Changeset 51cc9df
- Timestamp:
- Nov 21, 2008 10:53:55 AM (16 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master, version-1.30, version-2.00, version-3.01, version-3.02
- Children:
- c971895
- Parents:
- 9460b1e
- Location:
- fedd
- Files:
-
- 1 added
- 8 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/fedd.py
r9460b1e r51cc9df 14 14 from optparse import OptionParser 15 15 16 from fedd_util import fedd_ssl_context, fedid 16 from fedd_util import fedd_ssl_context 17 from fedid import fedid 17 18 from fedd_deter_impl import new_feddservice 18 19 from fedd_services import ns0 -
fedd/fedd_access.py
r9460b1e r51cc9df 22 22 from fedd_util import * 23 23 from fedd_allocate_project import * 24 from fedid import fedid, generate_fedid 24 25 import parse_detail 25 26 from service_error import * -
fedd/fedd_allocate_project.py
r9460b1e r51cc9df 20 20 from fedd_internal_services import * 21 21 from fedd_util import * 22 from fedid import fedid 22 23 from fixed_resource import read_key_db, read_project_db 23 24 from remote_service import xmlrpc_handler, soap_handler, service_caller -
fedd/fedd_client.py
r9460b1e r51cc9df 20 20 import xmlrpclib 21 21 22 from fedd_util import fedid, fedd_ssl_context, pack_id, unpack_id 22 from fedd_util import fedd_ssl_context, pack_id, unpack_id 23 from fedid import fedid 23 24 from remote_service import service_caller 24 25 from service_error import * -
fedd/fedd_experiment_control.py
r9460b1e r51cc9df 27 27 from fedd_internal_services import * 28 28 from fedd_util import * 29 from fedid import fedid, generate_fedid 29 30 from remote_service import xmlrpc_handler, soap_handler, service_caller 30 31 import parse_detail -
fedd/fedd_split.py
r9460b1e r51cc9df 27 27 from fedd_internal_services import * 28 28 from fedd_util import * 29 from fedid import fedid 29 30 from remote_service import xmlrpc_handler, soap_handler 30 31 import parse_detail -
fedd/fedd_util.py
r9460b1e r51cc9df 1 1 #!/usr/local/bin/python 2 2 3 import os, sys4 import subprocess5 import tempfile6 3 import logging 7 import copy8 4 9 from M2Crypto import SSL, X509, EVP 10 from pyasn1.codec.der import decoder 11 12 # The version of M2Crypto on users is pretty old and doesn't have all the 13 # features that are useful. The legacy code is somewhat more brittle than the 14 # main line, but will work. 15 if "as_der" not in dir(EVP.PKey): 16 from asn1_raw import get_key_bits_from_file, get_key_bits_from_cert 17 legacy = True 18 else: 19 legacy = False 5 from M2Crypto import SSL 6 from fedid import fedid 20 7 21 8 class fedd_ssl_context(SSL.Context): … … 51 38 self.set_verify(SSL.verify_peer, 10) 52 39 53 class fedid:54 """55 Wrapper around the federated ID from an X509 certificate.56 """57 HASHSIZE=2058 def __init__(self, bits=None, hexstr=None, cert=None, file=None):59 if bits != None:60 self.set_bits(bits)61 elif hexstr != None:62 self.set_hexstr(hexstr)63 elif cert != None:64 self.set_cert(cert)65 elif file != None:66 self.set_file(file)67 else:68 self.buf = None69 70 def __hash__(self):71 return hash(self.buf)72 73 def __eq__(self, other):74 if isinstance(other, type(self)):75 return self.buf == other.buf76 elif isinstance(other, type(str())):77 return self.buf == other;78 else:79 return False80 81 def __ne__(self, other): return not self.__eq__(other)82 83 def __str__(self):84 if self.buf != None:85 return str().join([ "%02x" % ord(x) for x in self.buf])86 else: return ""87 88 def __repr__(self):89 return "fedid(hexstr='%s')" % self.__str__()90 91 def pack_soap(self):92 return self.buf93 94 def pack_xmlrpc(self):95 return self.buf96 97 def digest_bits(self, bits):98 """Internal function. Compute the fedid from bits and store in buf"""99 d = EVP.MessageDigest('sha1')100 d.update(bits)101 self.buf = d.final()102 103 104 def set_hexstr(self, hexstr):105 h = hexstr.replace(':','')106 self.buf= str().join([chr(int(h[i:i+2],16)) \107 for i in range(0,2*fedid.HASHSIZE,2)])108 109 def get_hexstr(self):110 """Return the hexstring representation of the fedid"""111 return __str__(self)112 113 def set_bits(self, bits):114 """Set the fedid to bits(a 160 bit buffer)"""115 self.buf = bits116 117 def get_bits(self):118 """Get the 160 bit buffer from the fedid"""119 return self.buf120 121 def set_file(self, file):122 """Get the fedid from a certificate file123 124 Calculate the SHA1 hash over the bit string of the public key as125 defined in RFC3280.126 """127 self.buf = None128 if legacy: self.digest_bits(get_key_bits_from_file(file))129 else: self.set_cert(X509.load_cert(file))130 131 def set_cert(self, cert):132 """Get the fedid from a certificate.133 134 Calculate the SHA1 hash over the bit string of the public key as135 defined in RFC3280.136 """137 138 self.buf = None139 if (cert != None):140 if legacy:141 self.digest_bits(get_key_bits_from_cert(cert))142 else:143 b = []144 k = cert.get_pubkey()145 146 # Getting the key was easy, but getting the bit string of the147 # key requires a side trip through ASN.1148 dec = decoder.decode(k.as_der())149 150 # kv is a tuple of the bits in the key. The loop below151 # recombines these into bytes and then into a buffer for the152 # SSL digest function.153 kv = dec[0].getComponentByPosition(1)154 for i in range(0, len(kv), 8):155 v = 0156 for j in range(0, 8):157 v = (v << 1) + kv[i+j]158 b.append(v)159 # The comprehension turns b from a list of bytes into a buffer160 # (string) of bytes161 self.digest_bits(str().join([chr(x) for x in b]))162 163 40 def pack_id(id): 164 41 """ … … 175 52 if id.has_key(k): return id[k] 176 53 return None 177 178 def generate_fedid(subj, bits=2048, log=None, dir=None, trace=sys.stderr,179 ssl_prog="/usr/bin/openssl"):180 """181 Create a new certificate and derive a fedid from it.182 183 The fedid and the certificate are returned as a tuple.184 """185 186 keypath = None187 certpath = None188 try:189 try:190 kd, keypath = tempfile.mkstemp(dir=dir, prefix="key",191 suffix=".pem")192 cd, certpath = tempfile.mkstemp(dir=dir, prefix="cert",193 suffix=".pem")194 195 cmd = [ssl_prog, "req", "-text", "-newkey",196 "rsa:%d" % bits, "-keyout", keypath, "-nodes",197 "-subj", "/CN=%s" % subj, "-x509", "-days", "30",198 "-out", certpath]199 200 if log:201 log.debug("[generate_fedid] %s" % " ".join(cmd))202 203 if trace: call_out = trace204 else:205 call_out = open("/dev/null", "w")206 207 rv = subprocess.call(cmd, stdout=call_out, stderr=call_out)208 log.debug("rv = %d" % rv)209 if rv == 0:210 cert = ""211 for p in (certpath, keypath):212 f = open(p)213 for line in f:214 cert += line215 216 fid = fedid(file=certpath)217 return (fid, cert)218 else:219 return (None, None)220 except IOError, e:221 raise e222 finally:223 if keypath: os.remove(keypath)224 if certpath: os.remove(certpath)225 54 226 55 def set_log_level(config, sect, log): -
fedd/remote_service.py
r9460b1e r51cc9df 10 10 from xmlrpclib import ServerProxy, dumps, loads, Fault, Error, Binary 11 11 12 from fedd_util import fedd_ssl_context, fedid 12 from fedd_util import fedd_ssl_context 13 from fedid import fedid 13 14 14 15
Note: See TracChangeset
for help on using the changeset viewer.