git://git.onelab.eu / sfa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
checking in some debugging statements, will remove them later
[sfa.git] / sfa / trust / certificate.py
diff --git a/sfa/trust/certificate.py b/sfa/trust/certificate.py
index 8ca369d..9480f7a 100644 (file)
--- a/sfa/trust/certificate.py
+++ b/sfa/trust/certificate.py
@@ -516,16 +516,17 @@ class Certificate:
         # until a certificate is found that is signed by a trusted root.
 
         # TODO: verify expiration time
-
+        print "====Verify Chain====="
         # if this cert is signed by a trusted_cert, then we are set
         for trusted_cert in trusted_certs:
+            print "***************"
             # TODO: verify expiration of trusted_cert ?
+            print "CLIENT CERT", self.dump()
+            print "TRUSTED CERT", trusted_cert.dump()
+            print "Client is signed by Trusted?", self.is_signed_by_cert(trusted_cert)
             if self.is_signed_by_cert(trusted_cert):
                 #print self.get_subject(), "is signed by a root"
                 return
-            # if the public keys are the same then we are set
-            if self.is_pubkey(trusted_cert.get_pubkey()):
-                return
 
         # if there is no parent, then no way to verify the chain
         if not self.parent:
sfa