from sfa.util.sfalogging import logger
+# Two years, in minutes
+DEFAULT_CREDENTIAL_LIFETIME = 1051200
+
+
# TODO:
-# . Need to implement full verification (parent signatures etc).
-# . remove verify_chain
-# . make delegation per privilege instead of global
# . make privs match between PG and PL
-# . what about tickets? do they need to be redone to be like credentials?
# . Need to test delegation, xml verification
+
+
signature_template = \
'''
<Signature xml:id="Sig_%s" xmlns="http://www.w3.org/2000/09/xmldsig#">
lifetime = legacy.get_lifetime()
if not lifetime:
# Default to two years
- self.set_lifetime(1051200)
+ self.set_lifetime(DEFAULT_CREDENTIAL_LIFETIME)
else:
self.set_lifetime(int(lifetime))
self.lifeTime = legacy.get_lifetime()
self.issuer_privkey = privkey
self.issuer_gid = gid
- #def set_issuer(self, issuer):
- # issuer = issuer
-
- #def set_subject(self, subject):
- # subject = subject
-
- #def set_pubkey(self, pubkey):
- # self.issuer_pubkey = pubkey
-
##
# Set this credential's parent
next_cred = self.parent
while next_cred:
refs.append(next_cred.get_refid())
- if next_cred.parent_xml:
+ if next_cred.parent:
next_cred = next_cred.parent
else:
next_cred = None