From 82b36d4b59494ab3581e4a7a096a567fc8d666b7 Mon Sep 17 00:00:00 2001 From: Josh Karlin Date: Tue, 9 Mar 2010 17:50:19 +0000 Subject: [PATCH] GID now supports both xmlrpc formatted subjectAltName as well as the standard GeneralName format --- CHANGES-GENI-API.txt | 3 +++ sfa/trust/certificate.py | 11 ++++------- sfa/trust/gid.py | 32 +++++++++++++++++++++----------- 3 files changed, 28 insertions(+), 18 deletions(-) diff --git a/CHANGES-GENI-API.txt b/CHANGES-GENI-API.txt index 9d37dd83..52bdb7e5 100644 --- a/CHANGES-GENI-API.txt +++ b/CHANGES-GENI-API.txt @@ -1,5 +1,8 @@ 2010-03-08 Josh Karlin + * sfa/trust/gid.py (GID.encode): States URI and UUID explicitly without xml + (GID.decode): GIDs now encode/decode URI and UUID without the xml (but can still read it) + * sfa/trust/certificate.py (Certificate.save_to_string): SaveParents defaults to true (Certificate.save_to_string): Saves without the parent tag. (Certificate.set_data): Accepts optional field diff --git a/sfa/trust/certificate.py b/sfa/trust/certificate.py index bcdd214a..ce64dbe7 100644 --- a/sfa/trust/certificate.py +++ b/sfa/trust/certificate.py @@ -218,7 +218,6 @@ class Keypair: class Certificate: digest = "md5" - data = {} cert = None issuerKey = None issuerSubject = None @@ -236,6 +235,7 @@ class Certificate: # @param filename If filename!=None, load the certficiate from the file. def __init__(self, create=False, subject=None, string=None, filename=None): + self.data = {} if create or subject: self.create() if subject: @@ -419,7 +419,7 @@ class Certificate: if self.data.has_key(field): raise "cannot set ", field, " more than once" self.data[field] = str - self.add_extension(field, 0, "URI:http://" + str) + self.add_extension(field, 0, str) ## # Return the data string that was previously set with set_data @@ -430,13 +430,10 @@ class Certificate: try: uri = self.get_extension(field) + self.data[field] = uri except LookupError: - self.data.pop(field) return None - - if not uri.startswith("URI:http://"): - raise "bad encoding in ", field - self.data[field] = uri[11:] + return self.data[field] ## diff --git a/sfa/trust/gid.py b/sfa/trust/gid.py index 7e9d40ce..051168ff 100644 --- a/sfa/trust/gid.py +++ b/sfa/trust/gid.py @@ -18,7 +18,7 @@ def create_uuid(): return str(uuid.uuid4().int) ## -# GID is a tuplie: +# GID is a tuple: # (uuid, hrn, public_key) # # UUID is a unique identifier and is created by the python uuid module @@ -101,11 +101,14 @@ class GID(Certificate): urn = self.urn else: urn = hrn_to_urn(self.hrn, None) - - dict = {"uuid": self.uuid, - "urn": self.urn} - str = xmlrpclib.dumps((dict,)) - self.set_data(str) + + szURN = "URI:" + urn + szUUID = "URI:" + uuid.UUID(int=self.uuid).urn + + + str = szURN + ", " + szUUID + self.set_data(str, 'subjectAltName') + ## # Decode the subject-alt-name field of the X509 certificate into the @@ -113,12 +116,19 @@ class GID(Certificate): # functions in this class. def decode(self): - data = self.get_data() + data = self.get_data('subjectAltName') + dict = {} if data: - dict = xmlrpclib.loads(self.get_data())[0][0] - else: - dict = {} - + if data.lower().startswith('uri:http://'): + dict = xmlrpclib.loads(data[11:])[0][0] + else: + spl = data.split(', ') + for val in spl: + if val.lower().startswith('uri:urn:uuid:'): + dict['uuid'] = uuid.UUID(val[4:]).int + elif val.lower().startswith('uri:urn:publicid:idn+'): + dict['urn'] = val[4:] + self.uuid = dict.get("uuid", None) self.urn = dict.get("urn", None) self.hrn = dict.get("hrn", None) -- 2.47.0