Finally get rid of rpki.https.CertInfo kludge.

svn path=/scripts/http-client.py; revision=912
author: Rob Austein <sra@hactrn.net> 2007-08-25 16:46:05 +0000
committer: Rob Austein <sra@hactrn.net> 2007-08-25 16:46:05 +0000
commit: 57995ddafe5df6e78110263a5d421d9a6a9a3de9 (patch)
tree: 0e5869454e7ac6e7a7aa2d5533cc60857008ac73
parent: 7496e2285b84a84fbf5902b60096a5fbe1521b17 (diff)
5 files changed, 41 insertions, 41 deletions
diff --git a/scripts/http-client.py b/scripts/http-client.py
index 53150a9c..18fcbf9c 100644
--- a/scripts/http-client.py
+++ b/scripts/http-client.py
@@ -2,5 +2,17 @@
 
 import rpki.config, rpki.https
 
-certInfo = rpki.https.CertInfo(rpki.config.parser("http-demo.conf"), "client")
-print rpki.https.client(certInfo=certInfo, msg="This is a test.  This is only a test.  Had this been real you would now be really confused.\n")
+msg = "This is a test.  This is only a test.  Had this been real you would now be really confused.\n"
+
+cfg = rpki.config.parser("http-demo.conf")
+section = "client"
+
+privateKey = rpki.x509.RSA_Keypair(PEM_file = cfg.get(section, "https-key"))
+
+certChain = rpki.x509.X509_chain()
+certChain.load_from_PEM(cfg.multiget(section, "https-cert"))
+
+x509TrustList = rpki.x509.X509_chain()
+x509TrustList.load_from_PEM(cfg.multiget(section, "https-ta"))
+
+print rpki.https.client(privateKey=privateKey, certChain=certChain, x509TrustList=x509TrustList, msg=msg)
diff --git a/scripts/http-server.py b/scripts/http-server.py
index 876ea48c..dd7ec9a2 100644
--- a/scripts/http-server.py
+++ b/scripts/http-server.py
@@ -2,9 +2,15 @@
 
 import rpki.https, tlslite.api, rpki.config
 
-certInfo = rpki.https.CertInfo(rpki.config.parser("http-demo.conf"), "server")
+cfg = rpki.config.parser("http-demo.conf")
+section = "server"
+
+privateKey = rpki.x509.RSA_Keypair(PEM_file = cfg.get(section, "https-key"))
+
+certChain = rpki.x509.X509_chain()
+certChain.load_from_PEM(cfg.multiget(section, "https-cert"))
 
 def handler(query, path):
   return 200, "Path:    %s\nQuery:   %s" % (path, query)
 
-rpki.https.server(certInfo=certInfo, handlers={"/" : handler})
+rpki.https.server(privateKey=privateKey, certChain=certChain, handlers={"/" : handler})
diff --git a/scripts/irbe-cli.py b/scripts/irbe-cli.py
index 7039cac9..a0afafa7 100755
--- a/scripts/irbe-cli.py
+++ b/scripts/irbe-cli.py
@@ -136,11 +136,13 @@ def main():
 
   rng = rpki.relaxng.RelaxNG(cfg.get(section, "rng-schema"))
 
-  print "rpki.https.CertInfo() needs rewriting!"
-  #
-  # ... but use it for now
-  #
-  httpsCerts = rpki.https.CertInfo(cfg, section)
+  privateKey = rpki.x509.RSA_Keypair(PEM_file = cfg.get(section, "https-key"))
+
+  certChain = rpki.x509.X509_chain()
+  certChain.load_from_PEM(cfg.multiget(section, "https-cert"))
+
+  x509TrustList = rpki.x509.X509_chain()
+  x509TrustList.load_from_PEM(cfg.multiget(section, "https-ta"))
 
   q_msg = rpki.left_right.msg()
 
@@ -169,7 +171,8 @@ def main():
 
   q_cms = rpki.cms.encode(q_xml, cfg.get(section, "cms-key"), cfg.multiget(section, "cms-cert"))
 
-  r_cms = rpki.https.client(certInfo=httpsCerts, msg=q_cms, url="/left-right")
+  r_cms = rpki.https.client(privateKey=privateKey, certChain=certChain, x509TrustList=x509TrustList,
+                            msg=q_cms, url="/left-right")
 
   r_xml = rpki.cms.decode(r_cms, cfg.get(section, "cms-peer"))
 
diff --git a/scripts/rpki/https.py b/scripts/rpki/https.py
index 428fb918..fe2d404b 100644
--- a/scripts/rpki/https.py
+++ b/scripts/rpki/https.py
@@ -7,34 +7,11 @@ subversion repository; generalizing it would not be hard, but the more
 general version should use SQL anyway.
 """
 
-import httplib, BaseHTTPServer, tlslite.api, glob, rpki.x509, rpki.config
+import httplib, BaseHTTPServer, tlslite.api, glob, rpki.x509
 
 rpki_content_type = "application/x-rpki"
 
-class CertInfo(object):
-  """Certificate context.
-
-  This hides a bunch of grotty details about how we store and name
-  certificates in this test setup.  This code will definitely need to
-  change, soon, but this class keeps most of this rubbish in one
-  place.
-  """
-
-  def __init__(self, cfg, section):
-
-    keypair = rpki.x509.RSA_Keypair(PEM_file = cfg.get(section, "https-key"))
-    self.privateKey = keypair.get_tlslite()
-
-    chain = rpki.x509.X509_chain()
-    chain.load_from_PEM(cfg.multiget(section, "https-cert"))
-    chain.chainsort()
-    self.certChain = chain.tlslite_certChain()
-
-    trustlist = rpki.x509.X509_chain()
-    trustlist.load_from_PEM(cfg.multiget(section, "https-ta"))
-    self.x509TrustList = trustlist.tlslite_trustList()
-
-def client(msg, certInfo, host="localhost", port=4433, url="/"):
+def client(msg, privateKey, certChain, x509TrustList, host="localhost", port=4433, url="/"):
   """Open client HTTPS connection, send a message, wait for response.
 
   This function wraps most of what one needs to do to send a message
@@ -45,9 +22,9 @@ def client(msg, certInfo, host="localhost", port=4433, url="/"):
   
   httpc = tlslite.api.HTTPTLSConnection(host=host,
                                         port=port,
-                                        certChain=certInfo.certChain,
-                                        privateKey=certInfo.privateKey,
-                                        x509TrustList=certInfo.x509TrustList)
+                                        privateKey=privateKey.get_tlslite(),
+                                        certChain=certChain.tlslite_certChain(),
+                                        x509TrustList=x509TrustList.tlslite_trustList())
   httpc.connect()
   httpc.request("POST", url, msg, {"Content-Type" : rpki_content_type})
   response = httpc.getresponse()
@@ -100,15 +77,16 @@ class httpServer(tlslite.api.TLSSocketServerMixIn, BaseHTTPServer.HTTPServer):
       print "TLS handshake failure:", str(error)
       return False
 
-def server(handlers, certInfo, port=4433, host=""):
+def server(handlers, privateKey, certChain, port=4433, host=""):
   """Run an HTTPS server and wait (forever) for connections."""
 
   class boundRequestHandler(requestHandler):
     rpki_handlers = handlers
 
   httpd = httpServer((host, port), boundRequestHandler)
-  httpd.rpki_privateKey = certInfo.privateKey
-  httpd.rpki_certChain = certInfo.certChain
+
+  httpd.rpki_privateKey = privateKey.get_tlslite()
+  httpd.rpki_certChain = certChain.tlslite_certChain()
   httpd.rpki_sessionCache = tlslite.api.SessionCache()
 
   httpd.serve_forever()
diff --git a/scripts/rpki/x509.py b/scripts/rpki/x509.py
index 966191a6..49f1e61e 100644
--- a/scripts/rpki/x509.py
+++ b/scripts/rpki/x509.py
@@ -224,6 +224,7 @@ class X509_chain(list):
 
   def tlslite_certChain(self):
     """Return a certChain in the format tlslite likes."""
+    self.chainsort()
     return tlslite.api.X509CertChain([x.get_tlslite() for x in self])
 
   def tlslite_trustList(self):
author	Rob Austein <sra@hactrn.net>	2007-08-25 16:46:05 +0000
committer	Rob Austein <sra@hactrn.net>	2007-08-25 16:46:05 +0000
commit	57995ddafe5df6e78110263a5d421d9a6a9a3de9 (patch)
tree	0e5869454e7ac6e7a7aa2d5533cc60857008ac73
parent	7496e2285b84a84fbf5902b60096a5fbe1521b17 (diff)