Consolidate and debug PKCS #10 code.

svn path=/pow/POW-0.7/lib/pkix.py; revision=1104
author: Rob Austein <sra@hactrn.net> 2007-10-06 18:13:43 +0000
committer: Rob Austein <sra@hactrn.net> 2007-10-06 18:13:43 +0000
commit: 258948849c072360876d02c1300853c293c31ab3 (patch)
tree: 054bf628aed985f05865b0a297b53b019f15324d /scripts/pkcs10.py
parent: e364ef51ed453b0d438ed5a5453179d552c298a1 (diff)
1 files changed, 59 insertions, 45 deletions
diff --git a/scripts/pkcs10.py b/scripts/pkcs10.py
index 683f94df..77272ff0 100644
--- a/scripts/pkcs10.py
+++ b/scripts/pkcs10.py
@@ -1,6 +1,10 @@
 # $Id$
 
-import POW.pkix, rpki.x509, glob, rpki.resource_set
+import POW.pkix, glob, os
+import rpki.x509, rpki.resource_set
+
+parse_test              = False
+generate_test           = True
 
 parse_extensions        = True
 show_attributes         = False
@@ -12,60 +16,70 @@ show_publickey          = False
 def hexify(thing):
   return ":".join(["%02X" % ord(i) for i in thing])
 
-for name in glob.glob("resource-cert-samples/*.req") + glob.glob("biz-certs/*.req"):
-  pkcs10 = rpki.x509.PKCS10(Auto_file = name).get_POWpkix()
+if parse_test:
 
-  print "[", name, "]"
+  for name in glob.glob("resource-cert-samples/*.req") + glob.glob("biz-certs/*.req"):
+    pkcs10 = rpki.x509.PKCS10(Auto_file = name).get_POWpkix()
 
-  if show_algorithm:
-    print pkcs10.signatureAlgorithm
-    print
-    print pkcs10.signatureAlgorithm.get()
-    print
+    print "[", name, "]"
 
-  if show_signature:
-    print pkcs10.signatureValue, hexify(pkcs10.signatureValue.get())
-    print
+    if show_algorithm:
+      print pkcs10.signatureAlgorithm
+      print
+      print pkcs10.signatureAlgorithm.get()
+      print
 
-  if show_publickey:
-    print pkcs10.certificationRequestInfo.subjectPublicKeyInfo
-    print pkcs10.certificationRequestInfo.subjectPublicKeyInfo.get()
-    print hexify(pkcs10.certificationRequestInfo.subjectPublicKeyInfo.toString())
-    print
+    if show_signature:
+      print pkcs10.signatureValue, hexify(pkcs10.signatureValue.get())
+      print
 
-  if show_attributes:
-    print pkcs10.certificationRequestInfo.attributes.oid, pkcs10.certificationRequestInfo.attributes.oid.get()
-    print
-    print pkcs10.certificationRequestInfo.attributes.val, pkcs10.certificationRequestInfo.attributes.val.get()
-    print
-    print pkcs10.certificationRequestInfo.attributes.val.choice, pkcs10.certificationRequestInfo.attributes.val.choices
-    print
-    print pkcs10.certificationRequestInfo.attributes.val.choices[pkcs10.certificationRequestInfo.attributes.val.choice]
-    print
-    print len(pkcs10.certificationRequestInfo.attributes.val.choices[pkcs10.certificationRequestInfo.attributes.val.choice])
-    print
-    if len(pkcs10.certificationRequestInfo.attributes.val.choices[pkcs10.certificationRequestInfo.attributes.val.choice]) > 0:
-      print pkcs10.certificationRequestInfo.attributes.val.choices[pkcs10.certificationRequestInfo.attributes.val.choice][0]
+    if show_publickey:
+      print pkcs10.certificationRequestInfo.subjectPublicKeyInfo
+      print pkcs10.certificationRequestInfo.subjectPublicKeyInfo.get()
+      print hexify(pkcs10.certificationRequestInfo.subjectPublicKeyInfo.toString())
+      print
+
+    if show_attributes:
+      print pkcs10.certificationRequestInfo.attributes.oid, pkcs10.certificationRequestInfo.attributes.oid.get()
+      print
+      print pkcs10.certificationRequestInfo.attributes.val, pkcs10.certificationRequestInfo.attributes.val.get()
       print
+      print pkcs10.certificationRequestInfo.attributes.val.choice, pkcs10.certificationRequestInfo.attributes.val.choices
+      print
+      print pkcs10.certificationRequestInfo.attributes.val.choices[pkcs10.certificationRequestInfo.attributes.val.choice]
+      print
+      print len(pkcs10.certificationRequestInfo.attributes.val.choices[pkcs10.certificationRequestInfo.attributes.val.choice])
+      print
+      if len(pkcs10.certificationRequestInfo.attributes.val.choices[pkcs10.certificationRequestInfo.attributes.val.choice]) > 0:
+        print pkcs10.certificationRequestInfo.attributes.val.choices[pkcs10.certificationRequestInfo.attributes.val.choice][0]
+        print
 
-  if parse_extensions:
+    if parse_extensions:
 
-    exts = pkcs10.getExtensions()
+      exts = pkcs10.getExtensions()
 
-    as, v4, v6 = rpki.resource_set.parse_extensions(exts)
-    if as: print "ASN  =", as
-    if v4: print "IPv4 =", v4
-    if v6: print "IPv6 =", v6
+      as, v4, v6 = rpki.resource_set.parse_extensions(exts)
+      if as: print "ASN  =", as
+      if v4: print "IPv4 =", v4
+      if v6: print "IPv6 =", v6
 
-    for oid, crit, val in exts:
-      if oid in ((1, 3, 6, 1, 5, 5, 7, 1, 7), (1, 3, 6, 1, 5, 5, 7, 1, 8)):
-        continue
-      if isinstance(val, str):
-        val = hexify(val)
-      print POW.pkix.oid2obj(oid), oid, "=", val
+      for oid, crit, val in exts:
+        if oid in ((1, 3, 6, 1, 5, 5, 7, 1, 7), (1, 3, 6, 1, 5, 5, 7, 1, 8)):
+          continue
+        if isinstance(val, str):
+          val = hexify(val)
+        print POW.pkix.oid2obj(oid), oid, "=", val
+
+    if do_verify:
+      print
+      print "Signature verification: %s" % pkcs10.verify()
 
-  if do_verify:
     print
-    print "Signature verification: %s" % pkcs10.verify()
 
-  print
+if generate_test:
+  keypair = rpki.x509.RSA()
+  keypair.generate()
+  pkcs10 = rpki.x509.PKCS10.create(keypair)
+  f = os.popen("openssl req -text -config /dev/null", "w")
+  f.write(pkcs10.get_PEM())
+  f.close()
author	Rob Austein <sra@hactrn.net>	2007-10-06 18:13:43 +0000
committer	Rob Austein <sra@hactrn.net>	2007-10-06 18:13:43 +0000
commit	258948849c072360876d02c1300853c293c31ab3 (patch)
tree	054bf628aed985f05865b0a297b53b019f15324d /scripts/pkcs10.py
parent	e364ef51ed453b0d438ed5a5453179d552c298a1 (diff)