source: TI12-security/trunk/python/ndg.security.common/ndg/security/common/ca/CertReq.py @ 2058

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.common/ndg/security/common/ca/CertReq.py@2136
Revision 2058, 6.0 KB checked in by pjkersha, 13 years ago (diff)

python/ndg.security.server/ndg/security/server/AttAuthority/server-config.tac:
update to file header.

python/ndg.security.server/ndg/security/server/AttAuthority/init.py:

  • setPropFilePath val input is now a keyword
  • readProperties - removed propFilePath keyword - set from propFilePath property /

setPropFilePath method instead.

python/ndg.security.server/ndg/security/server/AttAuthority/start-container.sh:
added standard header

python/ndg.security.server/ndg/security/server/SessionMgr/server-config.tac:

  • updated header
  • removed hard coded cert file paths
  • set port number from properties file instead.

python/ndg.security.server/ndg/security/server/SessionMgr/init.py:

  • change all refs to sessMgrWSDLuri -> sessMgrURI and encrSessMgrWSDLuri -> encrSessMgrURI. For ZSI 2.0, it's the URI of the service that is important. The URI of the WSDL is not required.
  • changed keyPPhrase property to keyPwd
  • added setPropFilePath and propFilePath property, added class variable to make up properties file path from $NDG_DIR.
  • removed propFilePath keyword from readProperties method - use setPropFilePath() / propFilePath property instead.
  • renamed reqAuthorisation method getAttCert to avoid confusion with authorisation function performed by Gatekeeper.

python/ndg.security.server/ndg/security/server/SessionMgr/start-container.sh: added
standard header

python/ndg.security.server/ndg/security/server/SessionMgr/Makefile: create server side
stubs calling wsdl2dispatch and sed to convert to correct imports and stub methods
return types for Twisted.

python/www/html/sessionMgr.wsdl,
python/ndg.security.server/ndg/security/server/SessionMgr/SessionMgr_services_server.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services_types.py:

  • renamed reqAuthorisation operations to getAttCert to avoid confusion with authorisation performed by the Gatekeeper.

python/conf/sessionMgrProperties.xml: renamed property keyPPhrase -> keyPwd

python/ndg.security.client/ndg/security/client/ndgSessionClient.py: changed refs from
WSDL URI and URI for Session Manager address. For ZSI 2.0, the URI of service is needed
alone, not the WSLD address.

python/ndg.security.test/ndg/security/test/AttAuthority/siteAServer.sh,
python/ndg.security.test/ndg/security/test/AttAuthority/siteBServer.sh: updates to headers

python/ndg.security.test/ndg/security/test/AttAuthority/README and
python/ndg.security.test/ndg/security/test/SessionMgr/README: added to explain setup for
running services for clients to connect to.

python/ndg.security.test/ndg/security/test/SessionMgr/SessionMgrClientTest.py and
python/ndg.security.test/ndg/security/test/SessionMgr/sessionMgrClientTest.cfg:
refs to 'ReqAuthorisation?' changed to 'getAttCert' - see above.

python/ndg.security.test/ndg/security/test/SessionMgr/server.sh: script to start
Session Manager for client unit tests.

python/ndg.security.common/ndg/security/common/AttAuthority/README,
python/ndg.security.common/ndg/security/common/SessionMgr/README: include instruction to
use Makefile.

python/ndg.security.common/ndg/security/common/Log
python/ndg.security.common/ndg/security/common/Log/log_services_server.py
python/ndg.security.common/ndg/security/common/Log/log_services.py
python/ndg.security.common/ndg/security/common/ca/init.py
python/ndg.security.common/ndg/security/common/ca/simpleCA_services.py
python/ndg.security.common/ndg/security/common/ca/CertReq.py
python/ndg.security.common/ndg/security/common/Gatekeeper
python/ndg.security.common/ndg/security/common/Gatekeeper/TestGatekeeperResrc.py
python/ndg.security.common/ndg/security/common/Gatekeeper/Gatekeeper.py
python/ndg.security.common/ndg/security/common/Gatekeeper/gatekeeper_services.py
python/ndg.security.common/ndg/security/common/Gatekeeper/gatekeeper_services_server.py:
rearranged old Log and Gatekeeper service code into their own packages. Moved
CertReq?.py and simpleCA_services.py into ca package.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1"""Class for digitally signed Certificate Request to NDG SimpleCA
2
3NERC Data Grid Project
4
5P J Kershaw 08/08/05
6
7Copyright (C) 2006 CCLRC & NERC
8
9This software may be distributed under the terms of the Q Public License,
10version 1.0 or later."""
11
12reposID = '$Id$'
13
14import os
15
16# XML signature module based on xmlsec and libxml2
17from XMLSecDoc import *
18
19# XML Parsing
20import cElementTree as ElementTree
21
22
23
24#_____________________________________________________________________________
25class CertReqError(Exception):
26    """Exception handling for NDG Certificate Request class."""
27   
28    def __init__(self, msg):
29        self.__msg = msg
30         
31    def __str__(self):
32        return self.__msg
33
34
35
36       
37#_____________________________________________________________________________
38class CertReq(XMLSecDoc):
39    """NDG Certificate Request document to send to Simple CA."""
40
41    # Certificate Request file tag
42    __certReqTag = "certificateRequest"
43
44
45    # Nb. pass XMLSecDoc keyword arguments in xmlSecDocArgs dictionary
46    def __init__(self, filePath=None, **xmlSecDocArgs):
47
48        """Initialisation - Certificate Request file path may be specified.
49        """
50
51        # Base class initialisation
52        XMLSecDoc.__init__(self, **xmlSecDocArgs)
53
54
55        if filePath is not None:
56            if not isinstance(filePath, basestring):           
57                raise CertReqError("Input file path must be a valid string")
58
59            self.filePath = filePath
60
61        self.__certReqTxt = ''
62
63       
64    #_________________________________________________________________________
65    def __getCertReqTxt(self):
66        """Get text content of certificate request"""
67        return self.__certReqTxt
68
69
70    def __setCertReqTxt(self, certReqTxt):
71        """Set text content of certificate request"""
72       
73        if not isinstance(certReqTxt, basestring):
74            raise AttributeError("Setting certificate request text: " + \
75                                 "input must be a valid string")
76                               
77        self.__certReqTxt = certReqTxt
78
79
80    def __delCertReqTxt(self):
81        """Prevent certificate request text from being deleted."""
82        raise AttributeError("\"certReqTxt\" attribute cannot be deleted")
83
84
85    # Publish attribute as read/write
86    certReqTxt = property(fget=__getCertReqTxt,
87                          fset=__setCertReqTxt,
88                          fdel=__delCertReqTxt,
89                          doc="Text for certificate request")
90
91
92    #_________________________________________________________________________
93    def parse(self, xmlTxt):
94        """Parse an XML Certificate Request content contained in string input
95
96        xmlTxt:     Certificate Request XML content as string"""
97       
98        rootElem = ElementTree.XML(xmlTxt)
99
100        # Call generic ElementTree parser
101        self.__parse(rootElem)
102
103
104        # Call base class parser method to initialise libxml2 objects for
105        # signature validation
106        try:
107            XMLSecDoc.parse(self, xmlTxt)
108
109        except Exception, e:
110            raise CertReqError("Certificate Request: %s" % e)
111
112
113    #_________________________________________________________________________       
114    def read(self, filePath=None):
115
116        """Read XML Certificate Request
117
118        filePath:   file to be read, if omitted __filePath member variable is
119                    used instead"""
120
121        if filePath:
122            if not isinstance(filePath, basestring):
123                raise CertReqError("Input file path must be a string.")
124
125            self.setFilePath(filePath)
126        else:
127            filePath = self.getFilePath()
128
129
130        try:   
131            tree = ElementTree.parse(filePath)
132            rootElem = tree.getroot()
133        except Exception, e:
134            raise CertReqError("Certificate Request: " + str(e))
135       
136        # Call generic ElementTree parser
137        self.__parse(rootElem)
138
139
140        # Call base class read method to initialise libxml2 objects for
141        # signature validation
142        try:
143            XMLSecDoc.read(self)
144
145        except Exception, e:
146            raise CertReqError("Certificate Request: %s" % e)
147
148       
149    #_________________________________________________________________________
150    def __parse(self, certReqElem):
151        """Private XML parsing method accepts a ElementTree.Element type
152        as input
153
154        certReqElem:       ElementTree.Element type
155        """
156        self.__certReqTxt = certReqElem.text.strip()
157
158
159    #_________________________________________________________________________
160    def createXML(self):
161        """Create XML for Certificate Request ready for signing
162
163        Implementation of virtual method defined in XMLSecDoc base class"""
164
165        # Nb. this method is called by CertReq.read()
166 
167       
168        # Create string of all XML content       
169        xmlTxt = "<certificateRequest>" + os.linesep + "    " + \
170                 self.__certReqTxt + os.linesep + "</certificateRequest>"
171
172
173        # Return XML file content as a string
174        return xmlTxt
175
176
177
178
179#_____________________________________________________________________________
180# Alternative CertReq constructors
181#
182def CertReqRead(**certReqKeys):
183    """Create a new Certificate Request read in from a file"""
184   
185    certReq = CertReq(**certReqKeys)
186    certReq.read()
187   
188    return certReq
189
190
191#_____________________________________________________________________________
192def CertReqParse(certReqTxt, **certReqKeys):
193    """Create a new Certificate Request from string content"""
194   
195    certReq = CertReq(**certReqKeys)
196    certReq.parse(certReqTxt)
197   
198    return certReq
199
200
201#_____________________________________________________________________________
202def CertReqTest(certFilePathList):
203   
204    import pdb
205    pdb.set_trace()
206   
207    certReqXMLtxt = \
208"""<?xml version="1.0" encoding="UTF-8"?>
209<certificateRequest></certificateRequest>"""
210
211    try:
212        certReq = CertReqParse(certReqXMLtxt,
213                               certFilePathList=certFilePathList)
214
215        print certReq.isValidSig()
216       
217    except Exception, e:
218        print str(e)
Note: See TracBrowser for help on using the repository browser.