From: Loic Baron Date: Wed, 18 Jun 2014 13:43:48 +0000 (-0500) Subject: Account: PKCS12 generated in the user account page X-Git-Tag: myslice-1.1~64^2~2^2 X-Git-Url: http://git.onelab.eu/?p=unfold.git;a=commitdiff_plain;h=4956db5b73c760e061c517f93f2329cd2f7b5bbc Account: PKCS12 generated in the user account page --- diff --git a/portal/accountview.py b/portal/accountview.py index 0f14da7e..4f4ecbfd 100644 --- a/portal/accountview.py +++ b/portal/accountview.py @@ -1,6 +1,7 @@ from unfold.loginrequired import LoginRequiredAutoLogoutView # from sfa.trust.credential import Credential +from sfa.trust.certificate import Keypair # from manifold.core.query import Query from manifoldapi.manifoldapi import execute_query @@ -17,6 +18,8 @@ from myslice.theme import ThemeView # import json, os, re, itertools +from OpenSSL import crypto +from Crypto.PublicKey import RSA # requires login class AccountView(LoginRequiredAutoLogoutView, ThemeView): @@ -328,7 +331,6 @@ def account_process(request): for platform_detail in platform_details: if platform_detail['platform_id'] == account_detail['platform_id']: if 'myslice' in platform_detail['platform']: - from Crypto.PublicKey import RSA private = RSA.generate(1024) private_key = json.dumps(private.exportKey()) public = private.publickey() @@ -513,7 +515,7 @@ def account_process(request): response['Content-Disposition'] = 'attachment; filename="user_cred.txt"' return response else: - messages.error(request, 'Download error: User credential is not stored in the server') + messages.error(request, 'Download error: User credential is not stored in the server') return HttpResponseRedirect("/portal/account/") # Download user_cert @@ -536,9 +538,54 @@ def account_process(request): response['Content-Disposition'] = 'attachment; filename="user_certificate.pem"' return response else: - messages.error(request, 'Download error: User credential is not stored in the server') + messages.error(request, 'Download error: User credential is not stored in the server') return HttpResponseRedirect("/portal/account/") - + + # Download user p12 = private_key + Certificate + elif 'dl_user_p12' in request.POST: + if 'user_credential' in account_config and 'user_private_key' in account_config: + user_cred = account_config['user_credential'] + obj_cred = Credential(string=user_cred) + obj_gid = obj_cred.get_gid_object() + str_cert = obj_gid.save_to_string() + cert = crypto.load_certificate(crypto.FILETYPE_PEM, str_cert) + + user_private_key = account_config['user_private_key'].encode('ascii') + pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, user_private_key) + + p12 = crypto.PKCS12() + p12.set_privatekey(pkey) + p12.set_certificate(cert) + pkcs12 = p12.export() + + response = HttpResponse(pkcs12, content_type='text/plain') + response['Content-Disposition'] = 'attachment; filename="user_pkcs.p12"' + return response + + elif 'delegated_user_credential' in account_config and 'user_private_key' in account_config: + user_cred = account_config['delegated_user_credential'] + obj_cred = Credential(string=user_cred) + obj_gid = obj_cred.get_gid_object() + str_cert = obj_gid.save_to_string() + cert = crypto.load_certificate(crypto.FILETYPE_PEM, str_cert) + + user_private_key = account_config['user_private_key'].encode('ascii') + pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, user_private_key) + + p12 = crypto.PKCS12() + p12.set_privatekey(pkey) + p12.set_certificate(cert) + pkcs12 = p12.export() + + response = HttpResponse(pkcs12, content_type='text/plain') + response['Content-Disposition'] = 'attachment; filename="user_pkcs.p12"' + return response + else: + messages.error(request, 'Download error: User private key or credential is not stored in the server') + return HttpResponseRedirect("/portal/account/") + + + else: messages.info(request, 'Under Construction. Please try again later!') return HttpResponseRedirect("/portal/account/") diff --git a/portal/templates/account-view.html b/portal/templates/account-view.html index 6877a4a6..2b8a9ca5 100644 --- a/portal/templates/account-view.html +++ b/portal/templates/account-view.html @@ -203,9 +203,11 @@ Credential - + {%endfor%} diff --git a/portal/templates/fed4fire/fed4fire_account-view.html b/portal/templates/fed4fire/fed4fire_account-view.html index bf01002a..ac85870a 100644 --- a/portal/templates/fed4fire/fed4fire_account-view.html +++ b/portal/templates/fed4fire/fed4fire_account-view.html @@ -220,7 +220,10 @@ Credential +