/snfOCCI/snf_voms/voms_helper.py - Annotate - snf-occi - Greek Research and Technology Network's projects

nasia

# Copyright 2012 Spanish National Research Council

2

fe35958e

nasia

3

fe35958e

nasia

# Licensed under the Apache License, Version 2.0 (the "License"); you may

4

fe35958e

nasia

# not use this file except in compliance with the License. You may obtain

5

fe35958e

nasia

# a copy of the License at

6

fe35958e

nasia

7

fe35958e

nasia

#      http://www.apache.org/licenses/LICENSE-2.0

8

fe35958e

nasia

9

fe35958e

nasia

# Unless required by applicable law or agreed to in writing, software

10

fe35958e

nasia

# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT

11

fe35958e

nasia

# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the

12

fe35958e

nasia

# License for the specific language governing permissions and limitations

13

fe35958e

nasia

# under the License.

14

fe35958e

nasia

15

fe35958e

nasia

import ctypes

16

fe35958e

nasia

18

fe35958e

nasia

19

fe35958e

nasia

20

fe35958e

nasia

class _voms(ctypes.Structure):

21

fe35958e

nasia

    _fields_ = [

22

fe35958e

nasia

        ("siglen", ctypes.c_int32),

23

fe35958e

nasia

        ("signature", ctypes.c_char_p),

24

fe35958e

nasia

        ("user", ctypes.c_char_p),

25

fe35958e

nasia

        ("userca", ctypes.c_char_p),

26

fe35958e

nasia

        ("server", ctypes.c_char_p),

27

fe35958e

nasia

        ("serverca", ctypes.c_char_p),

28

fe35958e

nasia

        ("voname", ctypes.c_char_p),

29

fe35958e

nasia

        ("uri", ctypes.c_char_p),

30

fe35958e

nasia

        ("date1", ctypes.c_char_p),

31

fe35958e

nasia

        ("date2", ctypes.c_char_p),

32

fe35958e

nasia

        ("type", ctypes.c_int32),

33

fe35958e

nasia

        ("std", ctypes.c_void_p),

34

fe35958e

nasia

        ("custom", ctypes.c_char_p),

35

fe35958e

nasia

        ("datalen", ctypes.c_int32),

36

fe35958e

nasia

        ("version", ctypes.c_int32),

37

fe35958e

nasia

        ("fqan", ctypes.POINTER(ctypes.c_char_p)),

38

fe35958e

nasia

        ("serial", ctypes.c_char_p),

39

fe35958e

nasia

        ("ac", ctypes.c_void_p),

40

fe35958e

nasia

        ("holder", ctypes.c_void_p),

41

fe35958e

nasia

42

fe35958e

nasia

43

fe35958e

nasia

44

fe35958e

nasia

class _vomsdata(ctypes.Structure):

45

fe35958e

nasia

    _fields_ = [

46

fe35958e

nasia

        ("cdir", ctypes.c_char_p),

47

fe35958e

nasia

        ("vdir", ctypes.c_char_p),

48

fe35958e

nasia

        ("data", ctypes.POINTER(ctypes.POINTER(_voms))),

49

fe35958e

nasia

        ("workvo", ctypes.c_char_p),

50

fe35958e

nasia

        ("extra_data", ctypes.c_char_p),

51

fe35958e

nasia

        ("volen", ctypes.c_int32),

52

fe35958e

nasia

        ("extralen", ctypes.c_int32),

53

fe35958e

nasia

        ("real", ctypes.c_void_p),

54

fe35958e

nasia

55

fe35958e

nasia

56

fe35958e

nasia

57

fe35958e

nasia

class VOMS(object):

58

fe35958e

nasia

    """Context Manager for VOMS handling"""

59

fe35958e

nasia

60

fe35958e

nasia

    def __init__(self, vomsdir_path, ca_path, vomsapi_lib):

61

fe35958e

nasia

        self.VOMSApi = ctypes.CDLL(vomsapi_lib)

62

fe35958e

nasia

        self.VOMSApi.VOMS_Init.restype = ctypes.POINTER(_vomsdata)

63

fe35958e

nasia

64

fe35958e

nasia

        self.VOMSDIR = vomsdir_path

65

fe35958e

nasia

        self.CADIR = ca_path

66

fe35958e

nasia

67

fe35958e

nasia

        self.vd = None

68

fe35958e

nasia

69

fe35958e

nasia

    def __enter__(self):

70

fe35958e

nasia

        self.vd = self.VOMSApi.VOMS_Init(self.VOMSDIR, self.CADIR).contents

71

fe35958e

nasia

        return self

72

fe35958e

nasia

73

fe35958e

nasia

    def set_no_verify(self):

74

fe35958e

nasia

        """Skip verification of AC.

75

fe35958e

nasia

76

fe35958e

nasia

        This method skips the AC signature verification, this it should

77

fe35958e

nasia

        only be used for debugging and tests.

78

fe35958e

nasia

"""

79

fe35958e

nasia

80

fe35958e

nasia

        error = ctypes.c_int32(0)

81

fe35958e

nasia

        self.VOMSApi.VOMS_SetVerificationType(0x040,

82

fe35958e

nasia

                                              ctypes.byref(self.vd),

83

fe35958e

nasia

                                              ctypes.byref(error))

84

fe35958e

nasia

85

fe35958e

nasia

    def retrieve(self, cert, chain):

86

fe35958e

nasia

        """Retrieve VOMS credentials from a certificate and chain."""

87

fe35958e

nasia

88

fe35958e

nasia

        self.error = ctypes.c_int32(0)

89

fe35958e

nasia

90

fe35958e

nasia

        cert_ptr = ctypes.cast(long(cert._ptr()), ctypes.c_void_p)

91

fe35958e

nasia

        chain_ptr = ctypes.cast(long(chain._ptr()), ctypes.c_void_p)

92

fe35958e

nasia

93

fe35958e

nasia

        res = self.VOMSApi.VOMS_Retrieve(cert_ptr,

94

fe35958e

nasia

                                         chain_ptr,

95

fe35958e

nasia

0,

96

fe35958e

nasia

                                         ctypes.byref(self.vd),

97

fe35958e

nasia

                                         ctypes.byref(self.error))

98

fe35958e

nasia

        if res == 0:

99

fe35958e

nasia

            return None

100

fe35958e

nasia

        else:

101

fe35958e

nasia

            return self.vd.data.contents.contents

102

fe35958e

nasia

103

fe35958e

nasia

    def __exit__(self, type, value, tb):

104

fe35958e

nasia

        self.VOMSApi.VOMS_Destroy(ctypes.byref(self.vd))

Synnefo » snf-occi

root / snfOCCI / snf_voms / voms_helper.py @ f25a4623

1	fe35958e	nasia	# Copyright 2012 Spanish National Research Council
2	fe35958e	nasia	#
3	fe35958e	nasia	# Licensed under the Apache License, Version 2.0 (the "License"); you may
4	fe35958e	nasia	# not use this file except in compliance with the License. You may obtain
5	fe35958e	nasia	# a copy of the License at
6	fe35958e	nasia	#
7	fe35958e	nasia	# http://www.apache.org/licenses/LICENSE-2.0
8	fe35958e	nasia	#
9	fe35958e	nasia	# Unless required by applicable law or agreed to in writing, software
10	fe35958e	nasia	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11	fe35958e	nasia	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12	fe35958e	nasia	# License for the specific language governing permissions and limitations
13	fe35958e	nasia	# under the License.
14	fe35958e	nasia
15	fe35958e	nasia	import ctypes
16	fe35958e	nasia
17	f25a4623	nasia	import M2Crypto
18	fe35958e	nasia
19	fe35958e	nasia
20	fe35958e	nasia	class _voms(ctypes.Structure):
21	fe35958e	nasia	_fields_ = [
22	fe35958e	nasia	("siglen", ctypes.c_int32),
23	fe35958e	nasia	("signature", ctypes.c_char_p),
24	fe35958e	nasia	("user", ctypes.c_char_p),
25	fe35958e	nasia	("userca", ctypes.c_char_p),
26	fe35958e	nasia	("server", ctypes.c_char_p),
27	fe35958e	nasia	("serverca", ctypes.c_char_p),
28	fe35958e	nasia	("voname", ctypes.c_char_p),
29	fe35958e	nasia	("uri", ctypes.c_char_p),
30	fe35958e	nasia	("date1", ctypes.c_char_p),
31	fe35958e	nasia	("date2", ctypes.c_char_p),
32	fe35958e	nasia	("type", ctypes.c_int32),
33	fe35958e	nasia	("std", ctypes.c_void_p),
34	fe35958e	nasia	("custom", ctypes.c_char_p),
35	fe35958e	nasia	("datalen", ctypes.c_int32),
36	fe35958e	nasia	("version", ctypes.c_int32),
37	fe35958e	nasia	("fqan", ctypes.POINTER(ctypes.c_char_p)),
38	fe35958e	nasia	("serial", ctypes.c_char_p),
39	fe35958e	nasia	("ac", ctypes.c_void_p),
40	fe35958e	nasia	("holder", ctypes.c_void_p),
41	fe35958e	nasia	]
42	fe35958e	nasia
43	fe35958e	nasia
44	fe35958e	nasia	class _vomsdata(ctypes.Structure):
45	fe35958e	nasia	_fields_ = [
46	fe35958e	nasia	("cdir", ctypes.c_char_p),
47	fe35958e	nasia	("vdir", ctypes.c_char_p),
48	fe35958e	nasia	("data", ctypes.POINTER(ctypes.POINTER(_voms))),
49	fe35958e	nasia	("workvo", ctypes.c_char_p),
50	fe35958e	nasia	("extra_data", ctypes.c_char_p),
51	fe35958e	nasia	("volen", ctypes.c_int32),
52	fe35958e	nasia	("extralen", ctypes.c_int32),
53	fe35958e	nasia	("real", ctypes.c_void_p),
54	fe35958e	nasia	]
55	fe35958e	nasia
56	fe35958e	nasia
57	fe35958e	nasia	class VOMS(object):
58	fe35958e	nasia	"""Context Manager for VOMS handling"""
59	fe35958e	nasia
60	fe35958e	nasia	def __init__(self, vomsdir_path, ca_path, vomsapi_lib):
61	fe35958e	nasia	self.VOMSApi = ctypes.CDLL(vomsapi_lib)
62	fe35958e	nasia	self.VOMSApi.VOMS_Init.restype = ctypes.POINTER(_vomsdata)
63	fe35958e	nasia
64	fe35958e	nasia	self.VOMSDIR = vomsdir_path
65	fe35958e	nasia	self.CADIR = ca_path
66	fe35958e	nasia
67	fe35958e	nasia	self.vd = None
68	fe35958e	nasia
69	fe35958e	nasia	def __enter__(self):
70	fe35958e	nasia	self.vd = self.VOMSApi.VOMS_Init(self.VOMSDIR, self.CADIR).contents
71	fe35958e	nasia	return self
72	fe35958e	nasia
73	fe35958e	nasia	def set_no_verify(self):
74	fe35958e	nasia	"""Skip verification of AC.
75	fe35958e	nasia
76	fe35958e	nasia	This method skips the AC signature verification, this it should
77	fe35958e	nasia	only be used for debugging and tests.
78	fe35958e	nasia	"""
79	fe35958e	nasia
80	fe35958e	nasia	error = ctypes.c_int32(0)
81	fe35958e	nasia	self.VOMSApi.VOMS_SetVerificationType(0x040,
82	fe35958e	nasia	ctypes.byref(self.vd),
83	fe35958e	nasia	ctypes.byref(error))
84	fe35958e	nasia
85	fe35958e	nasia	def retrieve(self, cert, chain):
86	fe35958e	nasia	"""Retrieve VOMS credentials from a certificate and chain."""
87	fe35958e	nasia
88	fe35958e	nasia	self.error = ctypes.c_int32(0)
89	fe35958e	nasia
90	fe35958e	nasia	cert_ptr = ctypes.cast(long(cert._ptr()), ctypes.c_void_p)
91	fe35958e	nasia	chain_ptr = ctypes.cast(long(chain._ptr()), ctypes.c_void_p)
92	fe35958e	nasia
93	fe35958e	nasia	res = self.VOMSApi.VOMS_Retrieve(cert_ptr,
94	fe35958e	nasia	chain_ptr,
95	fe35958e	nasia	0,
96	fe35958e	nasia	ctypes.byref(self.vd),
97	fe35958e	nasia	ctypes.byref(self.error))
98	fe35958e	nasia	if res == 0:
99	fe35958e	nasia	return None
100	fe35958e	nasia	else:
101	fe35958e	nasia	return self.vd.data.contents.contents
102	fe35958e	nasia
103	fe35958e	nasia	def __exit__(self, type, value, tb):
104	fe35958e	nasia	self.VOMSApi.VOMS_Destroy(ctypes.byref(self.vd))