Changeset 1967


Ignore:
Timestamp:
08/01/07 14:39:00 (13 years ago)
Author:
pjkersha
Message:

python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py: corrected header

python/ndg.security.test/ndg/security/test/AttCert,
python/ndg.security.test/ndg/security/test/AttCert/attCertTest.cfg,
python/ndg.security.test/ndg/security/test/AttCert/init.py,
python/ndg.security.test/ndg/security/test/AttCert/AttCertTest.py: AttCert? unit test

python/ndg.security.test/ndg/security/test/MyProxy/MyProxyClientTest.py: fixes to header

python/ndg.security.common/ndg/security/common/XMLSec.py: fix to str method - missed out return statement.

python/ndg.security.common/ndg/security/common/AttCert.py:

  • fix to XMLSec imports
  • added provenance default to init
  • updates to setitem and getitem
Location:
TI12-security/trunk/python
Files:
4 added
4 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/AttCert.py

    r1964 r1967  
    2323from datetime import datetime, timedelta 
    2424 
    25 # XML signature module based on xmlsec and libxml2 
    26 from XMLSec import XMLSecDoc 
     25# XML signature module based on M2Crypto, ZSI Canonicalization and DOM 
     26from XMLSec import XMLSecDoc, InvalidSignature, getParentNode 
    2727 
    2828from X509 import X500DN 
     
    3030 
    3131 
     32#_____________________________________________________________________________ 
    3233class AttCertError(Exception):   
    3334    """Exception handling for NDG Attribute Certificate class.""" 
     
    7778    # Provenance of certificate may be original or mapped from another 
    7879    # certificate 
    79     __provenance = (origProvenance, mappedProvenance) 
    80  
    81  
    82     #_________________________________________________________________________     
    83     def __init__(self, lifeTime=28800, **xmlSecDocKw): 
     80    __validProvenanceSettings = ('original', 'mapped') 
     81 
     82 
     83    #_________________________________________________________________________     
     84    def __init__(self, provenance='original', lifetime=28800, **xmlSecDocKw): 
    8485        """Initialisation - Attribute Certificate file path may be specified. 
    8586        Also, holder and issuer details and signing authority key and 
    8687        certificate. 
    8788         
    88         @param lifeTime: set the lifetime for the certificate in seconds. 
     89        @param lifetime: set the lifetime for the certificate in seconds. 
    8990        Defaults to 8 hours. 
    9091        @param **xmlSecDocKw: see XMLSec.XMLSec class for an explanation. 
     
    118119 
    119120        # Certificate life time interval in seconds 
    120         self.__lifeTime = lifeTime 
     121        self.__lifetime = lifetime 
    121122         
    122123        self.__dtNotBefore = None 
     
    140141    #_________________________________________________________________________     
    141142    def __getitem__(self, key): 
    142         self.__class__.__name__ + """ behaves as data dictionary of Attribute 
    143         Certificate properties 
    144  
    145         Nb. also possible to apply keys belonging validity and attributes 
    146         sub dictionaries 
     143        """Get an item from the __dat, __dat['validity'] or  
     144        __dat['attributes'] dictionaries.  This class behaves as data  
     145        dictionary of Attribute Certificate properties 
     146 
     147        @param key: name of key - key can be specified belonging to validity 
     148        or the attributes sub dictionaries 
     149        @param item: value to set dictionary item to 
    147150        """ 
    148151         
    149152        # Check input key 
    150         if self.__dat.has_key(key): 
     153        if key in self.__dat: 
    151154 
    152155            # key recognised 
    153156            return self.__dat[key]                 
    154157 
    155         elif self.__dat['validity'].has_key(key): 
     158        elif key in self.__dat['validity']: 
    156159 
    157160            # Allow indexing via validity keys - a shorthand way of  
     
    159162            return self.__dat['validity'][key] 
    160163 
    161         elif self.__dat['attributes'].has_key(key): 
     164        elif key in self.__dat['attributes']: 
    162165 
    163166            # Allow indexing via attributes keys - a shorthand way of  
     
    173176    #_________________________________________________________________________     
    174177    def __setitem__(self, key, item):         
    175         self.__class__.__name__ + """ behaves as data dictionary of Attribute 
    176         Certificate properties 
    177  
    178         Nb. also possible to apply keys belonging validity and attributes 
    179         sub dictionaries 
     178        """Set an item from the __dat, __dat['validity'] or  
     179        __dat['attributes'] dictionaries.  This class behaves as data  
     180        dictionary of Attribute Certificate properties 
     181 
     182        @param key: name of key - key can be specified belonging to validity 
     183        or the attributes sub dictionaries 
     184        @param item: value to set dictionary item to 
    180185        """ 
    181186 
    182187        # Check input key 
    183         if self.__dat.has_key(key): 
     188        if key in self.__dat: 
    184189 
    185190            # key recognised - check if setting provenance 
    186             if key is "provenance" and not self.isValidProvenance(item): 
    187                 raise AttCertError, "Provenance must be set to \"" + \ 
    188                             "\" or \"".join(AttCert.__provenance) + "\"" 
     191            if key is "provenance": 
     192                self.setProvenance(item) 
    189193             
    190194            self.__dat[key] = item 
    191195 
    192         elif self.__dat['attributes'].has_key(key): 
     196        elif key in self.__dat['attributes']: 
    193197 
    194198            # Allow indexing via acInfo keys - a shorthand way of referencing 
     
    196200            return self.__dat['attributes'][key] 
    197201 
    198         elif self.__dat['validity'].has_key(key): 
     202        elif key in self.__dat['validity']: 
    199203            # Prevent setting of notBefore/notAfter - restrict to method 
    200204            # setValidityTime 
     
    384388        if not self.isValidProvenance(provenance): 
    385389            raise AttCertError, "Provenance must be set to \"" + \ 
    386                                "\" or \"".join(AttCert.__provenance) + "\"" 
     390                   "\" or \"".join(AttCert.__validProvenanceSettings) + "\"" 
    387391         
    388392        self.__dat['provenance'] = provenance 
     
    413417            provenance = self.__dat['provenance'] 
    414418 
    415         return provenance in AttCert.__provenance 
     419        return provenance in AttCert.__validProvenanceSettings 
    416420         
    417421 
     
    599603        if not self.isValidProvenance(): 
    600604            raise AttCertError, "Provenance must be set to \"" + \ 
    601                                "\" or \"".join(AttCert.__provenance) + "\"" 
     605                               "\" or \"".join(AttCert.__validProvenanceSettings) + "\"" 
    602606 
    603607         
    604608        # Create string of all XML content         
    605         xmlTxt = """<attributeCertificate> 
     609        xmlTxt = """<attributeCertificate targetNamespace="urn:ndg:security"> 
    606610    <acInfo> 
    607611        <version>""" + self.__dat['version'] + """</version> 
     
    619623        <attributes> 
    620624            <roleSet> 
    621 """ + "".join([\ 
    622 """        <role> 
     625            """ + "".join([\ 
     626"""    <role> 
    623627                    <name>""" + i['role']['name'] + """</name> 
    624628                </role> 
     
    634638 
    635639 
     640    def applyEnvelopedSignature(self, **xmlSecDocKw): 
     641        '''Override super class version to ensure settings have been parsed  
     642        into a DOM object ready for signature 
     643         
     644        @param **xmlSecDocKw: keywords applying to  
     645        XMLSecDoc.applyEnvelopedSignature() 
     646        '''        
     647        self.parse(self.createXML()) 
     648        super(AttCert, self).applyEnvelopedSignature(**xmlSecDocKw) 
     649 
     650        
    636651    #_________________________________________________________________________     
    637652    def setValidityTime(self, 
    638653                        dtNotBefore=None,  
    639654                        dtNotAfter=None,  
    640                         lifeTime=None, 
     655                        lifetime=None, 
    641656                        notBeforeOffset=None): 
    642657        """Set the notBefore and notAfter times which determine the window for 
     
    645660        ready for output. 
    646661 
    647         Nb. use UTC time.  lifeTime and notBeforeOffset are in seconds 
     662        Nb. use UTC time.  lifetime and notBeforeOffset are in seconds 
    648663         
    649664        @param dtNotBefore: not before time as datetime type.  If omitted, 
     
    690705                                   str(dtNotAfter) 
    691706 
    692             self.__lifeTime = dtDeltaLifeTime.days*86400 + \ 
     707            self.__lifetime = dtDeltaLifeTime.days*86400 + \ 
    693708                              dtDeltaLifeTime.seconds 
    694709 
     
    697712        else: 
    698713            # Check for input certificate life time interval 
    699             if lifeTime is not None: 
    700                 self.__lifeTime = lifeTime 
     714            if lifetime is not None: 
     715                self.__lifetime = lifetime 
    701716                 
    702717            try: 
    703718                # Make a time delta object from the lifetime expressed in 
    704719                # seconds 
    705                 dtDeltaLifeTime = timedelta(seconds=self.__lifeTime) 
     720                dtDeltaLifeTime = timedelta(seconds=self.__lifetime) 
    706721            except Exception, e: 
    707722                raise AttCertError, "Invalid Certificate lifetime set %.3f" %\ 
    708                                    self.__lifeTime 
     723                                   self.__lifetime 
    709724             
    710725            # Add certificate lifetime to calculate not after time 
     
    882897                raise AttCertError, \ 
    883898                    "Attribute Certificate Provenance must be set to \"" + \ 
    884                     "\" or \"".join(AttCert.__provenance) + "\"" 
     899                    "\" or \"".join(AttCert.__validProvenanceSettings) + "\"" 
    885900            return False 
    886901 
  • TI12-security/trunk/python/ndg.security.common/ndg/security/common/XMLSec.py

    r1964 r1967  
    126126        """String representation of doc - only applies if doc had been read 
    127127        or parsed""" 
    128         self.toString() 
     128        return self.toString() 
    129129         
    130130 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttAuthority/AttAuthorityClientTest.py

    r1858 r1967  
    1 #!/usr/bin/e 
     1#!/usr/bin/env python 
    22"""NDG Attribute Authority client unit tests 
    33 
    44NERC Data Grid Project 
    55 
    6 P J Kershaw 05/05/05 
     6@author P J Kershaw 05/05/05 
    77 
    8 Copyright (C) 2006 CCLRC & NERC 
     8@copyright (C) 2006 CCLRC & NERC 
    99 
    10 This software may be distributed under the terms of the Q Public License, 
    11 version 1.0 or later. 
     10@license This software may be distributed under the terms of the Q Public  
     11License, version 1.0 or later. 
    1212""" 
     13 
     14reposID = '$Id$' 
     15 
    1316import unittest 
    1417import os 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/MyProxy/MyProxyClientTest.py

    r1945 r1967  
    44NERC Data Grid Project 
    55 
    6 P J Kershaw 13/12/06 
     6@author P J Kershaw 13/12/06 
    77 
    8 Copyright (C) 2006 CCLRC & NERC 
     8@copyright (C) 2006 CCLRC & NERC 
    99 
    10 This software may be distributed under the terms of the Q Public License, 
    11 version 1.0 or later. 
     10@license This software may be distributed under the terms of the Q Public  
     11License, version 1.0 or later. 
    1212""" 
     13 
     14reposID = '$Id$' 
     15 
    1316import unittest 
    1417import os 
Note: See TracChangeset for help on using the changeset viewer.