source: fedd/cert_to_fedid.py @ ac15159

#!/usr/local/bin/python

import sys, os
import subprocess, tempfile

from string import join
from optparse import OptionParser
from federation.util import abac_pem_type, abac_split_cert

class Parser(OptionParser):
    def __init__(self):
        OptionParser.__init__(self, usage='%prog [options]')
        self.add_option('--out', dest='out', help='destination file',
                default='./cert.pem')
        self.add_option('--debug', dest='debug', action='store_true', 
                default=False, help='Just print command')
        self.add_option('--openssl', dest='openssl',
                help='Path to openssl command', default='/usr/bin/openssl')

parser = Parser()
opts, args = parser.parse_args()
delete_key = False

if args:
    key = args[0]

ktype = abac_pem_type(key)
if ktype == 'both':
    key, cert = abac_split_cert(key)
    os.unlink(cert)
    delete_key = True
elif ktype != 'key':
    sys.exit('Cannot use %s as identity.  It is a %s ' % ktype + 
        'and we were expecting a key')


try:
    tf, tn = tempfile.mkstemp(suffix=".pem")
    cmd = [opts.openssl, 'req', '-new', '-nodes', '-subj', 
            '/CN=users.isi.deterlab.net', '-x509', '-days',  '3650',
            '-key', key, '-out', tn]
    if opts.debug:
        print join(cmd)
        sys.exit(0)
    else:
        rv = subprocess.call(cmd)
        if rv == 0:
            try:
                of = os.fdopen(os.open(opts.out, 
                    os.O_WRONLY | os.O_CREAT, 0600), 'w')
                for inf in (tn, key):
                    f = open(inf, 'r')
                    for line in f:
                        print >>of, line,
                    f.close()
                of.close()
            except EnvironmentError, e:
                sys.exit("Cannot open %s: %s" % (efilename, e.strerror))
        else:
            sys.exit("%s failed: %d" % (opts.openssl, rv))
finally:
    if delete_key and key: os.unlink(key)