Back to index

nordugrid-arc-nox  1.1.0~rc6
test.cpp
Go to the documentation of this file.
00001 #ifdef HAVE_CONFIG_H
00002 #include <config.h>
00003 #endif
00004 
00005 #include <string>
00006 #include <iostream>
00007 #include <fstream>
00008 
00009 #include <arc/XMLNode.h>
00010 #include <arc/Logger.h>
00011 #include <arc/credential/Credential.h>
00012 
00013 int main(void) {
00014   Arc::LogStream cdest(std::cerr);
00015   Arc::Logger::getRootLogger().addDestination(cdest);
00016   Arc::Logger::getRootLogger().setThreshold(Arc::VERBOSE);
00017 
00018   std::string cert("./cert.pem");
00019   std::string key("./key.pem");
00020   std::string cafile("./ca.pem");
00021   Arc::XMLNode policy_nd("\
00022     <Policy\
00023       xmlns=\"http://www.nordugrid.org/ws/schemas/policy-arc\"\
00024       PolicyId='sm-example:policy1'\
00025       CombiningAlg='Deny-Overrides'>\
00026      <Rule RuleId='rule1' Effect='Permit'>\
00027       <Description>\
00028          Sample Permit rule for Storage_manager service \
00029       </Description>\
00030       <Subjects>\
00031          <Subject Type='string'>/O=NorduGrid/OU=UIO/CN=test</Subject>\
00032          <Subject Type='string'>/vo.knowarc/usergroupA</Subject>\
00033          <Subject>\
00034             <Attribute Type='string'>/O=Grid/OU=KnowARC/CN=XYZ</Attribute>\
00035             <Attribute Type='string'>urn:mace:shibboleth:examples</Attribute>\
00036          </Subject>\
00037       </Subjects>\
00038       <Resources>\
00039          <Resource Type='string'>file://home/test</Resource>\
00040       </Resources>\
00041       <Actions Type='string'>\
00042          <Action>read</Action>\
00043          <Action>stat</Action>\
00044          <Action>list</Action>\
00045       </Actions>\
00046       <Conditions>\
00047          <Condition Type='period'>2007-09-10T20:30:20/P1Y1M</Condition>\
00048       </Conditions>\
00049      </Rule>\
00050     </Policy>");
00051   std::string policy;
00052   policy_nd.GetXML(policy);
00053 
00054 
00055   /************************************/
00056   //Request side
00057   Arc::Time t;
00058   std::string req_string;
00059   Arc::Credential request(t, Arc::Period(24*3600), 1024, "rfc");
00060   request.GenerateRequest(req_string);
00061   std::cout<<"Certificate request: "<<req_string<<std::endl;
00062 
00063   //Signing side
00064   std::string out_string;
00065   Arc::Credential proxy;
00066   Arc::Credential signer(cert, key, "", cafile);
00067   proxy.InquireRequest(req_string);
00068   //Put an example Arc policy as the extension of proxy certificate
00069   std::string oid("1.3.6.1.5.5.7.1.21");
00070   std::string sn("arcpolicy");
00071   proxy.AddCertExtObj(sn, oid);
00072   proxy.AddExtension("arcpolicy", policy, true);
00073   signer.SignRequest(&proxy, out_string); //The signer will send the signed certificate to request side
00074 
00075   //Back to request side, compose the signed proxy certificate, local private key,
00076   //and signing certificate into one file.
00077   std::string private_key, signing_cert, signing_certchain;
00078   request.OutputPrivatekey(private_key);
00079   signer.OutputCertificate(signing_cert);
00080   signer.OutputCertificateChain(signing_certchain);
00081   out_string.append(private_key);
00082   out_string.append(signing_cert);
00083   out_string.append(signing_certchain);
00084 
00085   //Output into a file
00086   std::string proxy_file("proxy.pem");
00087   std::ofstream out_f(proxy_file.c_str());
00088   out_f.write(out_string.c_str(), out_string.size());
00089   out_f.close();
00090 
00091   /*************************************/
00092   //Request side
00093   Arc::Time t1;
00094   std::string req_string1;
00095   Arc::Credential request1(t1, Arc::Period(24*3600), 1024, "rfc");
00096   request1.GenerateRequest(req_string1);
00097   std::cout<<"Certificate request: "<<req_string1<<std::endl;
00098 
00099   //Signing side
00100   std::string out_string1;
00101   Arc::Credential proxy1;
00102   Arc::Credential signer1(proxy_file, "", "", cafile); //use the existing proxy as the signer
00103   proxy1.InquireRequest(req_string1);
00104   std::string oid1("1.3.6.1.5.5.7.1.21");
00105   std::string sn1("arcpolicy");
00106   proxy.AddCertExtObj(sn1, oid1);
00107   signer1.SignRequest(&proxy1, out_string1); //The signer will send the signed certificate to request side
00108 
00109   //Back to request side, compose the signed proxy certificate, local private key,
00110   //and signing certificate into one file.
00111   std::string private_key1, signing_cert1, signing_certchain1;
00112   request1.OutputPrivatekey(private_key1);
00113   signer1.OutputCertificate(signing_cert1);
00114   signer1.OutputCertificateChain(signing_certchain1);
00115   out_string1.append(private_key1);
00116   out_string1.append(signing_cert1);
00117   out_string1.append(signing_certchain1);
00118 
00119   //Output into a file
00120   std::string proxy_file1("proxy1.pem");
00121   std::ofstream out_f1(proxy_file1.c_str());
00122   out_f1.write(out_string1.c_str(), out_string1.size());
00123   out_f1.close();
00124 
00125 }
00126