Package AccessGrid :: Package Security :: Module CertificateRepository :: Class CertificateRepository
[show private | hide private]
[frames | no frames]

Class CertificateRepository


Method Summary
  __init__(self, repoDir, create)
Create the repository.
  CreateCertificateRequest(self, nameEntries, passphraseCB, keyType, bits, messageDigest, extensions)
Create a new certificate request and store it in the repository.
  FindCertificateRequests(self, pred)
Return a list of certificate requests for which pred(req) returns true.
  FindCertificateRequestsWithMetadata(self, mdkey, mdvalue)
  FindCertificateRequestsWithSubject(self, subj)
  FindCertificates(self, pred)
Return a list of certificates for which pred(cert) returns true.
  FindCertificatesWithIssuer(self, issuer)
  FindCertificatesWithMetadata(self, mdkey, mdvalue)
  FindCertificatesWithSubject(self, subj)
  GetAllCertificateRequests(self)
  GetAllCertificates(self)
  GetMetadata(self, key)
  GetPrivatekeyMetadata(self, modulus, key)
  GetPrivateKeyPath(self, hash)
  ImportCertificatePEM(self, certFile, keyFile, passphraseCB)
Import a PEM-formatted certificate from certFile.
  ImportCertificateX509(self, certobj, pkey, passphraseCB)
Import a PEM-formatted certificate from OpenSSL X509 data structure cert, optional PKey data structre in pkey.
  ImportRequestedCertificate(self, certFile, passphraseCB)
Import a certificate that we earlier issued a request for.
  LockMetadata(self)
Lock the metadata in the repo.
  NotifyObservers(self)
Send a notification to the observers.
  RecoverCert(self, path, recoveryState)
Recover certificate information for the repo db.
  RecoverFromDirectory(self)
Attempt to recover a repository index from the flat-files in the repository.
  RecoverPrivateKey(self, hash, path)
Recover privatekey information for the repo db.
  RegisterObserver(self, observer)
Register an observer with the cert repo.
  RemoveCertificate(self, cert, retainPrivateKey)
Remove the specificed certificate from the repository.
  RemoveCertificateRequest(self, req)
Remove the specificed certificate request from the repository.
  SetMetadata(self, key, value)
  SetPrivatekeyMetadata(self, modulus, key, value)
  UnlockMetadata(self)
Unlock the metadata in the repo.
  UnregisterObserver(self, observer)
Unregister an observer from the cert repo.

Class Variable Summary
int KEYTYPE_DSA = 116                                                                   
int KEYTYPE_RSA = 6                                                                     
list validNameComponents = ['cn', 'c', 'l', 'st', 'o', 'ou', ...

Method Details

__init__(self, repoDir, create=0)
(Constructor)

Create the repository.
Parameters:
repoDir - directory in which to store certificates.
create - true if we should create the repository

CreateCertificateRequest(self, nameEntries, passphraseCB, keyType=6, bits=1024, messageDigest='md5', extensions=None)

Create a new certificate request and store it in the repository. Returns a CertificateRequestDescriptor for that request.

nameEntries is a list of pairs (key, value) where key is a standard distinguished name key, and value is the value to be used for that key.

extensions is a list of triples (name, critical, value) to be used to set the requests extensions. If passed in as none, a useful default set of extensions will be used.

FindCertificateRequests(self, pred)

Return a list of certificate requests for which pred(req) returns true.

FindCertificates(self, pred)

Return a list of certificates for which pred(cert) returns true.

ImportCertificatePEM(self, certFile, keyFile=None, passphraseCB=None)

Import a PEM-formatted certificate from certFile.

If keyFile is not None, load it as a private key for cert.

We don't currently inspect the key itself to ensure it matches the certificate, as that may require a passphrase.

ImportCertificateX509(self, certobj, pkey=None, passphraseCB=None)

Import a PEM-formatted certificate from OpenSSL X509 data structure cert, optional PKey data structre in pkey.

ImportRequestedCertificate(self, certFile, passphraseCB=None)

Import a certificate that we earlier issued a request for.

LockMetadata(self)

Lock the metadata in the repo. If metadata is locked, any attempts to call SetMetadata will fail.

NotifyObservers(self)

Send a notification to the observers.

RecoverCert(self, path, recoveryState)

Recover certificate information for the repo db.
Parameters:
path - pathname ot the certificate being recovered

RecoverFromDirectory(self)

Attempt to recover a repository index from the flat-files in the repository.

RecoverPrivateKey(self, hash, path)

Recover privatekey information for the repo db.

RegisterObserver(self, observer)

Register an observer with the cert repo.
Parameters:
observer - a callable object which will be invoked with a single argument, a handle to this repo.

RemoveCertificate(self, cert, retainPrivateKey=0)

Remove the specificed certificate from the repository.

RemoveCertificateRequest(self, req)

Remove the specificed certificate request from the repository.

UnlockMetadata(self)

Unlock the metadata in the repo.

UnregisterObserver(self, observer)

Unregister an observer from the cert repo.
Parameters:
observer - The observer to be removed.

Class Variable Details

KEYTYPE_DSA

Type:
int
Value:
116                                                                   

KEYTYPE_RSA

Type:
int
Value:
6                                                                     

validNameComponents

Type:
list
Value:
['cn', 'c', 'l', 'st', 'o', 'ou', 'emailaddress']                      

Generated by Epydoc 2.1 on Thu Apr 14 16:39:31 2005 http://epydoc.sf.net