Preliminary version of rpkid et al with all the TLS code ripped out.

Not quite ready for cutover yet, may need some conversion tools and
instructions, but checking this into a branch (well, sort of) so that
others can look at the code changes involved, try it out themselves,
etc.  At some point this will merge back into rpkid/ directory and
there will be only one, without TLS, but converting the testbed is
going to require a flag day, so need to keep the TLS version around
until then.

svn path=/rpkid.without_tls; revision=3449

1 files changed, 101 insertions, 0 deletions

diff --git a/rpkid.without_tls/tests/myrpki-xml-parse-test.py b/rpkid.without_tls/tests/myrpki-xml-parse-test.py
new file mode 100644
index 00000000..5aaf5cbf
--- /dev/null
+++ b/rpkid.without_tls/tests/myrpki-xml-parse-test.py
@@ -0,0 +1,101 @@
+"""
+Test parser and display tool for myrpki.xml files.
+
+$Id$
+
+Copyright (C) 2009--2010  Internet Systems Consortium ("ISC")
+
+Permission to use, copy, modify, and distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+PERFORMANCE OF THIS SOFTWARE.
+"""
+
+import lxml.etree, rpki.resource_set, base64, subprocess
+
+relaxng = lxml.etree.RelaxNG(file = "myrpki.rng")
+
+tree = lxml.etree.parse("myrpki.xml").getroot()
+
+if False:
+  print lxml.etree.tostring(tree, pretty_print = True, encoding = "us-ascii", xml_declaration = True)
+
+relaxng.assertValid(tree)
+
+def showitems(x):
+  if False:
+    for k, v in x.items():
+      if v:
+        print " ", k, v
+
+def tag(t):
+  return "{http://www.hactrn.net/uris/rpki/myrpki/}" + t
+
+print "My handle:", tree.get("handle")
+
+print "Children:"
+for x in tree.getiterator(tag("child")):
+  print " ", x
+  print "  Handle:", x.get("handle")
+  print "  ASNS:  ", rpki.resource_set.resource_set_as(x.get("asns"))
+  print "  IPv4:  ", rpki.resource_set.resource_set_ipv4(x.get("v4"))
+  print "  Valid: ", x.get("valid_until")
+  showitems(x)
+print
+
+print "ROA requests:"
+for x in tree.getiterator(tag("roa_request")):
+  print " ", x
+  print "  ASN: ", x.get("asn")
+  print "  IPv4:", rpki.resource_set.roa_prefix_set_ipv4(x.get("v4"))
+  print "  IPv6:", rpki.resource_set.roa_prefix_set_ipv6(x.get("v6"))
+  showitems(x)
+print
+
+def showpem(label, b64, kind):
+  cmd = ("openssl", kind, "-noout", "-text", "-inform", "DER")
+  if kind == "x509":
+    cmd += ("-certopt", "no_pubkey,no_sigdump")
+  p = subprocess.Popen(cmd, stdin = subprocess.PIPE, stdout = subprocess.PIPE)
+  text = p.communicate(input = base64.b64decode(b64))[0]
+  if p.returncode != 0:
+    raise subprocess.CalledProcessError(returncode = p.returncode, cmd = cmd)
+  print label, text
+
+for x in tree.getiterator(tag("child")):
+  cert = x.findtext(tag("bpki_certificate"))
+  if cert:
+    showpem("Child", cert, "x509")
+
+for x in tree.getiterator(tag("parent")):
+  print "Parent URI:", x.get("service_uri")
+  cert = x.findtext(tag("bpki_certificate"))
+  if cert:
+    showpem("Parent", cert, "x509")
+
+ca = tree.findtext(tag("bpki_ca_certificate"))
+if ca:
+  showpem("CA", ca, "x509")
+
+bsc = tree.findtext(tag("bpki_bsc_certificate"))
+if bsc:
+  showpem("BSC EE", bsc, "x509")
+
+repo = tree.findtext(tag("bpki_repository_certificate"))
+if repo:
+  showpem("Repository", repo, "x509")
+
+req = tree.findtext(tag("bpki_bsc_pkcs10"))
+if req:
+  showpem("BSC EE", req, "req")
+
+crl = tree.findtext(tag("bpki_crl"))
+if crl:
+  showpem("CA", crl, "crl")