00001 #ifndef __ARC_VOMSUTIL_H__
00002 #define __ARC_VOMSUTIL_H__
00003
00004 #include <vector>
00005 #include <string>
00006
00007 #include <arc/ArcRegex.h>
00008 #include <arc/credential/VOMSAttribute.h>
00009 #include <arc/credential/Credential.h>
00010
00011 namespace Arc {
00012
00013 typedef std::vector<std::string> VOMSTrustChain;
00014
00015 typedef std::string VOMSTrustRegex;
00016
00017 class VOMSACInfo {
00018 public:
00019
00020 typedef enum {
00021 Success = 0,
00022 CAUnknown = (1<<0),
00023 CertRevoked = (1<<1),
00024 LSCFailed = (1<<2),
00025 TrustFailed = (1<<2),
00026 X509ParsingFailed = (1<<3),
00027 ACParsingFailed = (1<<4),
00028 InternalParsingFailed = (1<<5),
00029 TimeValidFailed = (1<<6),
00030 IsCritical = (1<<7),
00031 ParsingError = (X509ParsingFailed | ACParsingFailed | InternalParsingFailed),
00032 ValidationError = (CAUnknown | CertRevoked | LSCFailed | TrustFailed | TimeValidFailed),
00033 Error = (0xffff & ~IsCritical)
00034 } status_t;
00035 std::string voname;
00036 std::string holder;
00037 std::string issuer;
00038 std::string target;
00039 std::vector<std::string> attributes;
00040 Time from;
00041 Time till;
00042
00043 unsigned int status;
00044 VOMSACInfo(void):from(-1),till(-1),status(0) { };
00045 };
00046
00048 class VOMSTrustList {
00049 private:
00050 std::vector<VOMSTrustChain> chains_;
00051 std::vector<RegularExpression*> regexs_;
00052 public:
00053 VOMSTrustList(void) { };
00089 VOMSTrustList(const std::vector<std::string>& encoded_list);
00092 VOMSTrustList(const std::vector<VOMSTrustChain>& chains,const std::vector<VOMSTrustRegex>& regexs);
00093 ~VOMSTrustList(void);
00112 VOMSTrustChain& AddChain(const VOMSTrustChain& chain);
00114 VOMSTrustChain& AddChain(void);
00115 void AddElement(const std::vector<std::string>& encoded_list);
00120 RegularExpression& AddRegex(const VOMSTrustRegex& reg);
00121 int SizeChains(void) const { return chains_.size(); };
00122 int SizeRegexs(void) const { return regexs_.size(); };
00123 const VOMSTrustChain& GetChain(int num) const { return chains_[num]; };
00124 const RegularExpression& GetRegex(int num) const { return *(regexs_[num]); };
00125 };
00126
00127 void InitVOMSAttribute(void);
00128
00129
00130
00131
00132
00133
00134
00135
00136
00137
00138
00139
00140
00141
00142
00143
00144
00145
00146
00147
00148
00149
00150
00151
00152
00153
00154
00155
00156
00157
00158
00159
00160
00168 bool createVOMSAC(std::string& codedac, Credential& issuer_cred,
00169 Credential& holder_cred,
00170 std::vector<std::string> &fqan,
00171 std::vector<std::string> &targets,
00172 std::vector<std::string>& attributes,
00173 std::string &voname, std::string &uri, int lifetime);
00174
00181 bool addVOMSAC(ArcCredential::AC** &aclist, std::string &acorder, std::string &decodedac);
00182
00237 bool parseVOMSAC(X509* holder,
00238 const std::string& ca_cert_dir,
00239 const std::string& ca_cert_file,
00240 const std::string& vomsdir,
00241 VOMSTrustList& vomscert_trust_dn,
00242 std::vector<VOMSACInfo>& output,
00243 bool verify = true, bool reportall = false);
00244
00247 bool parseVOMSAC(const Credential& holder_cred,
00248 const std::string& ca_cert_dir,
00249 const std::string& ca_cert_file,
00250 const std::string& vomsdir,
00251 VOMSTrustList& vomscert_trust_dn,
00252 std::vector<VOMSACInfo>& output,
00253 bool verify = true, bool reportall = false);
00254
00257 char *VOMSDecode(const char *data, int size, int *j);
00258
00269 std::string getCredentialProperty(const Arc::Credential& u, const std::string& property,
00270 const std::string& ca_cert_dir = std::string(""),
00271 const std::string& ca_cert_file = std::string(""),
00272 const std::string& vomsdir = std::string(""),
00273 const std::vector<std::string>& voms_trust_list = std::vector<std::string>());
00274
00275 std::string VOMSFQANToFull(const std::string& vo, const std::string& fqan);
00276
00277 }
00278
00279 #endif
00280