def urn_to_username(urn):
"""Create a valid username from a URN.
This creates the username by taking the authority part of
the URN, and the name part of the URN and joining them with "@".
Any characters other than letters, digits, '@', '-', '_', '+', and '.'
are replace with '_'.
e.g. "urn:publicid:IDN+stanford:expedient%26+user+jnaous" becomes
"jnaous@expedient_26.stanford"
The authority part of the URN is truncated to 155 characters, and the
name part is truncated to 100 characters.
@param urn: a urn to turn into a username
@type urn: C{str}
@return: a valid username
@rtype: C{str}
"""
invalid_chars_re = re.compile(r"[^\w@+.-]")
urn = URN(urn=str(urn))
auth = urn.getAuthority()
auth = auth.split("//")
auth.reverse()
auth = ".".join(auth)
if len(auth) > 150:
auth = auth[:150]
name = urn.getName()
if len(name) > 100:
name = name[:100]
username = name + "@" + auth
# replace all invalid chars with _
username = invalid_chars_re.sub("_", username)
assert (len(username) <= 255)
return username
def urn_to_username(urn):
"""Create a valid username from a URN.
This creates the username by taking the authority part of
the URN, and the name part of the URN and joining them with "@".
Any characters other than letters, digits, '@', '-', '_', '+', and '.'
are replace with '_'.
e.g. "urn:publicid:IDN+stanford:expedient%26+user+jnaous" becomes
"jnaous@expedient_26.stanford"
The authority part of the URN is truncated to 155 characters, and the
name part is truncated to 100 characters.
@param urn: a urn to turn into a username
@type urn: C{str}
@return: a valid username
@rtype: C{str}
"""
invalid_chars_re = re.compile(r"[^\w@+.-]")
urn = URN(urn=str(urn))
auth = urn.getAuthority()
auth = auth.split("//")
auth.reverse()
auth = ".".join(auth)
if len(auth) > 150:
auth = auth[:150]
name = urn.getName()
if len(name) > 100:
name =name[:100]
username = name + "@" + auth
# replace all invalid chars with _
username = invalid_chars_re.sub("_", username)
assert(len(username) <= 255)
return username
def create_cert(urn, issuer_key=None, issuer_cert=None, intermediate=False):
'''Create a new certificate and return it and the associated keys.
If issuer cert and key are given, they sign the certificate. Otherwise
it is a self-signed certificate.
If intermediate then mark this
as an intermediate CA certificate (can sign).
Certificate URN must be supplied.
CN of the cert will be dotted notation authority.type.name from the URN.
'''
# Note the below throws a ValueError if it wasnt a valid URN
c_urn = URN(urn=urn)
dotted = '%s.%s.%s' % (c_urn.getAuthority(), c_urn.getType(), c_urn.getName())
newgid = GID(create=True, subject=dotted[:64],
urn=urn)
keys = Keypair(create=True)
newgid.set_pubkey(keys)
if intermediate:
# This cert will be able to sign certificates
newgid.set_intermediate_ca(intermediate)
if issuer_key and issuer_cert:
# the given issuer will issue this cert
if isinstance(issuer_key,str):
issuer_key = Keypair(filename=issuer_key)
if isinstance(issuer_cert,str):
issuer_cert = GID(filename=issuer_cert)
newgid.set_issuer(issuer_key, cert=issuer_cert)
newgid.set_parent(issuer_cert)
else:
# create a self-signed cert
newgid.set_issuer(keys, subject=dotted)
newgid.encode()
newgid.sign()
return newgid, keys
