6 from geniserver import *
8 # DummyRegistry implements the security layer for a registry. It creates GIDs
9 # by using the public key contained in client's certificate.
12 class DummyRegistry(GeniServer):
15 def __init__(self, ip, port, key_file, cert_file):
16 GeniServer.__init__(self, ip, port, key_file, cert_file)
18 def register_functions(self):
19 GeniServer.register_functions(self)
20 self.server.register_function(self.get_self_credential)
21 self.server.register_function(self.get_credential)
22 self.server.register_function(self.get_gid)
24 def resolve_gid(self, name):
25 gid = self.gid_dict.get(name, None)
29 # assume the user is who he says he is, and create a GID for him
30 peer_cert = self.server.peer_cert
31 gid = GID(subject=name, uuid=create_uuid(), hrn=name)
32 gid.set_pubkey(peer_cert.get_pubkey())
33 gid.set_issuer(key=self.key, cert=self.cert)
37 self.gid_dict[name] = gid
41 def get_gid(self, name):
42 gid_list = self.resolve_gid(name)
45 gid_string_list.append(gid.save_to_string())
46 return gid_string_list
48 def get_self_credential(self, type, name):
49 client_gid = self.resolve_gid(name)[0]
50 cred = Credential(subject = client_gid.get_subject())
51 cred.set_gid_caller(client_gid)
52 cred.set_issuer(key=self.key, cert=self.cert)
53 cred.set_pubkey(client_gid.get_pubkey())
56 return cred.save_to_string()
58 def get_credential(self, cred, type, name):
60 return get_self_credential(self, type, name)
62 self.decode_authentication(cred)
64 object_gid = self.resolve_gid(name)[0]
65 new_cred = Credential(subject = object_gid.get_subject())
66 new_cred.set_gid_caller(self.client_gid)
67 new_cred.set_gid_object(object_gid)
68 new_cred.set_issuer(key=self.key, cert=self.cert)
69 new_cred.set_pubkey(object_gid.get_pubkey())
73 return new_cred.save_to_string()
75 if __name__ == "__main__":
76 key_file = "dummyserver.key"
77 cert_file = "dummyserver.cert"
79 # if no key is specified, then make one up
80 if (not os.path.exists(key_file)) or (not os.path.exists(cert_file)):
81 key = Keypair(create=True)
82 key_file = "dummyserver.key"
83 key.save_to_file(key_file)
85 cert = Certificate(subject="dummy")
86 cert.set_issuer(key=key, subject="dummy")
89 cert.save_to_file(cert_file)
91 s = DummyRegistry("localhost", 12345, key_file, cert_file)