From: Tony Mack Date: Tue, 4 May 2010 16:52:04 +0000 (+0000) Subject: initial checkin of tool used manage (display, sign, import, export) registry gids X-Git-Tag: sfa-0.9-11~6^2~14 X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;ds=sidebyside;h=7d085a26db78a2efb3e82055ddd92cdf5cc416c8;p=sfa.git initial checkin of tool used manage (display, sign, import, export) registry gids --- diff --git a/sfa/server/sfa-ca.py b/sfa/server/sfa-ca.py new file mode 100755 index 00000000..477399a7 --- /dev/null +++ b/sfa/server/sfa-ca.py @@ -0,0 +1,106 @@ +#!/usr/bin/python + +# +# SFA Certificate Signing and management +# + +import os +import sys +from optparse import OptionParser +from sfa.trust.certificate import Keypair, Certificate +from sfa.trust.gid import GID, create_uuid +from sfa.trust.hierarchy import Hierarchy +from sfa.util.config import Config + +def main(): + args = sys.argv + script_name = args[0] + parser = OptionParser(usage="%(script_name)s [options]" % locals()) + parser.add_option("-d", "--display", dest="display", default=None, + help="print contents of specified gid") + parser.add_option("-s", "--sign", dest="sign", default=None, + help="gid to sign" ) + parser.add_option("-k", "--key", dest="key", default=None, + help="keyfile to use for signing") + parser.add_option("-i", "--import", dest="importgid", default=None, + help="gid file to import into the registry") + parser.add_option("-e", "--export", dest="export", + help="name of gid to export from registry") + parser.add_option("-o", "--outfile", dest="outfile", + help="where to write the exprted gid") + parser.add_option("-v", "--verbose", dest="verobse", + help="be verbose") + + (options, args) = parser.parse_args() + + + if options.display: + display(options) + elif options.sign: + sign(options) + elif options.importgid: + import_gid(options) + elif options.export: + export_gid(options) + else: + parser.print_help() + sys.exit(1) + + +def display(options): + gidfile = os.path.abspath(options.display) + print gidfile + if not gidfile or not os.path.isfile(gidfile): + print "No such gid: %s" % gidfile + sys.exit(1) + gid = GID(filename=gidfile) + gid.dump(dump_parents=True) + +def sign(options): + from sfa.util.table import SfaTable + hierarchy = Hierarchy() + config = Config() + parent_hrn = config.SFA_INTERFACE_HRN + auth_info = hierarchy.get_auth_info(parent_hrn) + + # load the gid + gidfile = os.path.abspath(options.sign) + if not os.path.isfile(gidfile): + print "no such gid: %s" % gidfile + sys.exit(1) + gid = GID(filename=gidfile) + + # load the parent private key + pkeyfile = options.key + # if no pkey was specified, then use the this authority's key + if not pkeyfile: + pkeyfile = auth_info.privkey_filename + if not os.path.isfile(pkeyfile): + print "no such pkey: %s.\nPlease specify a valid private key" % pkeyfile + sys.exit(1) + parent_key = Keypair(filename=pkeyfile) + + # load the parent gid + parent_gid = auth_info.gid_object + + # get the outfile + outfile = options.outfile + if not outfile: + outfile = os.path.abspath('./signed-%s.gid' % gid.get_hrn()) + + # sign the gid + gid.set_issuer(parent_key, parent_hrn) + gid.set_parent(parent_gid) + gid.save_to_file(outfile, save_parents=True) + + +def export(options): + from sfa.util.table import SfaTable + pass + +def import_gid(options): + from sfa.util.table import SfaTable + pass + +if __name__ == '__main__': + main()