From 0f0809295016b9f80cee40a17a7353b1347c2dd9 Mon Sep 17 00:00:00 2001 From: Tony Mack Date: Mon, 12 Mar 2012 12:41:10 -0400 Subject: [PATCH] removing --- sfa/server/sfa-ca.py | 186 ------------------------------------------- 1 file changed, 186 deletions(-) delete mode 100755 sfa/server/sfa-ca.py diff --git a/sfa/server/sfa-ca.py b/sfa/server/sfa-ca.py deleted file mode 100755 index 9ab75e7e..00000000 --- a/sfa/server/sfa-ca.py +++ /dev/null @@ -1,186 +0,0 @@ -#!/usr/bin/python - -# -# SFA Certificate Signing and management. Root authorities can use this script -# to sign the certificate of another authority and become its parent. Sub -# authorities (authorities that have had their cert signed by another authority) -# can use this script to update their registry hierarchy with the new cert -# -# Example usage: -# -## sign a peer cert -# sfa-ca.py --sign PEER_CERT_FILENAME -o OUTPUT_FILENAME -# -## import a cert and update the registry hierarchy -# sfa-ca.py --import CERT_FILENAME -# -## display a cert -# sfa-ca.py --display CERT_FILENAME - - -import os -import sys -from optparse import OptionParser - -from sfa.util.config import Config - -from sfa.trust.gid import GID, create_uuid -from sfa.trust.hierarchy import Hierarchy - -from sfa.storage.alchemy import dbsession -from sfa.storage.model import RegRecord - -def main(): - args = sys.argv - script_name = args[0] - parser = OptionParser(usage="%(script_name)s [options]" % locals()) - parser.add_option("-d", "--display", dest="display", default=None, - help="print contents of specified gid") - parser.add_option("-s", "--sign", dest="sign", default=None, - help="gid to sign" ) - parser.add_option("-k", "--key", dest="key", default=None, - help="keyfile to use for signing") - parser.add_option("-a", "--authority", dest="authority", default=None, - help="sign the gid using the specified authority ") - parser.add_option("-i", "--import", dest="importgid", default=None, - help="gid file to import into the registry") - parser.add_option("-e", "--export", dest="export", - help="name of gid to export from registry") - parser.add_option("-t", "--type", dest="type", - help="record type", default=None) - parser.add_option("-o", "--outfile", dest="outfile", - help="where to write the exprted gid") - parser.add_option("-v", "--verbose", dest="verbose", default=False, - action="store_true", help="be verbose") - - (options, args) = parser.parse_args() - - - if options.display: - display(options) - elif options.sign: - sign(options) - elif options.importgid: - import_gid(options) - elif options.export: - export_gid(options) - else: - parser.print_help() - sys.exit(1) - - -def display(options): - """ - Display the sepcified GID - """ - gidfile = os.path.abspath(options.display) - if not gidfile or not os.path.isfile(gidfile): - print "No such gid: %s" % gidfile - sys.exit(1) - gid = GID(filename=gidfile) - gid.dump(dump_parents=True) - -def sign(options): - """ - Sign the specified gid - """ - hierarchy = Hierarchy() - config = Config() - default_authority = config.SFA_INTERFACE_HRN - auth_info = hierarchy.get_auth_info(default_authority) - - # load the gid - gidfile = os.path.abspath(options.sign) - if not os.path.isfile(gidfile): - print "no such gid: %s" % gidfile - sys.exit(1) - gid = GID(filename=gidfile) - - # extract pub_key and create new gid - pkey = gid.get_pubkey() - urn = gid.get_urn() - gid = hierarchy.create_gid(urn, create_uuid(), pkey) - - # get the outfile - outfile = options.outfile - if not outfile: - outfile = os.path.abspath('./signed-%s.gid' % gid.get_hrn()) - - # save the signed gid - if options.verbose: - print "Writing signed gid %s" % outfile - gid.save_to_file(outfile, save_parents=True) - - -def export_gid(options): - # lookup the record for the specified hrn - hrn = options.export - type = options.type - # check sfa table first - request=dbsession.query(RegRecord).filter_by(hrn=hrn) - if type: request = request.filter_by(type=type) - record=request.first() - if not record: - # check the authorities hierarchy - hierarchy = Hierarchy() - try: - auth_info = hierarchy.get_auth_info(hrn) - gid = auth_info.gid_object - except: - print "Record: %s not found" % hrn - sys.exit(1) - else: - gid = GID(string=record.gid) - - # get the outfile - outfile = options.outfile - if not outfile: - outfile = os.path.abspath('./%s.gid' % gid.get_hrn()) - - # save it - if options.verbose: - print "Writing %s gid to %s" % (gid.get_hrn(), outfile) - gid.save_to_file(outfile, save_parents=True) - -def import_gid(options): - """ - Import the specified gid into the registry (db and authorities - hierarchy) overwriting any previous gid. - """ - # load the gid - gidfile = os.path.abspath(options.importgid) - if not gidfile or not os.path.isfile(gidfile): - print "No such gid: %s" % gidfile - sys.exit(1) - gid = GID(filename=gidfile) - - # check if it exists within the hierarchy - hierarchy = Hierarchy() - if not hierarchy.auth_exists(gid.get_hrn()): - print "%s not found in hierarchy" % gid.get_hrn() - sys.exit(1) - - # check if record exists in db - record = dbsession.query(RegRecord).filter_by(type='authority',hrn=gid.get_hrn()).first() - if not record: - print "%s not found in record database" % gid.get_hrn() - sys.exit(1) - - # update the database record - record.gid = gid.save_to_string(save_parents=True) - dbsession.commit() - if options.verbose: - print "Imported %s gid into db" % record['hrn'] - - # update the hierarchy - auth_info = hierarchy.get_auth_info(gid.get_hrn()) - filename = auth_info.gid_filename - gid.save_to_file(filename, save_parents=True) - if options.verbose: - print "Writing %s gid to %s" % (gid.get_hrn(), filename) - - # ending here - return - -if __name__ == '__main__': - main() -- 2.43.0