3 files changed, 33 insertions, 4 deletions

diff --git a/scripts/manifests.py b/scripts/manifests.py
index 2d5071c2..1f6a571d 100644
--- a/scripts/manifests.py
+++ b/scripts/manifests.py
@@ -2,6 +2,12 @@
 
 import rpki.x509, rpki.manifest, time, glob, os
 
+show_content_1                  = True
+show_signed_manifest_PEM        = True
+show_signed_manifest_asn1dump   = True
+show_content_2                  = True
+show_content_3                  = True
+
 def dumpasn1(thing):
   i,o = os.popen4(("dumpasn1", "-a", "-"))
   i.write(thing)
@@ -9,16 +15,34 @@ def dumpasn1(thing):
   print "\n".join(x for x in o.read().splitlines() if x.startswith(" "))
   o.close()
 
+
 m = rpki.x509.SignedManifest()
 m.build(serial = 17,
         nextUpdate = time.time() + 24 * 60 * 60,
         names_and_objs = [(fn, rpki.x509.X509(Auto_file = fn))
                           for fn in glob.glob("resource-cert-samples/*.cer")])
 
-#dumpasn1(m.get_content().toString())
+if show_content_1:
+  dumpasn1(m.get_content().toString())
 
 m.sign(keypair = rpki.x509.RSA(Auto_file = "biz-certs/Alice-EE.key"),
        certs   = rpki.x509.X509_chain(Auto_files = ("biz-certs/Alice-EE.cer", "biz-certs/Alice-CA.cer")))
 
-print m.get_PEM()
-dumpasn1(m.get_DER())
+if show_signed_manifest_PEM:
+  print m.get_PEM()
+
+if show_signed_manifest_asn1dump:
+  dumpasn1(m.get_DER())
+
+n = rpki.x509.SignedManifest(DER = m.get_DER())
+
+n.verify(ta = rpki.x509.X509(Auto_file = "biz-certs/Alice-Root.cer"))
+
+if show_content_2:
+  dumpasn1(n.get_content().toString())
+
+assert m.get_content().toString() == n.get_content().toString()
+assert m.get_content().get()      == n.get_content().get()
+
+print
+print n.get_content().get()
diff --git a/scripts/rpki/manifest.py b/scripts/rpki/manifest.py
index c77f092b..51755732 100644
--- a/scripts/rpki/manifest.py
+++ b/scripts/rpki/manifest.py
@@ -23,6 +23,7 @@ class FilesAndHashes(SequenceOf):
 class Manifest(Sequence):
   def __init__(self, optional=0, default=''):
     self.version        = Integer(0, "AgEA")
+    #self.version        = Integer()
     self.manifestNumber = Integer()
     self.thisUpdate     = GeneralizedTime()
     self.nextUpdate     = GeneralizedTime()
diff --git a/scripts/rpki/x509.py b/scripts/rpki/x509.py
index e89d0f2c..4bcb20b4 100644
--- a/scripts/rpki/x509.py
+++ b/scripts/rpki/x509.py
@@ -548,7 +548,10 @@ class SignedManifest(DER_object):
     self.DER = rpki.cms.sign(self.content.toString(), keypair, certs)
 
   def verify(self, ta):
-    self.content = rpki.cms.verify(self.get_DER(), ta)
+    m = rpki.manifest.Manifest()
+    s = rpki.cms.verify(self.get_DER(), ta)
+    m.fromString(s)
+    self.content = m
 
   def build(self, serial, nextUpdate, names_and_objs):
     filelist = []
@@ -557,6 +560,7 @@ class SignedManifest(DER_object):
       d.update(obj.get_DER())
       filelist.append((name.rpartition("/")[2], d.digest()))
     m = rpki.manifest.Manifest()
+    m.version.set(0)
     m.manifestNumber.set(serial)
     m.thisUpdate.set(POW.pkix.time2gen(time.time()))
     m.nextUpdate.set(POW.pkix.time2gen(nextUpdate))