summaryrefslogtreecommitdiffstats
path: root/keystonemiddleware-moon/examples/pki/gen_cmsz.py
blob: 6840c08e5e458e07c86368edcb74dd7d34ff6923 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#!/usr/bin/python

# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

import json
import os

from keystoneclient.common import cms
from keystoneclient import utils

CURRENT_DIR = os.path.abspath(os.path.dirname(__file__))


def make_filename(*args):
    return os.path.join(CURRENT_DIR, *args)


def generate_revocation_list():
    REVOKED_TOKENS = ['auth_token_revoked', 'auth_v3_token_revoked']
    revoked_list = []
    for token in REVOKED_TOKENS:
        with open(make_filename('cms', '%s.pkiz' % name), 'r') as f:
            token_data = f.read()
            id = utils.hash_signed_token(token_data.encode('utf-8'))
            revoked_list.append({
                'id': id,
                "expires": "2112-08-14T17:58:48Z"
            })
        with open(make_filename('cms', '%s.pem' % name), 'r') as f:
            pem_data = f.read()
            token_data = cms.cms_to_token(pem_data).encode('utf-8')
            id = utils.hash_signed_token(token_data)
            revoked_list.append({
                'id': id,
                "expires": "2112-08-14T17:58:48Z"
            })
    revoked_json = json.dumps({"revoked": revoked_list})
    with open(make_filename('cms', 'revocation_list.json'), 'w') as f:
        f.write(revoked_json)
    encoded = cms.pkiz_sign(revoked_json,
                            SIGNING_CERT_FILE_NAME,
                            SIGNING_KEY_FILE_NAME)
    with open(make_filename('cms', 'revocation_list.pkiz'), 'w') as f:
        f.write(encoded)

    encoded = cms.cms_sign_data(revoked_json,
                                SIGNING_CERT_FILE_NAME,
                                SIGNING_KEY_FILE_NAME)
    with open(make_filename('cms', 'revocation_list.pem'), 'w') as f:
        f.write(encoded)


CA_CERT_FILE_NAME = make_filename('certs', 'cacert.pem')
SIGNING_CERT_FILE_NAME = make_filename('certs', 'signing_cert.pem')
SIGNING_KEY_FILE_NAME = make_filename('private', 'signing_key.pem')
EXAMPLE_TOKENS = ['auth_token_revoked',
                  'auth_token_unscoped',
                  'auth_token_scoped',
                  'auth_token_scoped_expired',
                  'auth_v3_token_scoped',
                  'auth_v3_token_revoked']


# Helper script to generate the sample data for testing
# the signed tokens using the existing JSON data for the
# MII-prefixed tokens.  Uses the keys and certificates
# generated in gen_pki.sh.
def generate_der_form(name):
    derfile = make_filename('cms', '%s.der' % name)
    with open(derfile, 'w') as f:
        derform = cms.cms_sign_data(text,
                                    SIGNING_CERT_FILE_NAME,
                                    SIGNING_KEY_FILE_NAME, cms.PKIZ_CMS_FORM)
        f.write(derform)

for name in EXAMPLE_TOKENS:
    json_file = make_filename('cms', name + '.json')
    pkiz_file = make_filename('cms', name + '.pkiz')
    with open(json_file, 'r') as f:
        string_data = f.read()

    # validate the JSON
    try:
        token_data = json.loads(string_data)
    except ValueError as v:
        raise SystemExit('%s while processing token data from %s: %s' %
                         (v, json_file, string_data))

    text = json.dumps(token_data).encode('utf-8')

    # Uncomment to record the token uncompressed,
    # useful for debugging
    # generate_der_form(name)

    encoded = cms.pkiz_sign(text,
                            SIGNING_CERT_FILE_NAME,
                            SIGNING_KEY_FILE_NAME)

    # verify before writing
    cms.pkiz_verify(encoded,
                    SIGNING_CERT_FILE_NAME,
                    CA_CERT_FILE_NAME)

    with open(pkiz_file, 'w') as f:
        f.write(encoded)

    generate_revocation_list()
al.Number.Integer.Long */ }
{
  "id": 16,
  "title": "Yardstick-TC027",
  "originalTitle": "Yardstick-TC027",
  "tags": [
    "yardstick-tc"
  ],
  "style": "dark",
  "timezone": "browser",
  "editable": true,
  "hideControls": false,
  "sharedCrosshair": false,
  "rows": [
    {
      "collapse": false,
      "editable": true,
      "height": "25px",
      "panels": [
        {
          "content": "<h5 style=\"font-family:Verdana\"> <a style=\"color:#31A7D3\"><center>OPNFV_Yardstick_TC027 - Network latency (Ping6)</center> </a></h5>\n<center>\n<p>Evaluation of network latency (RTT - round trip time) between two VM instances running on different physical blades.\nFor more information see <a style=\"color:#31A7D3\"; href=\"http://artifacts.opnfv.org/yardstick/brahmaputra/docs/userguide/opnfv_yardstick_tc027.html\">TC027</a></p>\n</center>",
          "editable": true,
          "error": false,
          "id": 2,
          "isNew": true,
          "links": [],
          "mode": "html",
          "span": 12,
          "style": {},
          "title": "",
          "type": "text"
        }
      ],
      "title": "New row"
    },
    {
      "collapse": false,
      "editable": true,
      "height": "25px",
      "panels": [
        {
          "content": "",
          "editable": true,
          "error": false,
          "id": 1,
          "isNew": true,
          "links": [],
          "mode": "markdown",
          "span": 12,
          "style": {},
          "title": "Test Case Execution",
          "type": "text"
        }
      ],
      "title": "Row"
    },
    {
      "collapse": false,
      "editable": true,
      "height": "250px",
      "panels": [
        {
          "aliasColors": {},
          "bars": false,
          "datasource": "yardstick-vtc",
          "editable": true,
          "error": false,
          "fill": 1,
          "grid": {
            "leftLogBase": 1,
            "leftMax": null,
            "leftMin": null,
            "rightLogBase": 1,
            "rightMax": null,
            "rightMin": null,
            "threshold1": null,
            "threshold1Color": "rgba(216, 200, 27, 0.27)",
            "threshold2": null,
            "threshold2Color": "rgba(234, 112, 112, 0.22)"
          },
          "id": 4,
          "isNew": true,
          "leftYAxisLabel": "RTT (ms)",
          "legend": {
            "avg": false,
            "current": false,
            "max": false,
            "min": false,
            "show": true,
            "total": false,
            "values": false
          },
          "lines": true,
          "linewidth": 2,
          "links": [],
          "nullPointMode": "connected",
          "percentage": false,
          "pointradius": 5,
          "points": true,
          "renderer": "flot",
          "seriesOverrides": [],
          "span": 12,
          "stack": false,
          "steppedLine": false,
          "targets": [
            {
              "alias": "",
              "dsType": "influxdb",
              "groupBy": [
                {
                  "type": "tag",
                  "params": [
                    "deploy_scenario"
                  ]
                },
                {
                  "type": "tag",
                  "params": [
                    "installer"
                  ]
                }
              ],
              "measurement": "opnfv_yardstick_tc027",
              "query": "SELECT \"rtt\" FROM \"opnfv_yardstick_tc027\" WHERE \"pod_name\" = 'huawei-pod1' AND \"deploy_scenario\" = 'os-nosdn-nofeature-ha' AND $timeFilter GROUP BY \"deploy_scenario\", \"installer\"",
              "refId": "A",
              "resultFormat": "time_series",
              "select": [
                [
                  {
                    "params": [
                      "rtt"
                    ],
                    "type": "field"
                  }
                ]
              ],
              "tags": [
                {
                  "key": "pod_name",
                  "operator": "=",
                  "value": "huawei-pod1"
                },
                {
                  "condition": "AND",
                  "key": "deploy_scenario",
                  "operator": "=",
                  "value": "os-nosdn-nofeature-ha"
                }
              ]
            }
          ],
          "timeFrom": "14d",
          "timeShift": null,
          "title": "RTT",
          "tooltip": {
            "shared": true,
            "value_type": "cumulative"
          },
          "type": "graph",
          "x-axis": true,
          "y-axis": true,
          "y_formats": [
            "short",
            "short"
          ]
        }
      ],
      "title": "New row"
    },
    {
      "collapse": false,
      "editable": true,
      "height": "25px",
      "panels": [
        {
          "content": "",
          "editable": true,
          "error": false,
          "id": 3,
          "isNew": true,
          "links": [],
          "mode": "markdown",
          "span": 12,
          "style": {},
          "title": "Daily Averages",
          "type": "text"
        }
      ],
      "title": "New row"
    },
    {
      "collapse": false,
      "editable": true,
      "height": "250px",
      "panels": [
        {
          "columns": [],
          "datasource": "yardstick-vtc",
          "editable": true,
          "error": false,
          "fontSize": "100%",
          "id": 5,
          "isNew": true,
          "links": [],
          "pageSize": null,
          "scroll": true,
          "showHeader": true,
          "sort": {
            "col": 0,
            "desc": true
          },
          "span": 12,
          "styles": [
            {
              "dateFormat": "YYYY-MM-DD HH:mm:ss",
              "pattern": "Time",
              "type": "date"
            },
            {
              "colorMode": null,
              "colors": [
                "rgba(245, 54, 54, 0.9)",
                "rgba(237, 129, 40, 0.89)",
                "rgba(50, 172, 45, 0.97)"
              ],
              "decimals": 2,
              "pattern": "/.*/",
              "thresholds": [],
              "type": "number",
              "unit": "short"
            }
          ],
          "targets": [
            {
              "alias": "$tag_pod_name - $tag_deploy_scenario",
              "dsType": "influxdb",
              "groupBy": [
                {
                  "params": [
                    "pod_name"
                  ],
                  "type": "tag"
                },
                {
                  "params": [
                    "deploy_scenario"
                  ],
                  "type": "tag"
                }
              ],
              "measurement": "opnfv_yardstick_tc027",
              "query": "SELECT \"rtt\" FROM \"opnfv_yardstick_tc027\" WHERE \"pod_name\" =~ /$POD$/ AND \"deploy_scenario\" =~ /$SCENARIO$/ AND $timeFilter GROUP BY \"pod_name\", \"deploy_scenario\"",
              "refId": "A",
              "resultFormat": "time_series",
              "select": [
                [
                  {
                    "params": [
                      "rtt"
                    ],
                    "type": "field"
                  }
                ]
              ],
              "tags": [
                {
                  "key": "pod_name",
                  "operator": "=~",
                  "value": "/$POD$/"
                },
                {
                  "condition": "AND",
                  "key": "deploy_scenario",
                  "operator": "=~",
                  "value": "/$SCENARIO$/"
                }
              ]
            }
          ],
          "timeFrom": "14d",
          "title": "$POD",
          "transform": "timeseries_to_rows",
          "type": "table"
        }
      ],
      "title": "New row"
    },
    {
      "collapse": false,
      "editable": true,
      "height": "250px",
      "panels": [
        {
          "aliasColors": {},
          "bars": false,
          "datasource": "yardstick-vtc",
          "editable": true,
          "error": false,
          "fill": 1,
          "grid": {
            "leftLogBase": 1,
            "leftMax": null,
            "leftMin": null,
            "rightLogBase": 1,
            "rightMax": null,
            "rightMin": null,
            "threshold1": null,
            "threshold1Color": "rgba(216, 200, 27, 0.27)",
            "threshold2": null,
            "threshold2Color": "rgba(234, 112, 112, 0.22)"
          },
          "id": 6,
          "isNew": true,
          "leftYAxisLabel": "RTT (ms)",
          "legend": {
            "avg": false,
            "current": false,
            "max": false,
            "min": false,
            "show": true,
            "total": false,
            "values": false
          },
          "lines": true,
          "linewidth": 2,
          "nullPointMode": "connected",
          "percentage": false,
          "pointradius": 5,
          "points": true,
          "renderer": "flot",
          "seriesOverrides": [],
          "span": 12,
          "stack": false,
          "steppedLine": false,
          "targets": [
            {
              "alias": "$tag_pod_name - $tag_deploy_scenario",
              "dsType": "influxdb",
              "groupBy": [
                {
                  "params": [
                    "pod_name"
                  ],
                  "type": "tag"
                },
                {
                  "params": [
                    "deploy_scenario"
                  ],
                  "type": "tag"
                }
              ],
              "measurement": "opnfv_yardstick_tc027",
              "query": "SELECT \"rtt\" FROM \"opnfv_yardstick_tc027\" WHERE \"pod_name\" =~ /$POD$/ AND \"deploy_scenario\" =~ /$SCENARIO$/ AND $timeFilter GROUP BY \"pod_name\", \"deploy_scenario\"",
              "refId": "A",
              "resultFormat": "time_series",
              "select": [
                [
                  {
                    "params": [
                      "rtt"
                    ],
                    "type": "field"
                  }
                ]
              ],
              "tags": [
                {
                  "key": "pod_name",
                  "operator": "=~",
                  "value": "/$POD$/"
                },
                {
                  "condition": "AND",
                  "key": "deploy_scenario",
                  "operator": "=~",
                  "value": "/$SCENARIO$/"
                }
              ]
            }
          ],
          "timeFrom": "14d",
          "timeShift": null,
          "title": "$POD",
          "tooltip": {
            "shared": true,
            "value_type": "cumulative"
          },
          "type": "graph",
          "x-axis": true,
          "y-axis": true,
          "y_formats": [
            "short",
            "short"
          ],
          "links": []
        }
      ],
      "title": "New row"
    }
  ],
  "time": {
    "from": "now-30d",
    "to": "now"
  },
  "timepicker": {
    "now": true,
    "refresh_intervals": [
      "5s",
      "10s",
      "30s",
      "1m",
      "5m",
      "15m",
      "30m",
      "1h",
      "2h",
      "1d"
    ],
    "time_options": [
      "5m",
      "15m",
      "1h",
      "6h",
      "12h",
      "24h",
      "2d",
      "7d",
      "30d"
    ]
  },
  "templating": {
    "list": [
      {
        "allFormat": "regex values",
        "current": {
          "tags": [],
          "text": "huawei-pod1",
          "value": "huawei\\-pod1"
        },
        "datasource": "yardstick-vtc",
        "includeAll": true,
        "multi": true,
        "multiFormat": "regex values",
        "name": "POD",
        "options": [
          {
            "text": "All",
            "value": "(elxg482ls42|ericsson\\-pod1|ericsson\\-pod2|huawei\\-pod1|huawei\\-pod2|huawei\\-us\\-deploy\\-bare\\-1|intel\\-pod5|intel\\-pod6|lf\\-pod1|lf\\-pod2|opnfv\\-jump\\-1|opnfv\\-jump\\-2|orange\\-fr\\-pod2|unknown|zte\\-pod1)",
            "selected": false
          },
          {
            "text": "elxg482ls42",
            "value": "elxg482ls42",
            "selected": false
          },
          {
            "text": "ericsson-pod1",
            "value": "ericsson\\-pod1",
            "selected": false
          },
          {
            "text": "ericsson-pod2",
            "value": "ericsson\\-pod2",
            "selected": false
          },
          {
            "text": "huawei-pod1",
            "value": "huawei\\-pod1",
            "selected": true
          },
          {
            "text": "huawei-pod2",
            "value": "huawei\\-pod2",
            "selected": false
          },
          {
            "text": "huawei-us-deploy-bare-1",
            "value": "huawei\\-us\\-deploy\\-bare\\-1",
            "selected": false
          },
          {
            "text": "intel-pod5",
            "value": "intel\\-pod5",
            "selected": false
          },
          {
            "text": "intel-pod6",
            "value": "intel\\-pod6",
            "selected": false
          },
          {
            "text": "lf-pod1",
            "value": "lf\\-pod1",
            "selected": false
          },
          {
            "text": "lf-pod2",
            "value": "lf\\-pod2",
            "selected": false
          },
          {
            "text": "opnfv-jump-1",
            "value": "opnfv\\-jump\\-1",
            "selected": false
          },
          {
            "text": "opnfv-jump-2",
            "value": "opnfv\\-jump\\-2",
            "selected": false
          },
          {
            "text": "orange-fr-pod2",
            "value": "orange\\-fr\\-pod2",
            "selected": false
          },
          {
            "text": "unknown",
            "value": "unknown",
            "selected": false
          },
          {
            "text": "zte-pod1",
            "value": "zte\\-pod1",
            "selected": false
          }
        ],
        "query": "SHOW TAG VALUES WITH KEY = \"pod_name\"",
        "refresh": false,
        "type": "query"
      },
      {
        "allFormat": "regex values",
        "current": {
          "text": "os-nosdn-nofeature-ha + os-nosdn-nofeature-noha",
          "value": [
            "os\\-nosdn\\-nofeature\\-ha",
            "os\\-nosdn\\-nofeature\\-noha"
          ],
          "tags": []
        },
        "datasource": "yardstick-vtc",
        "includeAll": true,
        "multi": true,
        "multiFormat": "regex values",
        "name": "SCENARIO",
        "options": [
          {
            "text": "All",
            "value": "(os\\-no_sdn\\-ovs\\-ha|os\\-nosdn\\-kvm\\-ha|os\\-nosdn\\-nofeature\\-ha|os\\-nosdn\\-nofeature\\-noha|os\\-nosdn\\-ovs\\-ha|os\\-ocl\\-nofeature\\-ha|os\\-odl_l2\\-bgpvpn\\-ha|os\\-odl_l2\\-nofeature\\-ha|os\\-odl_l2\\-nofeature\\-noha|os\\-odl_l2\\-sfc\\-ha|os\\-odl_l3\\-nofeature\\-ha|os\\-onos\\-nofeature\\-ha|os\\-onos\\-sfc\\-ha|os\\-ovs\\-nofeature\\-ha|unknown)",
            "selected": false
          },
          {
            "text": "os-no_sdn-ovs-ha",
            "value": "os\\-no_sdn\\-ovs\\-ha",
            "selected": false
          },
          {
            "text": "os-nosdn-kvm-ha",
            "value": "os\\-nosdn\\-kvm\\-ha",
            "selected": false
          },
          {
            "text": "os-nosdn-nofeature-ha",
            "value": "os\\-nosdn\\-nofeature\\-ha",
            "selected": true
          },
          {
            "text": "os-nosdn-nofeature-noha",
            "value": "os\\-nosdn\\-nofeature\\-noha",
            "selected": true
          },
          {
            "text": "os-nosdn-ovs-ha",
            "value": "os\\-nosdn\\-ovs\\-ha",
            "selected": false
          },
          {
            "text": "os-ocl-nofeature-ha",
            "value": "os\\-ocl\\-nofeature\\-ha",
            "selected": false
          },
          {
            "text": "os-odl_l2-bgpvpn-ha",
            "value": "os\\-odl_l2\\-bgpvpn\\-ha",
            "selected": false
          },
          {
            "text": "os-odl_l2-nofeature-ha",
            "value": "os\\-odl_l2\\-nofeature\\-ha",
            "selected": false
          },
          {
            "text": "os-odl_l2-nofeature-noha",
            "value": "os\\-odl_l2\\-nofeature\\-noha",
            "selected": false
          },
          {
            "text": "os-odl_l2-sfc-ha",
            "value": "os\\-odl_l2\\-sfc\\-ha",
            "selected": false
          },
          {
            "text": "os-odl_l3-nofeature-ha",
            "value": "os\\-odl_l3\\-nofeature\\-ha",
            "selected": false
          },
          {
            "text": "os-onos-nofeature-ha",
            "value": "os\\-onos\\-nofeature\\-ha",
            "selected": false
          },
          {
            "text": "os-onos-sfc-ha",
            "value": "os\\-onos\\-sfc\\-ha",
            "selected": false
          },
          {
            "text": "os-ovs-nofeature-ha",
            "value": "os\\-ovs\\-nofeature\\-ha",
            "selected": false
          },
          {
            "text": "unknown",
            "value": "unknown",
            "selected": false
          }
        ],
        "query": "SHOW TAG VALUES WITH KEY = \"deploy_scenario\"",
        "refresh": false,
        "type": "query"
      }
    ]
  },
  "annotations": {
    "list": []
  },
  "schemaVersion": 8,
  "version": 8,
  "links": []
}