def __test(): import optparse usage = "%prog [options]" desc = "proxy and attribute cert test" parser = optparse.OptionParser(usage=usage, description=desc) parser.add_option("-c", "--cert", dest="icert", default="~/.ssl/encrypted.pem", help="user (issuer) certificate") parser.add_option("-k", "--key", dest="ikey", default="~/.ssl/encrypted.pem", help="user (issuer) key") parser.add_option("-s", "--scert", dest="scert", default=None, help="subject cert (e.g. proxy cert)") parser.add_option("-a", "--attribute", dest="attr", action="store_true", help="make an attribute certificate") parser.add_option("-r", "--role", dest="role", default=None, help="role to assign") parser.add_option("-l", "--lifetime", dest="lt", default=7, help="certificate lifetime (default=%default)") parser.add_option("-o", "--certout", dest="outcert", default=None, help="name of output certificate") parser.add_option("-u", "--keyout", dest="outkey", default=None, help="name of output key file") parser.add_option("-n", "--cn", dest="cn", default="12345678", help="common name to append to proxy subject") options, args = parser.parse_args(sys.argv[1:]) from M2Crypto.util import passphrase_callback passphrase = str(passphrase_callback(1, "Enter passphrase:", "Verify passphrase:")) if options.attr and options.role and options.scert and options.outcert: make_attribute_cert(options.icert, options.ikey, options.scert, options.role, options.outcert, passphrase) if (not options.attr) and options.outcert and options.outkey: make_proxy_cert(options.icert, options.ikey, options.outcert, options.outkey, options.cn, options.lt, passphrase)
""" if os.path.exists(PASSPHRASEFILE): try: passphrase = open(PASSPHRASEFILE).readline() passphrase = passphrase.strip() return passphrase except IOError, e: print 'Error reading passphrase file %s: %s' % (PASSPHRASEFILE, e.strerror) else: if debug: print 'passphrase file %s does not exist' % (PASSPHRASEFILE) if not "passphrase" in dir( PassPhraseCB ): # Prompt user if PASSPHRASEFILE does not exist or could not be read. from M2Crypto.util import passphrase_callback PassPhraseCB.passphrase = passphrase_callback(v, prompt1, prompt2) return PassPhraseCB.passphrase def geni_am_response_handler(method, method_args): """Handles the GENI AM responses, which are different from the ProtoGENI responses. ProtoGENI always returns a dict with three keys (code, value, and output. GENI AM operations return the value, or an XML RPC Fault if there was a problem. """ return apply(method, method_args) def dotty(): counter = 0 while threading.currentThread().keep_going: sys.stderr.write( ( "/-\\|"[ counter ] ) + "\010" ) counter = ( counter + 1 ) & 3
def _passphrase_callback(*args, **keywords): passphrase = m2_util.passphrase_callback(*args, **keywords) if passphrase is None: return passphrase return passphrase.encode()
callback. Return the passphrase. """ if os.path.exists(PASSPHRASEFILE): try: passphrase = open(PASSPHRASEFILE).readline() passphrase = passphrase.strip() return passphrase except IOError, e: print 'Error reading passphrase file %s: %s' % (PASSPHRASEFILE, e.strerror) else: if debug: print 'passphrase file %s does not exist' % (PASSPHRASEFILE) # Prompt user if PASSPHRASEFILE does not exist or could not be read. from M2Crypto.util import passphrase_callback return passphrase_callback(v, prompt1, prompt2) def geni_am_response_handler(method, method_args): """Handles the GENI AM responses, which are different from the ProtoGENI responses. ProtoGENI always returns a dict with three keys (code, value, and output. GENI AM operations return the value, or an XML RPC Fault if there was a problem. """ return apply(method, method_args) # # Call the rpc server. # def do_method(module, method, params, URI=None, quiet=False, version=None, response_handler=None):
callback. Return the passphrase. """ if os.path.exists(PASSPHRASEFILE): try: passphrase = open(PASSPHRASEFILE).readline() passphrase = passphrase.strip() return passphrase except IOError, e: print 'Error reading passphrase file %s: %s' % (PASSPHRASEFILE, e.strerror) else: if debug: print 'passphrase file %s does not exist' % (PASSPHRASEFILE) # Prompt user if PASSPHRASEFILE does not exist or could not be read. from M2Crypto.util import passphrase_callback return passphrase_callback(v, prompt1, prompt2) def geni_am_response_handler(method, method_args): """Handles the GENI AM responses, which are different from the ProtoGENI responses. ProtoGENI always returns a dict with three keys (code, value, and output. GENI AM operations return the value, or an XML RPC Fault if there was a problem. """ return apply(method, method_args) # # Call the rpc server. # def do_method(module,
global passphrase """Acquire the encrypted certificate passphrase by reading a file or prompting the user. This is an M2Crypto callback. If the passphrase file exists and is readable, use it. If the passphrase file does not exist or is not readable, delegate to the standard M2Crypto passphrase callback. Return the passphrase. """ if os.path.exists(PASSPHRASEFILE): try: passphrase = open(PASSPHRASEFILE).readline() passphrase = passphrase.strip() return passphrase except IOError, e: print 'Error reading passphrase file %s: %s' % (PASSPHRASEFILE,e.strerror) from M2Crypto.util import passphrase_callback passphrase = str(passphrase_callback(1, prompt1, prompt2)) return passphrase def noKey(): return '' def generate_key_without_passphrase(keyfile,LOGFILE,debug): if ',ENCRYPTED' in open(FILE).read(): key = RSA.load_key(FILE,gemini_util.PassPhraseCB) key.save_key(mynopasskeyfile,None,noKey) else: return keyfile def sshConnection(hostname,port,username,key_filename,what_to_do,cmd=None,localFile=None,remoteFile=None): #' > /dev/null 2>&1 &'
def passwd_callback(self, v): return util.passphrase_callback(v, prompt1="Enter Credential passphrase", prompt2=None)
import re import stat import xmlrpclib from M2Crypto import SSL, X509 def RememberCB( c, prompt1 = '', prompt2 = '' ): return passphrase execfile( "test-common.py" ) if os.path.exists( PASSPHRASEFILE ): Fatal( "A passphrase has already been stored." ) from M2Crypto.util import passphrase_callback while True: passphrase = passphrase_callback(0) if not os.path.exists(CERTIFICATE): print >> sys.stderr, "Warning:", CERTIFICATE, "not found; cannot " \ "verify passphrase." break try: ctx = SSL.Context( "sslv23" ) ctx.load_cert( CERTIFICATE, CERTIFICATE, RememberCB ) except M2Crypto.SSL.SSLError, err: print >> sys.stderr, "Could not decrypt key. Please try again." continue break f = open( PASSPHRASEFILE, "w" )
""" if os.path.exists(PASSPHRASEFILE): try: passphrase = open(PASSPHRASEFILE).readline() passphrase = passphrase.strip() return passphrase except IOError, e: print 'Error reading passphrase file %s: %s' % (PASSPHRASEFILE, e.strerror) else: if debug: print 'passphrase file %s does not exist' % (PASSPHRASEFILE) if not "passphrase" in dir(PassPhraseCB): # Prompt user if PASSPHRASEFILE does not exist or could not be read. from M2Crypto.util import passphrase_callback PassPhraseCB.passphrase = passphrase_callback(v, prompt1, prompt2) return PassPhraseCB.passphrase def geni_am_response_handler(method, method_args): """Handles the GENI AM responses, which are different from the ProtoGENI responses. ProtoGENI always returns a dict with three keys (code, value, and output. GENI AM operations return the value, or an XML RPC Fault if there was a problem. """ return apply(method, method_args) def dotty(): counter = 0 while threading.currentThread().keep_going:
def __test(): import optparse usage = "%prog [options]" desc = "proxy and attribute cert test" parser = optparse.OptionParser(usage=usage, description=desc) parser.add_option("-c", "--cert", dest="icert", default="~/.ssl/encrypted.pem", help="user (issuer) certificate") parser.add_option("-k", "--key", dest="ikey", default="~/.ssl/encrypted.pem", help="user (issuer) key") parser.add_option("-s", "--scert", dest="scert", default=None, help="subject cert (e.g. proxy cert)") parser.add_option("-a", "--attribute", dest="attr", action="store_true", help="make an attribute certificate") parser.add_option("-r", "--role", dest="role", default=None, help="role to assign") parser.add_option("-l", "--lifetime", dest="lt", default=7, help="certificate lifetime (default=%default)") parser.add_option("-o", "--certout", dest="outcert", default=None, help="name of output certificate") parser.add_option("-u", "--keyout", dest="outkey", default=None, help="name of output key file") parser.add_option("-n", "--cn", dest="cn", default="12345678", help="common name to append to proxy subject") options, args = parser.parse_args(sys.argv[1:]) from M2Crypto.util import passphrase_callback passphrase = str( passphrase_callback(1, "Enter passphrase:", "Verify passphrase:")) if options.attr and options.role and options.scert and options.outcert: make_attribute_cert(options.icert, options.ikey, options.scert, options.role, options.outcert, passphrase) if (not options.attr) and options.outcert and options.outkey: make_proxy_cert(options.icert, options.ikey, options.outcert, options.outkey, options.cn, options.lt, passphrase)