[Planetlab-devel] Re: question about certificates in SFA
Giovanni.Gherdovich at sophia.inria.fr
Giovanni.Gherdovich at sophia.inria.fr
Thu Jul 8 04:21:46 EDT 2010
Dear Tony,
thank you for your reply.
Tony Mack wrote:
> Hi Giovanni,
>
> [...]
> When a Certifiacate or Gid object returns a keypair object, they are really just returning the public key.
Uhm.
But when, in the code below, I read
certificate.is_pubkey(gid.get_pubkey()) ,
and the implementation of "is_pubkey" is
---------------8<-------------------------------------
def is_pubkey(self, pkey):
return self.get_pubkey().is_same(pkey)
---------------8<-------------------------------------
which leads to the "get_pubkey" method from
sfa.trust.certificate.Keypair
---------------8<-------------------------------------
def is_same(self, pkey):
return self.as_pem() == pkey.as_pem()
---------------8<-------------------------------------
where "as_pem" gives the private key.
So it looks like the privare keys from the
Keypair member of the certificates are compared.
Am I wrong?
Cheers,
Giovanni
> ----- Original Message -----
> From: "Giovanni Gherdovich" <Giovanni.Gherdovich at sophia.inria.fr>
> [...]
>
> here is some pseudo-code freely inspired by
> sfa/methods/get_self_credential.py
>
> ------------8<--------------------------------------------------------
> class get_self_credential(Method):
> [...]
> def call(self, cert, type, xrn):
> [...]
> gid = # get the gid from (type, xrn), i.e. ('user', 'plc.joe')
> [...]
> certificate = # get the certificate from the input arg /cert/
> if not certificate.is_pubkey(gid.get_pubkey()):
> raise ConnectionKeyGIDMismatch(gid.get_subject())
>
> return manager.get_credential(self.api, xrn, type, is_self=True)
> ------------8<--------------------------------------------------------
>
More information about the Devel
mailing list