4 # SFA Certificate Signing and management
9 from optparse import OptionParser
10 from sfa.trust.certificate import Keypair, Certificate
11 from sfa.trust.gid import GID, create_uuid
12 from sfa.trust.hierarchy import Hierarchy
13 from sfa.util.config import Config
18 parser = OptionParser(usage="%(script_name)s [options]" % locals())
19 parser.add_option("-d", "--display", dest="display", default=None,
20 help="print contents of specified gid")
21 parser.add_option("-s", "--sign", dest="sign", default=None,
23 parser.add_option("-k", "--key", dest="key", default=None,
24 help="keyfile to use for signing")
25 parser.add_option("-i", "--import", dest="importgid", default=None,
26 help="gid file to import into the registry")
27 parser.add_option("-e", "--export", dest="export",
28 help="name of gid to export from registry")
29 parser.add_option("-o", "--outfile", dest="outfile",
30 help="where to write the exprted gid")
31 parser.add_option("-v", "--verbose", dest="verobse",
34 (options, args) = parser.parse_args()
41 elif options.importgid:
52 Display the sepcified GID
54 gidfile = os.path.abspath(options.display)
55 if not gidfile or not os.path.isfile(gidfile):
56 print "No such gid: %s" % gidfile
58 gid = GID(filename=gidfile)
59 gid.dump(dump_parents=True)
63 Sign the specified gid
65 hierarchy = Hierarchy()
67 parent_hrn = config.SFA_INTERFACE_HRN
68 auth_info = hierarchy.get_auth_info(parent_hrn)
71 gidfile = os.path.abspath(options.sign)
72 if not os.path.isfile(gidfile):
73 print "no such gid: %s" % gidfile
75 gid = GID(filename=gidfile)
77 # load the parent private key
78 pkeyfile = options.key
79 # if no pkey was specified, then use the this authority's key
81 pkeyfile = auth_info.privkey_filename
82 if not os.path.isfile(pkeyfile):
83 print "no such pkey: %s.\nPlease specify a valid private key" % pkeyfile
85 parent_key = Keypair(filename=pkeyfile)
88 parent_gid = auth_info.gid_object
91 outfile = options.outfile
93 outfile = os.path.abspath('./signed-%s.gid' % gid.get_hrn())
95 # check if gid already has a parent
98 gid.set_issuer(parent_key, parent_hrn)
99 gid.set_parent(parent_gid)
101 gid.save_to_file(outfile, save_parents=True)
104 def export_gid(options):
105 from sfa.util.table import SfaTable
106 # lookup the record for the specified hrn
109 # check sfa table first
111 records = table.find({'hrn': hrn, type: 'authority'})
113 # check the authorities hierarchy
114 hierarchy = Hierarchy()
116 auth_info = hierarchy.get_auth_info()
117 gid = auth_info.gid_object
119 print "Record: %s not found" % hrn
123 gid = GID(string=record['gid'])
126 outfile = options.outfile
128 outfile = os.path.abspath('./%s.gid' % gid.get_hrn())
130 gid.save_to_file(outfile, save_parents=True)
134 def import_gid(options):
135 from sfa.util.table import SfaTable
138 if __name__ == '__main__':