code.grnet.gr Git - snf-occi/blob - snfOCCI/snf_voms/voms_helper.py

   1 # Copyright 2012 Spanish National Research Council
   2 #
   3 # Licensed under the Apache License, Version 2.0 (the "License"); you may
   4 # not use this file except in compliance with the License. You may obtain
   5 # a copy of the License at
   6 #
   7 #      http://www.apache.org/licenses/LICENSE-2.0
   8 #
   9 # Unless required by applicable law or agreed to in writing, software
  10 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  11 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
  12 # License for the specific language governing permissions and limitations
  13 # under the License.
  14
  15 import ctypes
  16
  17 #import M2Crypto
  18
  19
  20 class _voms(ctypes.Structure):
  21     _fields_ = [
  22         ("siglen", ctypes.c_int32),
  23         ("signature", ctypes.c_char_p),
  24         ("user", ctypes.c_char_p),
  25         ("userca", ctypes.c_char_p),
  26         ("server", ctypes.c_char_p),
  27         ("serverca", ctypes.c_char_p),
  28         ("voname", ctypes.c_char_p),
  29         ("uri", ctypes.c_char_p),
  30         ("date1", ctypes.c_char_p),
  31         ("date2", ctypes.c_char_p),
  32         ("type", ctypes.c_int32),
  33         ("std", ctypes.c_void_p),
  34         ("custom", ctypes.c_char_p),
  35         ("datalen", ctypes.c_int32),
  36         ("version", ctypes.c_int32),
  37         ("fqan", ctypes.POINTER(ctypes.c_char_p)),
  38         ("serial", ctypes.c_char_p),
  39         ("ac", ctypes.c_void_p),
  40         ("holder", ctypes.c_void_p),
  41     ]
  42
  43
  44 class _vomsdata(ctypes.Structure):
  45     _fields_ = [
  46         ("cdir", ctypes.c_char_p),
  47         ("vdir", ctypes.c_char_p),
  48         ("data", ctypes.POINTER(ctypes.POINTER(_voms))),
  49         ("workvo", ctypes.c_char_p),
  50         ("extra_data", ctypes.c_char_p),
  51         ("volen", ctypes.c_int32),
  52         ("extralen", ctypes.c_int32),
  53         ("real", ctypes.c_void_p),
  54     ]
  55
  56
  57 class VOMS(object):
  58     """Context Manager for VOMS handling"""
  59
  60     def __init__(self, vomsdir_path, ca_path, vomsapi_lib):
  61         self.VOMSApi = ctypes.CDLL(vomsapi_lib)
  62         self.VOMSApi.VOMS_Init.restype = ctypes.POINTER(_vomsdata)
  63
  64         self.VOMSDIR = vomsdir_path
  65         self.CADIR = ca_path
  66
  67         self.vd = None
  68
  69     def __enter__(self):
  70         self.vd = self.VOMSApi.VOMS_Init(self.VOMSDIR, self.CADIR).contents
  71         return self
  72
  73     def set_no_verify(self):
  74         """Skip verification of AC.
  75
  76         This method skips the AC signature verification, this it should
  77         only be used for debugging and tests.
  78         """
  79
  80         error = ctypes.c_int32(0)
  81         self.VOMSApi.VOMS_SetVerificationType(0x040,
  82                                               ctypes.byref(self.vd),
  83                                               ctypes.byref(error))
  84
  85     def retrieve(self, cert, chain):
  86         """Retrieve VOMS credentials from a certificate and chain."""
  87
  88         self.error = ctypes.c_int32(0)
  89
  90         cert_ptr = ctypes.cast(long(cert._ptr()), ctypes.c_void_p)
  91         chain_ptr = ctypes.cast(long(chain._ptr()), ctypes.c_void_p)
  92
  93         res = self.VOMSApi.VOMS_Retrieve(cert_ptr,
  94                                          chain_ptr,
  95                                          0,
  96                                          ctypes.byref(self.vd),
  97                                          ctypes.byref(self.error))
  98         if res == 0:
  99             return None
 100         else:
 101             return self.vd.data.contents.contents
 102
 103     def __exit__(self, type, value, tb):
 104         self.VOMSApi.VOMS_Destroy(ctypes.byref(self.vd))