Add router certificate support to yamltest, rpkic, etc.

svn path=/branches/tk671/; revision=5680
author: Rob Austein <sra@hactrn.net> 2014-02-21 02:05:36 +0000
committer: Rob Austein <sra@hactrn.net> 2014-02-21 02:05:36 +0000
commit: a25c336c1d7752b60a251fcce51f2fbd81d930bf (patch)
tree: 51d7cadf92d447a8f22d7ea00ce618ad9305ea83 /rpkid/rpki/x509.py
parent: 401bbea99c1ba43ae0987b6346c65293a8efafa0 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/rpkid/rpki/x509.py b/rpkid/rpki/x509.py
index c69090e2..847c90f6 100644
--- a/rpkid/rpki/x509.py
+++ b/rpkid/rpki/x509.py
@@ -1001,14 +1001,14 @@ class PKCS10(DER_object):
     bc  = self.get_POW().getBasicConstraints()
     sia = self.get_POW().getSIA()
 
+    caRepository, rpkiManifest, signedObject = sia or (None, None, None)
+
     if alg not in (rpki.oids.sha256WithRSAEncryption, rpki.oids.ecdsa_with_SHA256):
       raise rpki.exceptions.BadPKCS10("PKCS #10 has bad signature algorithm for EE: %s" % alg)
 
     if bc is not None and (bc[0] or bc[1] is not None):
       raise rpki.exceptions.BadPKCS10("PKCS #10 EE has bad basicConstraints")
 
-    caRepository, rpkiManifest, signedObject = sias or (None, None, None)
-
     if caRepository:
       raise rpki.exceptions.BadPKCS10("PKCS #10 EE must not have id-ad-caRepository")
author	Rob Austein <sra@hactrn.net>	2014-02-21 02:05:36 +0000
committer	Rob Austein <sra@hactrn.net>	2014-02-21 02:05:36 +0000
commit	a25c336c1d7752b60a251fcce51f2fbd81d930bf (patch)
tree	51d7cadf92d447a8f22d7ea00ce618ad9305ea83 /rpkid/rpki/x509.py
parent	401bbea99c1ba43ae0987b6346c65293a8efafa0 (diff)