Exemplo n.º 1
0
    def __set_domain_component_id(self, resource_cid):
        """
        Retrieve domain URN from component ID.
        """
        try:
            self.debug("Getting Domain info from resource-id: %s" %
                       (resource_cid, ))
            # First part of the tuple
            resource_hrn = xrn.urn_to_hrn(resource_cid)[0]
            # Conversion from HRN to URN sometimes translates
            # "." by "\.". Corrected here
            resource_hrn = resource_hrn.replace("\.", ".")
            # Auth URN is already there
            #resource_auth = xrn.get_authority(resource_hrn)
            resource_auth = resource_hrn
            resource_cid = xrn.hrn_to_urn(resource_auth, "authority")
            self.domain_urn = resource_cid
            self.info("The URN is well-formed, update domain-urn: %s" %
                      (self.domain_urn, ))

        except Exception as e:
            self.error("Malformed URN on resource_detector. Exception: %s" %
                       str(e))
            # XXX_FIXME_XXX: this is just a workaround.
            # We reuse the component-id as prefix of the "autority" string.
            # We also introduce "malformed" just to point out this case!
            self.domain_urn = resource_cid + "+malformed+" + "authority+sa"
            self.warning("Malformed Domain URN: %s" % (self.domain_urn, ))
Exemplo n.º 2
0
    def __set_domain_component_id(self, resource_cid):
        """
        Retrieve domain URN from component ID.
        """
        try:
            self.debug("Getting Domain info from resource-id: %s" %
                       (resource_cid,))
            # First part of the tuple
            resource_hrn = xrn.urn_to_hrn(resource_cid)[0]
            # Conversion from HRN to URN sometimes translates
            # "." by "\.". Corrected here
            resource_hrn = resource_hrn.replace("\.", ".")
            # Auth URN is already there
            #resource_auth = xrn.get_authority(resource_hrn)
            resource_auth = resource_hrn
            resource_cid = xrn.hrn_to_urn(resource_auth, "authority")
            self.domain_urn = resource_cid
            self.info("The URN is well-formed, update domain-urn: %s" %
                      (self.domain_urn,))

        except Exception as e:
            self.error("Malformed URN on resource_detector. Exception: %s" %
                       str(e))
            # XXX_FIXME_XXX: this is just a workaround.
            # We reuse the component-id as prefix of the "autority" string.
            # We also introduce "malformed" just to point out this case!
            self.domain_urn = resource_cid + "+malformed+" + "authority+sa"
            self.warning("Malformed Domain URN: %s" % (self.domain_urn,))
Exemplo n.º 3
0
    def __init__(self,
                 create=False,
                 subject=None,
                 string=None,
                 filename=None,
                 uuid=None,
                 hrn=None,
                 urn=None,
                 lifeDays=1825,
                 email=None):
        self.uuid = None
        self.hrn = None
        self.urn = None
        self.email = None  # for adding to the SubjectAltName
        Certificate.__init__(self, lifeDays, create, subject, string, filename)

        if subject:
            print "Creating GID for subject: %s" % subject
        if uuid:
            self.uuid = int(uuid)
        if hrn:
            self.hrn = hrn
            self.urn = hrn_to_urn(hrn, 'unknown')
        if urn:
            self.urn = urn
            self.hrn, type = urn_to_hrn(urn)
        if email:
            self.set_email(email)
Exemplo n.º 4
0
 def __init__(self, create=False, subject=None, string=None, filename=None, uuid=None, hrn=None, urn=None, lifeDays=1825):
     
     Certificate.__init__(self, lifeDays, create, subject, string, filename)
     if subject:
         logger.debug("Creating GID for subject: %s" % subject)
     if uuid:
         self.uuid = int(uuid)
     if hrn:
         self.hrn = hrn
         self.urn = hrn_to_urn(hrn, 'unknown')
     if urn:
         self.urn = urn
         self.hrn, type = urn_to_hrn(urn)
Exemplo n.º 5
0
    def encode(self):
        if self.urn:
            urn = self.urn
        else:
            urn = hrn_to_urn(self.hrn, None)
            
        str = "URI:" + urn

        if self.uuid:
            str += ", " + "URI:" + uuid.UUID(int=self.uuid).urn
        
        if self.email:
            str += ", " + "email:" + self.email

        self.set_data(str, 'subjectAltName')
Exemplo n.º 6
0
    def encode(self):
        if self.urn:
            urn = self.urn
        else:
            urn = hrn_to_urn(self.hrn, None)

        str = "URI:" + urn

        if self.uuid:
            str += ", " + "URI:" + uuid.UUID(int=self.uuid).urn

        if self.email:
            str += ", " + "email:" + self.email

        self.set_data(str, 'subjectAltName')
Exemplo n.º 7
0
    def create_auth(self, xrn, create_parents=False):
        hrn, type = urn_to_hrn(str(xrn))

        # create the parent authority if necessary
        parent_hrn = get_authority(hrn)
        parent_urn = hrn_to_urn(parent_hrn, 'authority')
        if (parent_hrn) and (not self.auth_exists(parent_urn)) and (create_parents):
            self.create_auth(parent_urn, create_parents)
        (directory, gid_filename, privkey_filename,) = \
            self.get_auth_filenames(hrn)

        # create the directory to hold the files
        try:
            os.makedirs(directory)
        # if the path already exists then pass
        except OSError, (errno, strerr):
            if errno == 17:
                pass
Exemplo n.º 8
0
 def __init__(self, create=False, subject=None, string=None, filename=None, uuid=None, hrn=None, urn=None, lifeDays=1825, email=None):
     self.uuid = None
     self.hrn = None
     self.urn = None
     self.email = None # for adding to the SubjectAltName
     Certificate.__init__(self, lifeDays, create, subject, string, filename)
     
     if subject:
         print "Creating GID for subject: %s" % subject
     if uuid:
         self.uuid = int(uuid)
     if hrn:
         self.hrn = hrn
         self.urn = hrn_to_urn(hrn, 'unknown')
     if urn:
         self.urn = urn
         self.hrn, type = urn_to_hrn(urn)
     if email:
         self.set_email(email) 
Exemplo n.º 9
0
    def create_gid(self, xrn, uuid, pkey, CA=False, email=None):
        hrn, type = urn_to_hrn(xrn)
        if not type:
            type = 'authority'
        parent_hrn = get_authority(hrn)
        # Using hrn_to_urn() here to make sure the urn is in the right format
        # If xrn was a hrn instead of a urn, then the gid's urn will be
        # of type None
        urn = hrn_to_urn(hrn, type)
        subject = self.get_subject(hrn)
        if not subject:
            subject = hrn
        gid = GID(subject=subject, uuid=uuid, hrn=hrn, urn=urn, email=email)
        # is this a CA cert
        if hrn == self.config.SFA_INTERFACE_HRN or not parent_hrn:
            # root or sub authority
            gid.set_intermediate_ca(True)
        elif type and 'authority' in type:
            # authority type
            gid.set_intermediate_ca(False)
        elif CA:
            gid.set_intermediate_ca(True)
        else:
            gid.set_intermediate_ca(False)

        # set issuer
        if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
            # if there is no parent hrn, then it must be self-signed. this
            # is where we terminate the recursion
            gid.set_issuer(pkey, subject)
        else:
            # we need the parent's private key in order to sign this GID
            parent_auth_info = self.get_auth_info(parent_hrn)
            parent_gid = parent_auth_info.get_gid_object()
            gid.set_issuer(parent_auth_info.get_pkey_object(),
                           parent_gid.get_extended_subject())
            gid.set_parent(parent_auth_info.get_gid_object())

        gid.set_pubkey(pkey)
        gid.encode()
        gid.sign()

        return gid
Exemplo n.º 10
0
    def create_auth(self, xrn, create_parents=False):
        hrn, type = urn_to_hrn(str(xrn))

        # create the parent authority if necessary
        parent_hrn = get_authority(hrn)
        parent_urn = hrn_to_urn(parent_hrn, 'authority')
        if (parent_hrn) and (not self.auth_exists(parent_urn)) and (
                create_parents):
            self.create_auth(parent_urn, create_parents)
        (directory, gid_filename, privkey_filename,) = \
            self.get_auth_filenames(hrn)

        # create the directory to hold the files
        try:
            os.makedirs(directory)
        # if the path already exists then pass
        except OSError, (errno, strerr):
            if errno == 17:
                pass
Exemplo n.º 11
0
    def create_gid(self, xrn, uuid, pkey, CA=False, email=None):
        hrn, type = urn_to_hrn(xrn)
        if not type:
            type = 'authority'
        parent_hrn = get_authority(hrn)
        # Using hrn_to_urn() here to make sure the urn is in the right format
        # If xrn was a hrn instead of a urn, then the gid's urn will be
        # of type None 
        urn = hrn_to_urn(hrn, type)
        subject = self.get_subject(hrn)
        if not subject:
            subject = hrn
        gid = GID(subject=subject, uuid=uuid, hrn=hrn, urn=urn, email=email)
        # is this a CA cert
        if hrn == self.config.SFA_INTERFACE_HRN or not parent_hrn:
            # root or sub authority  
            gid.set_intermediate_ca(True)
        elif type and 'authority' in type:
            # authority type
            gid.set_intermediate_ca(False)
        elif CA:
            gid.set_intermediate_ca(True)
        else:
            gid.set_intermediate_ca(False)

        # set issuer
        if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
            # if there is no parent hrn, then it must be self-signed. this
            # is where we terminate the recursion
            gid.set_issuer(pkey, subject)
        else:
            # we need the parent's private key in order to sign this GID
            parent_auth_info = self.get_auth_info(parent_hrn)
            parent_gid = parent_auth_info.get_gid_object()
            gid.set_issuer(parent_auth_info.get_pkey_object(), parent_gid.get_extended_subject())
            gid.set_parent(parent_auth_info.get_gid_object())

        gid.set_pubkey(pkey)
        gid.encode()
        gid.sign()

        return gid