtils.FELIX_ORGS:
authority = hrn_element
break
# URN may not follow the standard format...
if len(authority) == 0:
try:
URNUtils.get_authority_from_urn(urn)
except:
pass
return authority
def get_felix_authority_from_urn(urn):
authority = ""
hrn, hrn_type = urn_to_hrn(urn)
# Remove leaf (the component_manager part)
hrn_list = hrn.split(".")
hrn = ".".join(hrn_list[:-1])
for hrn_element in hrn_list:
if hrn_element in URNUtils.FELIX_ORGS:
authority = hrn_element
break
# URN may not follow the standard format...
if len(authority) == 0:
try:
URNUtils.get_authority_from_urn(urn)
except:
pass
return authority
def create_auth(self, xrn, create_parents=False):
hrn, type = urn_to_hrn(str(xrn))
# create the parent authority if necessary
parent_hrn = get_authority(hrn)
parent_urn = hrn_to_urn(parent_hrn, 'authority')
if (parent_hrn) and (not self.auth_exists(parent_urn)) and (create_parents):
self.create_auth(parent_urn, create_parents)
(directory, gid_filename, privkey_filename,) = \
self.get_auth_filenames(hrn)
# create the directory to hold the files
try:
os.makedirs(directory)
# if the path already exists then pass
except OSError, (errno, strerr):
if errno == 17:
pass
def create_auth(self, xrn, create_parents=False):
hrn, type = urn_to_hrn(str(xrn))
# create the parent authority if necessary
parent_hrn = get_authority(hrn)
parent_urn = hrn_to_urn(parent_hrn, 'authority')
if (parent_hrn) and (not self.auth_exists(parent_urn)) and (
create_parents):
self.create_auth(parent_urn, create_parents)
(directory, gid_filename, privkey_filename,) = \
self.get_auth_filenames(hrn)
# create the directory to hold the files
try:
os.makedirs(directory)
# if the path already exists then pass
except OSError, (errno, strerr):
if errno == 17:
pass
def __init__(self, create=False, subject=None, string=None, filename=None, uuid=None, hrn=None, urn=None, lifeDays=1825, email=None):
self.uuid = None
self.hrn = None
self.urn = None
self.email = None # for adding to the SubjectAltName
Certificate.__init__(self, lifeDays, create, subject, string, filename)
if subject:
print "Creating GID for subject: %s" % subject
if uuid:
self.uuid = int(uuid)
if hrn:
self.hrn = hrn
self.urn = hrn_to_urn(hrn, 'unknown')
if urn:
self.urn = urn
self.hrn, type = urn_to_hrn(urn)
if email:
self.set_email(email)
def create_gid(self, xrn, uuid, pkey, CA=False, email=None):
hrn, type = urn_to_hrn(xrn)
if not type:
type = 'authority'
parent_hrn = get_authority(hrn)
# Using hrn_to_urn() here to make sure the urn is in the right format
# If xrn was a hrn instead of a urn, then the gid's urn will be
# of type None
urn = hrn_to_urn(hrn, type)
subject = self.get_subject(hrn)
if not subject:
subject = hrn
gid = GID(subject=subject, uuid=uuid, hrn=hrn, urn=urn, email=email)
# is this a CA cert
if hrn == self.config.SFA_INTERFACE_HRN or not parent_hrn:
# root or sub authority
gid.set_intermediate_ca(True)
elif type and 'authority' in type:
# authority type
gid.set_intermediate_ca(False)
elif CA:
gid.set_intermediate_ca(True)
else:
gid.set_intermediate_ca(False)
# set issuer
if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
gid.set_issuer(pkey, subject)
else:
# we need the parent's private key in order to sign this GID
parent_auth_info = self.get_auth_info(parent_hrn)
parent_gid = parent_auth_info.get_gid_object()
gid.set_issuer(parent_auth_info.get_pkey_object(),
parent_gid.get_extended_subject())
gid.set_parent(parent_auth_info.get_gid_object())
gid.set_pubkey(pkey)
gid.encode()
gid.sign()
return gid
def create_gid(self, xrn, uuid, pkey, CA=False, email=None):
hrn, type = urn_to_hrn(xrn)
if not type:
type = 'authority'
parent_hrn = get_authority(hrn)
# Using hrn_to_urn() here to make sure the urn is in the right format
# If xrn was a hrn instead of a urn, then the gid's urn will be
# of type None
urn = hrn_to_urn(hrn, type)
subject = self.get_subject(hrn)
if not subject:
subject = hrn
gid = GID(subject=subject, uuid=uuid, hrn=hrn, urn=urn, email=email)
# is this a CA cert
if hrn == self.config.SFA_INTERFACE_HRN or not parent_hrn:
# root or sub authority
gid.set_intermediate_ca(True)
elif type and 'authority' in type:
# authority type
gid.set_intermediate_ca(False)
elif CA:
gid.set_intermediate_ca(True)
else:
gid.set_intermediate_ca(False)
# set issuer
if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
gid.set_issuer(pkey, subject)
else:
# we need the parent's private key in order to sign this GID
parent_auth_info = self.get_auth_info(parent_hrn)
parent_gid = parent_auth_info.get_gid_object()
gid.set_issuer(parent_auth_info.get_pkey_object(), parent_gid.get_extended_subject())
gid.set_parent(parent_auth_info.get_gid_object())
gid.set_pubkey(pkey)
gid.encode()
gid.sign()
return gid
def decode(self):
data = self.get_data('subjectAltName')
dict = {}
if data:
if data.lower().startswith('uri:http://<params>'):
dict = xmlrpclib.loads(data[11:])[0][0]
else:
spl = data.split(', ')
for val in spl:
if val.lower().startswith('uri:urn:uuid:'):
dict['uuid'] = uuid.UUID(val[4:]).int
elif val.lower().startswith('uri:urn:publicid:idn+'):
dict['urn'] = val[4:]
elif val.lower().startswith('email:'):
# FIXME: Ensure there isn't cruft in that address...
# EG look for email:copy,....
dict['email'] = val[6:]
self.uuid = dict.get("uuid", None)
self.urn = dict.get("urn", None)
self.hrn = dict.get("hrn", None)
self.email = dict.get("email", None)
if self.urn:
self.hrn = urn_to_hrn(self.urn)[0]
def decode(self):
data = self.get_data('subjectAltName')
dict = {}
if data:
if data.lower().startswith('uri:http://<params>'):
dict = xmlrpclib.loads(data[11:])[0][0]
else:
spl = data.split(', ')
for val in spl:
if val.lower().startswith('uri:urn:uuid:'):
dict['uuid'] = uuid.UUID(val[4:]).int
elif val.lower().startswith('uri:urn:publicid:idn+'):
dict['urn'] = val[4:]
elif val.lower().startswith('email:'):
# FIXME: Ensure there isn't cruft in that address...
# EG look for email:copy,....
dict['email'] = val[6:]
self.uuid = dict.get("uuid", None)
self.urn = dict.get("urn", None)
self.hrn = dict.get("hrn", None)
self.email = dict.get("email", None)
if self.urn:
self.hrn = urn_to_hrn(self.urn)[0]
def decode(self):
if not self.xml:
return
doc = parseString(self.xml)
sigs = []
signed_cred = doc.getElementsByTagName("signed-credential")
# Is this a signed-cred or just a cred?
if len(signed_cred) > 0:
creds = signed_cred[0].getElementsByTagName("credential")
signatures = signed_cred[0].getElementsByTagName("signatures")
if len(signatures) > 0:
sigs = signatures[0].getElementsByTagName("Signature")
else:
creds = doc.getElementsByTagName("credential")
if creds is None or len(creds) == 0:
# malformed cred file
raise CredentialNotVerifiable("Malformed XML: No credential tag found")
# Just take the first cred if there are more than one
cred = creds[0]
self.set_refid(cred.getAttribute("xml:id"))
self.set_expiration(utcparse(getTextNode(cred, "expires")))
self.gidCaller = GID(string=getTextNode(cred, "owner_gid"))
self.gidObject = GID(string=getTextNode(cred, "target_gid"))
# Process privileges
privs = cred.getElementsByTagName("privileges")[0]
rlist = Rights()
for priv in privs.getElementsByTagName("privilege"):
kind = getTextNode(priv, "name")
deleg = str2bool(getTextNode(priv, "can_delegate"))
if kind == '*':
# Convert * into the default privileges for the credential's type
# Each inherits the delegatability from the * above
_ , type = urn_to_hrn(self.gidObject.get_urn())
rl = determine_rights(type, self.gidObject.get_urn())
for r in rl.rights:
r.delegate = deleg
rlist.add(r)
else:
rlist.add(Right(kind.strip(), deleg))
self.set_privileges(rlist)
# Is there a parent?
parent = cred.getElementsByTagName("parent")
if len(parent) > 0:
parent_doc = parent[0].getElementsByTagName("credential")[0]
parent_xml = parent_doc.toxml()
self.parent = Credential(string=parent_xml)
self.updateRefID()
# Assign the signatures to the credentials
for sig in sigs:
Sig = Signature(string=sig.toxml())
for cur_cred in self.get_credential_list():
if cur_cred.get_refid() == Sig.get_refid():
cur_cred.set_signature(Sig)
def set_urn(self, urn):
self.urn = urn
self.hrn, type = urn_to_hrn(urn)
def get_type(self):
if not self.urn:
self.decode()
_, t = urn_to_hrn(self.urn)
return t
def set_urn(self, urn):
self.urn = urn
self.hrn, type = urn_to_hrn(urn)
def decode(self):
if not self.xml:
return
doc = parseString(self.xml)
sigs = []
signed_cred = doc.getElementsByTagName("signed-credential")
# Is this a signed-cred or just a cred?
if len(signed_cred) > 0:
creds = signed_cred[0].getElementsByTagName("credential")
signatures = signed_cred[0].getElementsByTagName("signatures")
if len(signatures) > 0:
sigs = signatures[0].getElementsByTagName("Signature")
else:
creds = doc.getElementsByTagName("credential")
if creds is None or len(creds) == 0:
# malformed cred file
raise CredentialNotVerifiable("Malformed XML: No credential tag found")
# Just take the first cred if there are more than one
cred = creds[0]
self.set_refid(cred.getAttribute("xml:id"))
self.set_expiration(utcparse(getTextNode(cred, "expires")))
# import traceback
# stack = traceback.extract_stack()
og = getTextNode(cred, "owner_gid")
# ABAC creds will have this be None and use this method
# if og is None:
# found = False
# for frame in stack:
# if 'super(ABACCredential, self).decode()' in frame:
# found = True
# break
# if not found:
# raise CredentialNotVerifiable("Malformed XML: No owner_gid found")
self.gidCaller = GID(string=og)
tg = getTextNode(cred, "target_gid")
# if tg is None:
# found = False
# for frame in stack:
# if 'super(ABACCredential, self).decode()' in frame:
# found = True
# break
# if not found:
# raise CredentialNotVerifiable("Malformed XML: No target_gid found")
self.gidObject = GID(string=tg)
# Process privileges
rlist = Rights()
priv_nodes = cred.getElementsByTagName("privileges")
if len(priv_nodes) > 0:
privs = priv_nodes[0]
for priv in privs.getElementsByTagName("privilege"):
kind = getTextNode(priv, "name")
deleg = str2bool(getTextNode(priv, "can_delegate"))
if kind == '*':
# Convert * into the default privileges for the credential's type
# Each inherits the delegatability from the * above
_ , type = urn_to_hrn(self.gidObject.get_urn())
rl = determine_rights(type, self.gidObject.get_urn())
for r in rl.rights:
r.delegate = deleg
rlist.add(r)
else:
rlist.add(Right(kind.strip(), deleg))
self.set_privileges(rlist)
# Is there a parent?
parent = cred.getElementsByTagName("parent")
if len(parent) > 0:
parent_doc = parent[0].getElementsByTagName("credential")[0]
parent_xml = parent_doc.toxml("utf-8")
if parent_xml is None or parent_xml.strip() == "":
raise CredentialNotVerifiable("Malformed XML: Had parent tag but it is empty")
self.parent = Credential(string=parent_xml)
self.updateRefID()
# Assign the signatures to the credentials
for sig in sigs:
Sig = Signature(string=sig.toxml("utf-8"))
for cur_cred in self.get_credential_list():
if cur_cred.get_refid() == Sig.get_refid():
cur_cred.set_signature(Sig)
def __init__(self, xrn, gid_filename, privkey_filename):
hrn, type = urn_to_hrn(xrn)
self.hrn = hrn
self.set_gid_filename(gid_filename)
self.privkey_filename = privkey_filename
def __init__(self, xrn, gid_filename, privkey_filename):
hrn, type = urn_to_hrn(xrn)
self.hrn = hrn
self.set_gid_filename(gid_filename)
self.privkey_filename = privkey_filename
def get_type(self):
if not self.urn:
self.decode()
_, t = urn_to_hrn(self.urn)
return t
