diff options
| author | Rob Austein <sra@hactrn.net> | 2009-05-21 18:35:36 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2009-05-21 18:35:36 +0000 |
| commit | 9b72fb6f0191cef5b16c26fca543d486688592c9 (patch) | |
| tree | e59a21443c864933ea4cf9cc0f25f9d094510573 | |
| parent | 5a3ba390ea0dad717b51c629f1a359112aa54ac3 (diff) | |
More CMS cert logging
svn path=/rpkid/rpki/x509.py; revision=2446
| -rw-r--r-- | rpkid/rpki/x509.py | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/rpkid/rpki/x509.py b/rpkid/rpki/x509.py index 91ab48bd..7dc18ad5 100644 --- a/rpkid/rpki/x509.py +++ b/rpkid/rpki/x509.py @@ -784,7 +784,7 @@ class CMS_object(DER_object): if self.debug_cms_certs: for x in certs: - rpki.log.debug("Received CMS cert issuer %s subject %s" % (x.getIssuer(), x.getSubject())) + rpki.log.debug("Received CMS cert issuer %s subject %s SKI %s" % (x.getIssuer(), x.getSubject(), x.hSKI())) for c in crls: rpki.log.debug("Received CMS CRL issuer %s" % repr(c.getIssuer())) @@ -794,7 +794,7 @@ class CMS_object(DER_object): for x in X509.normalize_chain(ta): if self.debug_cms_certs: - rpki.log.debug("CMS trusted cert issuer %s subject %s" % (x.getIssuer(), x.getSubject())) + rpki.log.debug("CMS trusted cert issuer %s subject %s SKI %s" % (x.getIssuer(), x.getSubject(), x.hSKI())) if not x.is_CA(): assert trusted_ee is None, "Can't have two EE certs in the same validation chain" trusted_ee = x @@ -802,7 +802,7 @@ class CMS_object(DER_object): if trusted_ee: if self.debug_cms_certs: - rpki.log.debug("Trusted CMS EE cert issuer %s subject %s" % (trusted_ee.getIssuer(), trusted_ee.getSubject())) + rpki.log.debug("Trusted CMS EE cert issuer %s subject %s SKI %s" % (trusted_ee.getIssuer(), trusted_ee.getSubject(), trusted_ee.hSKI())) if certs and (len(certs) > 1 or certs[0] != trusted_ee): raise rpki.exceptions.UnexpectedCMSCerts, certs if crls: @@ -883,6 +883,11 @@ class CMS_object(DER_object): elif isinstance(crls, CRL): crls = (crls,) + if self.debug_cms_certs: + rpki.log.debug("Signing with cert issuer %s subject %s SKI %s" % (cert.getIssuer(), cert.getSubject(), cert.hSKI())) + for i, c in enumerate(certs): + rpki.log.debug("Additional cert %d issuer %s subject %s SKI %s" % (i, c.getIssuer(), c.getSubject(), c.hSKI())) + cms = POW.CMS() cms.sign(cert.get_POW(), |