diff options
| author | Rob Austein <sra@hactrn.net> | 2007-09-28 20:06:35 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2007-09-28 20:06:35 +0000 |
| commit | 405f90f77a8ca2a8fc5a0837b2eaf91a4cd0255f (patch) | |
| tree | 5aebeb09c10daf1eadbace4b5313e0db302ac2d5 /scripts | |
| parent | 0f8c986dd4595122991493c192b794d2831f3977 (diff) | |
Tighten up PKCS#10 attribute decoding
svn path=/pow/POW-0.7/lib/pkix.py; revision=1046
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/pkcs10.py | 45 |
1 files changed, 30 insertions, 15 deletions
diff --git a/scripts/pkcs10.py b/scripts/pkcs10.py index 557d987f..8163cf9b 100644 --- a/scripts/pkcs10.py +++ b/scripts/pkcs10.py @@ -2,37 +2,48 @@ import POW.pkix, rpki.x509, glob, rpki.resource_set -parse_extensions = True -list_extensions = True -show_attributes = True +parse_extensions = True +list_extensions = True +show_attributes = True +show_algorithm = False +do_verify = True -for name in glob.glob("resource-cert-samples/*.req"): +for name in glob.glob("resource-cert-samples/*.req") + glob.glob("biz-certs/*.req"): pkcs10 = rpki.x509.PKCS10_Request(Auto_file = name).get_POWpkix() print "[", name, "]" - if show_attributes: - print pkcs10.certificationRequestInfo.attributes.val + if show_algorithm: + print pkcs10.signatureAlgorithm + print + print pkcs10.signatureAlgorithm.get() print - print pkcs10.certificationRequestInfo.attributes.val.get() + + if show_attributes: + print pkcs10.certificationRequestInfo.attributes.oid, pkcs10.certificationRequestInfo.attributes.oid.get() print - print pkcs10.certificationRequestInfo.attributes.val.choice + print pkcs10.certificationRequestInfo.attributes.val, pkcs10.certificationRequestInfo.attributes.val.get() print - print pkcs10.certificationRequestInfo.attributes.val.choices + print pkcs10.certificationRequestInfo.attributes.val.choice, pkcs10.certificationRequestInfo.attributes.val.choices print print pkcs10.certificationRequestInfo.attributes.val.choices[pkcs10.certificationRequestInfo.attributes.val.choice] print print len(pkcs10.certificationRequestInfo.attributes.val.choices[pkcs10.certificationRequestInfo.attributes.val.choice]) print - print pkcs10.certificationRequestInfo.attributes.val.choices[pkcs10.certificationRequestInfo.attributes.val.choice][0] - print + if len(pkcs10.certificationRequestInfo.attributes.val.choices[pkcs10.certificationRequestInfo.attributes.val.choice]) > 0: + print pkcs10.certificationRequestInfo.attributes.val.choices[pkcs10.certificationRequestInfo.attributes.val.choice][0] + print - extc = pkcs10.certificationRequestInfo.attributes.val - exts = extc.choices[extc.choice][0] + if False: + extc = pkcs10.certificationRequestInfo.attributes.val + exts = extc.choices[extc.choice][0] + assert exts is pkcs10.getExtensions() + else: + exts = pkcs10.getExtensions() #print len(exts), exts[0].extnValue - if list_extensions: + if list_extensions and exts is not None: for x in exts: oid = x.extnID.get() name = POW.pkix.oid2obj(oid) @@ -42,7 +53,7 @@ for name in glob.glob("resource-cert-samples/*.req"): value = ":".join(["%02X" % ord(i) for i in value]) print [ name, oid, crit, value ] - if parse_extensions: + if parse_extensions and exts is not None: as, v4, v6 = rpki.resource_set.parse_extensions(exts.get()) if as: print "ASN =", as @@ -58,4 +69,8 @@ for name in glob.glob("resource-cert-samples/*.req"): val = ":".join(["%02X" % ord(i) for i in val]) print POW.pkix.oid2obj(oid), oid, "=", val + if do_verify: + print + print "Signature verification: %s" % pkcs10.verify() + print |