Whack rest of POW's object I/O (x.derRead(), x.derWrite()) to use new

class-based methods instead of old module functions.

svn path=/branches/tk274/; revision=4728

6 files changed, 6 insertions, 134 deletions

diff --git a/scripts/Old/test-pow-tls.py b/scripts/Old/test-pow-tls.py
deleted file mode 100644
index bc9ea9a0..00000000
--- a/scripts/Old/test-pow-tls.py
+++ /dev/null
@@ -1,61 +0,0 @@
-"""
-Grope towards testing TLS functionality in POW
-
-$Id$
-
-Copyright (C) 2008  American Registry for Internet Numbers ("ARIN")
-
-Permission to use, copy, modify, and distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-AND FITNESS.  IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-PERFORMANCE OF THIS SOFTWARE.
-"""
-
-# openssl s_server -tls1 -Verify 9 -cert biz-certs/Alice-EE.cer -key biz-certs/Alice-EE.key -www -CApath biz-certs -chain
-
-# openssl s_client -connect localhost:4433 -tls1 -cert biz-certs/Bob-EE.cer -key biz-certs/Bob-EE.key -verify 9 -CApath biz-certs -crlf
-
-import POW, socket
-
-def pow_error_iterator():
-  err = POW.getError()
-  if err is None:
-    raise StopIteration
-  else:
-    yield err
-
-key = POW.pemRead(POW.RSA_PRIVATE_KEY,  open("biz-certs/Bob-EE.key").read())
-cer = POW.pemRead(POW.X509_CERTIFICATE, open("biz-certs/Bob-EE.cer").read())
-ca  = POW.pemRead(POW.X509_CERTIFICATE, open("biz-certs/Bob-CA.cer").read())
-
-s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-s.connect(("localhost", 4433))
-
-try:
-  t = POW.Ssl(POW.TLSV1_CLIENT_METHOD)
-  t.useCertificate(cer)
-  t.useKey(key)
-  t.addCertificate(ca)
-  t.setFd(s.fileno())
-  t.connect()
-  x = t.peerCertificate()
-  if x is not None:
-    print "Peer", x.pprint()
-  t.write("GET / HTTP/1.0\r\n")
-  if False:
-    print t.read(10000)
-  else:
-    while True:
-      print t.read()
-except:
-  print "ERROR:"
-  for e in pow_error_iterator():
-    print e
-  raise
diff --git a/scripts/Old/tls-client.py b/scripts/Old/tls-client.py
deleted file mode 100644
index ef879a5c..00000000
--- a/scripts/Old/tls-client.py
+++ /dev/null
@@ -1,27 +0,0 @@
-# $Id$
-
-import socket, POW, time
-
-key = POW.pemRead(POW.RSA_PRIVATE_KEY, open("Carol.key", "r").read())
-cer = POW.pemRead(POW.X509_CERTIFICATE, open("Carol.cer", "r").read())
-ta  = POW.pemRead(POW.X509_CERTIFICATE, open("Alice-TA.cer", "r").read())
-
-s = socket.socket()
-s.connect(('',6666))
-
-ssl = POW.Ssl(POW.TLSV1_CLIENT_METHOD)
-
-ssl.useCertificate(cer)
-ssl.useKey(key)
-ssl.setVerifyMode(POW.SSL_VERIFY_PEER | POW.SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
-ssl.trustCertificate(ta)
-
-ssl.setFd(s.fileno())
-ssl.connect()
-
-peer = ssl.peerCertificate()
-if peer is not None:
-  print peer.pprint()
-
-print ssl.read(100)
-ssl.write("Bye")
diff --git a/scripts/Old/tls-server.py b/scripts/Old/tls-server.py
deleted file mode 100644
index d3798a32..00000000
--- a/scripts/Old/tls-server.py
+++ /dev/null
@@ -1,40 +0,0 @@
-# $Id$
-
-import socket, POW, time
-
-key = POW.pemRead(POW.RSA_PRIVATE_KEY, open("Alice.key", "r").read())
-cer = POW.pemRead(POW.X509_CERTIFICATE, open("Alice.cer", "r").read())
-ta  = POW.pemRead(POW.X509_CERTIFICATE, open("Carol-TA.cer", "r").read())
-
-listener = socket.socket()
-listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
-listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1)
-listener.bind(('',6666))
-listener.listen(5)
-
-s, addr = listener.accept()
-while not s:
-  time.sleep(2)
-  s, addr = listener.accept()
-
-s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
-s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1)
-
-print "Got connection %r from %r" % (s, addr)
-
-ssl = POW.Ssl(POW.TLSV1_SERVER_METHOD)
-
-ssl.useCertificate(cer)
-ssl.useKey(key)
-ssl.setVerifyMode(POW.SSL_VERIFY_PEER | POW.SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
-ssl.trustCertificate(ta)
-
-ssl.setFd(s.fileno())
-ssl.accept()
-
-peer = ssl.peerCertificate()
-if peer is not None:
-  print peer.pprint()
-
-ssl.write("Hello, TLS")
-print ssl.read(100)
diff --git a/scripts/find-roa-expiration.py b/scripts/find-roa-expiration.py
index 0ae6fa66..151de446 100644
--- a/scripts/find-roa-expiration.py
+++ b/scripts/find-roa-expiration.py
@@ -48,13 +48,13 @@ for line in subprocess.check_output(["find_roa"] + sys.argv[1:]).splitlines():
   del words[-1]
   print " ".join(words)
 
-  x = rpki.POW.derRead(rpki.POW.CMS_MESSAGE, open(fn, "rb").read()).certs()[0]
+  x = rpki.POW.CMS.derReadFile(fn).certs()[0]
   uri = get_aia(x)
   print x.getNotAfter(), filename_to_uri(fn)
 
   while uri:
     fn = uri_to_filename(uri)
-    x = rpki.POW.derRead(rpki.POW.X509_CERTIFICATE, open(fn, "rb").read())
+    x = rpki.POW.X509.derReadFile(fn)
     print x.getNotAfter(), uri
     uri = get_aia(x)
 
diff --git a/scripts/format-application-x-rpki.py b/scripts/format-application-x-rpki.py
index a7e58f49..accefa7f 100644
--- a/scripts/format-application-x-rpki.py
+++ b/scripts/format-application-x-rpki.py
@@ -56,7 +56,7 @@ if argv or source_name is None or destination_name is None:
   usage(ok = False)
 
 def pprint_cert(b64):
-  return rpki.POW.derRead(rpki.POW.X509_CERTIFICATE, base64.b64decode(b64)).pprint()
+  return rpki.POW.X509.derRead(base64.b64decode(b64)).pprint()
   
 def up_down():
   msg["X-RPKI-Up-Down-Type"] = xml.get("type")
@@ -101,7 +101,7 @@ try:
       continue
     assert not srcmsg.is_multipart() and srcmsg.get_content_type() == "application/x-rpki"
     payload = srcmsg.get_payload(decode = True)
-    cms = rpki.POW.derRead(rpki.POW.CMS_MESSAGE, payload)
+    cms = rpki.POW.CMS.derRead(payload)
     txt = cms.verify(rpki.POW.X509Store(), None, rpki.POW.CMS_NOCRL | rpki.POW.CMS_NO_SIGNER_CERT_VERIFY | rpki.POW.CMS_NO_ATTR_VERIFY | rpki.POW.CMS_NO_CONTENT_VERIFY)
     xml = lxml.etree.fromstring(txt)
     tag = xml.tag
diff --git a/scripts/x509-dot.py b/scripts/x509-dot.py
index 9ad5b79d..df892198 100644
--- a/scripts/x509-dot.py
+++ b/scripts/x509-dot.py
@@ -61,9 +61,9 @@ class x509(object):
     f.close()
 
     if "-----BEGIN" in text:
-      self.pow = rpki.POW.pemRead(rpki.POW.X509_CERTIFICATE, text)
+      self.pow = rpki.POW.X509.pemRead(text)
     else:
-      self.pow = rpki.POW.derRead(rpki.POW.X509_CERTIFICATE, text)
+      self.pow = rpki.POW.X509.derRead(text)
 
     self.extensions = dict((e[0], e[2]) for e in (self.pow.getExtension(i) for i in xrange(self.pow.countExtensions())))