dummy/dummyServer.py

   1 import tempfile
   2 import os
   3
   4 from cert import *
   5 from gid import *
   6 from geniserver import *
   7
   8 # DummyRegistry implements the security layer for a registry. It creates GIDs
   9 #   by using the public key contained in client's certificate.
  10
  11
  12 class DummyRegistry(GeniServer):
  13     gid_dict = {}
  14
  15     def __init__(self, ip, port, key_file, cert_file):
  16         GeniServer.__init__(self, ip, port, key_file, cert_file)
  17
  18     def register_functions(self):
  19         GeniServer.register_functions(self)
  20         self.server.register_function(self.get_self_credential)
  21         self.server.register_function(self.get_credential)
  22         self.server.register_function(self.get_gid)
  23
  24     def resolve_gid(self, name):
  25         gid = self.gid_dict.get(name, None)
  26         if gid:
  27             return [gid]
  28
  29         # assume the user is who he says he is, and create a GID for him
  30         peer_cert = self.server.peer_cert
  31         gid = GID(subject=name, uuid=create_uuid(), hrn=name)
  32         gid.set_pubkey(peer_cert.get_pubkey())
  33         gid.set_issuer(key=self.key, cert=self.cert)
  34         gid.encode()
  35         gid.sign()
  36
  37         self.gid_dict[name] = gid
  38
  39         return [gid]
  40
  41     def get_gid(self, name):
  42         gid_list = self.resolve_gid(name)
  43         gid_string_list = []
  44         for gid in gid_list:
  45             gid_string_list.append(gid.save_to_string())
  46         return gid_string_list
  47
  48     def get_self_credential(self, type, name):
  49         client_gid = self.resolve_gid(name)[0]
  50         cred = Credential(subject = client_gid.get_subject())
  51         cred.set_gid_caller(client_gid)
  52         cred.set_issuer(key=self.key, cert=self.cert)
  53         cred.set_pubkey(client_gid.get_pubkey())
  54         cred.encode()
  55         cred.sign()
  56         return cred.save_to_string()
  57
  58     def get_credential(self, cred, type, name):
  59         if not cred:
  60             return get_self_credential(self, type, name)
  61
  62         self.decode_authentication(cred)
  63
  64         object_gid = self.resolve_gid(name)[0]
  65         new_cred = Credential(subject = object_gid.get_subject())
  66         new_cred.set_gid_caller(self.client_gid)
  67         new_cred.set_gid_object(object_gid)
  68         new_cred.set_issuer(key=self.key, cert=self.cert)
  69         new_cred.set_pubkey(object_gid.get_pubkey())
  70         new_cred.encode()
  71         new_cred.sign()
  72
  73         return new_cred.save_to_string()
  74
  75 if __name__ == "__main__":
  76     key_file = "dummyserver.key"
  77     cert_file = "dummyserver.cert"
  78
  79     # if no key is specified, then make one up
  80     if (not os.path.exists(key_file)) or (not os.path.exists(cert_file)):
  81         key = Keypair(create=True)
  82         key_file = "dummyserver.key"
  83         key.save_to_file(key_file)
  84
  85         cert = Certificate(subject="dummy")
  86         cert.set_issuer(key=key, subject="dummy")
  87         cert.set_pubkey(key)
  88         cert.sign()
  89         cert.save_to_file(cert_file)
  90
  91     s = DummyRegistry("localhost", 12345, key_file, cert_file)
  92     s.run()
  93