initial checkin of tool used manage (display, sign, import, export) registry gids

diff --git a/sfa/server/sfa-ca.py b/sfa/server/sfa-ca.py
new file mode 100755 (executable)
index 0000000..477399a
--- /dev/null
+++ b/sfa/server/sfa-ca.py
@@ -0,0 +1,106 @@
+#!/usr/bin/python
+
+#
+# SFA Certificate Signing and management 
+#   
+
+import os
+import sys
+from optparse import OptionParser
+from sfa.trust.certificate import Keypair, Certificate
+from sfa.trust.gid import GID, create_uuid
+from sfa.trust.hierarchy import Hierarchy
+from sfa.util.config import Config
+
+def main():
+    args = sys.argv
+    script_name = args[0]
+    parser = OptionParser(usage="%(script_name)s [options]" % locals())
+    parser.add_option("-d", "--display", dest="display", default=None,
+                      help="print contents of specified gid")           
+    parser.add_option("-s", "--sign", dest="sign", default=None, 
+                      help="gid to sign" )
+    parser.add_option("-k", "--key", dest="key", default=None, 
+                      help="keyfile to use for signing")
+    parser.add_option("-i", "--import", dest="importgid", default=None,
+                      help="gid file to import into the registry")
+    parser.add_option("-e", "--export", dest="export", 
+                      help="name of gid to export from registry")
+    parser.add_option("-o", "--outfile", dest="outfile",
+                      help="where to write the exprted gid") 
+    parser.add_option("-v", "--verbose", dest="verobse", 
+                      help="be verbose")           
+                
+    (options, args) = parser.parse_args()
+
+
+    if options.display:
+        display(options)
+    elif options.sign:
+        sign(options)
+    elif options.importgid:
+        import_gid(options) 
+    elif options.export:
+        export_gid(options)  
+    else:
+        parser.print_help()
+        sys.exit(1)        
+
+
+def display(options):
+    gidfile = os.path.abspath(options.display)
+    print gidfile
+    if not gidfile or not os.path.isfile(gidfile):
+        print "No such gid: %s" % gidfile
+        sys.exit(1) 
+    gid = GID(filename=gidfile)
+    gid.dump(dump_parents=True)
+
+def sign(options):
+    from sfa.util.table import SfaTable
+    hierarchy = Hierarchy()
+    config = Config()
+    parent_hrn = config.SFA_INTERFACE_HRN
+    auth_info = hierarchy.get_auth_info(parent_hrn)
+
+    # load the gid
+    gidfile = os.path.abspath(options.sign)
+    if not os.path.isfile(gidfile):
+        print "no such gid: %s" % gidfile
+        sys.exit(1)
+    gid = GID(filename=gidfile)
+
+    # load the parent private key
+    pkeyfile = options.key
+    # if no pkey was specified, then use the this authority's key
+    if not pkeyfile:
+        pkeyfile = auth_info.privkey_filename
+    if not os.path.isfile(pkeyfile):
+        print "no such pkey: %s.\nPlease specify a valid private key" % pkeyfile
+        sys.exit(1)
+    parent_key = Keypair(filename=pkeyfile)
+
+    # load the parent gid
+    parent_gid = auth_info.gid_object
+
+    # get the outfile
+    outfile = options.outfile
+    if not outfile:
+        outfile = os.path.abspath('./signed-%s.gid' % gid.get_hrn())
+    
+    # sign the gid
+    gid.set_issuer(parent_key, parent_hrn)
+    gid.set_parent(parent_gid)
+    gid.save_to_file(outfile, save_parents=True)            
+    
+
+def export(options):
+    from sfa.util.table import SfaTable
+    pass
+
+def import_gid(options):
+    from sfa.util.table import SfaTable
+    pass
+
+if __name__ == '__main__':
+    main()