rpkic extract_root_certificate and extract_root_tal commands.

svn path=/branches/tk705/; revision=6378
author: Rob Austein <sra@hactrn.net> 2016-04-23 15:03:47 +0000
committer: Rob Austein <sra@hactrn.net> 2016-04-23 15:03:47 +0000
commit: 4d3f0b25bf076ad5fb71de24694a1c77a80271bc (patch)
tree: 4490163353d8005539c8515e8a2e8f726aef1638 /rpki/irdb/zookeeper.py
parent: 5c624ffcb9cb6fbecf49ede4740a71f0c8135362 (diff)
1 files changed, 22 insertions, 0 deletions
diff --git a/rpki/irdb/zookeeper.py b/rpki/irdb/zookeeper.py
index 1eb950f4..f0fda08a 100644
--- a/rpki/irdb/zookeeper.py
+++ b/rpki/irdb/zookeeper.py
@@ -381,6 +381,28 @@ class Zookeeper(object):
         return self.generate_repository_request(parent)
 
 
+    def extract_root_certificate_and_uris(self, handle):
+
+        if not handle:
+            handle = self.handle
+
+        q_msg = self.compose_left_right_query()
+        SubElement(q_msg, rpki.left_right.tag_parent, action = "get",
+                   tenant_handle = self.handle, parent_handle = handle)
+        r_msg = self.call_rpkid(q_msg)
+        assert len(r_msg) == 1 and r_msg[0].tag == rpki.left_right.tag_parent
+
+        cert = rpki.x509.X509(Base64 = r_msg[0].findtext(rpki.left_right.tag_rpki_root_cert))
+        caDirectory, rpkiManifest, signedObjectRepository, rpkiNotify = cert.get_SIA()
+        sia_base = r_msg[0].get("sia_base")
+        fn = cert.gSKI() + ".cer"
+
+        https_uri = os.path.join(os.path.dirname(rpkiNotify[0]), fn)
+        rsync_uri = sia_base + fn
+
+        return cert, (https_uri, rsync_uri)
+
+
     def write_bpki_files(self):
         """
         Write out BPKI certificate, key, and CRL files for daemons that
author	Rob Austein <sra@hactrn.net>	2016-04-23 15:03:47 +0000
committer	Rob Austein <sra@hactrn.net>	2016-04-23 15:03:47 +0000
commit	4d3f0b25bf076ad5fb71de24694a1c77a80271bc (patch)
tree	4490163353d8005539c8515e8a2e8f726aef1638 /rpki/irdb/zookeeper.py
parent	5c624ffcb9cb6fbecf49ede4740a71f0c8135362 (diff)