diff options
| -rwxr-xr-x | pow/POW-0.7/lib/pkix.py | 6 | ||||
| l--------- | rpkid/POW | 1 | ||||
| l--------- | rpkid/rpki/POW | 1 | ||||
| -rw-r--r-- | rpkid/rpki/http.py | 2 | ||||
| -rw-r--r-- | rpkid/rpki/manifest.py | 2 | ||||
| -rw-r--r-- | rpkid/rpki/resource_set.py | 4 | ||||
| -rw-r--r-- | rpkid/rpki/roa.py | 2 | ||||
| -rw-r--r-- | rpkid/rpki/x509.py | 74 | ||||
| l--------- | rpkid/tests/POW | 1 | ||||
| l--------- | rtr-origin/POW | 1 | ||||
| l--------- | scripts/POW | 1 |
11 files changed, 48 insertions, 47 deletions
diff --git a/pow/POW-0.7/lib/pkix.py b/pow/POW-0.7/lib/pkix.py index 2d5b3e86..e7d9dde1 100755 --- a/pow/POW-0.7/lib/pkix.py +++ b/pow/POW-0.7/lib/pkix.py @@ -98,7 +98,11 @@ class POWCryptoDriver(CryptoDriver): def __init__(self): global POW - import POW + try: + import rpki.POW + POW = rpki.POW + except ImportError: + import POW self.driver2OID = {} for k, v in (("MD2_DIGEST", (1, 2, 840, 113549, 1, 1, 2)), # md2WithRSAEncryption ("MD5_DIGEST", (1, 2, 840, 113549, 1, 1, 4)), # md5WithRSAEncryption diff --git a/rpkid/POW b/rpkid/POW deleted file mode 120000 index 43fccd7b..00000000 --- a/rpkid/POW +++ /dev/null @@ -1 +0,0 @@ -../pow/buildlib/POW
\ No newline at end of file diff --git a/rpkid/rpki/POW b/rpkid/rpki/POW new file mode 120000 index 00000000..6551720e --- /dev/null +++ b/rpkid/rpki/POW @@ -0,0 +1 @@ +../../pow/buildlib/POW
\ No newline at end of file diff --git a/rpkid/rpki/http.py b/rpkid/rpki/http.py index 0ebf5224..ca64bc53 100644 --- a/rpkid/rpki/http.py +++ b/rpkid/rpki/http.py @@ -34,7 +34,7 @@ PERFORMANCE OF THIS SOFTWARE. import time, socket, asyncore, asynchat, urlparse, sys, random import rpki.async, rpki.sundial, rpki.x509, rpki.exceptions, rpki.log -import POW +import rpki.POW ## @var rpki_content_type # HTTP content type used for all RPKI messages. diff --git a/rpkid/rpki/manifest.py b/rpkid/rpki/manifest.py index 8581f3a0..f832ca20 100644 --- a/rpkid/rpki/manifest.py +++ b/rpkid/rpki/manifest.py @@ -22,7 +22,7 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. """ -from POW._der import * +from rpki.POW._der import * class FileAndHash(Sequence): def __init__(self, optional=0, default=''): diff --git a/rpkid/rpki/resource_set.py b/rpkid/rpki/resource_set.py index 611f1f44..598db990 100644 --- a/rpkid/rpki/resource_set.py +++ b/rpkid/rpki/resource_set.py @@ -631,7 +631,7 @@ class resource_set_ipv6(resource_set_ip): def _bs2long(bs, addrlen, fill): """ - Utility function to convert a bitstring (POW.pkix tuple + Utility function to convert a bitstring (rpki.POW.pkix tuple representation) into a Python long. """ x = 0L @@ -643,7 +643,7 @@ def _bs2long(bs, addrlen, fill): def _long2bs(number, addrlen, prefixlen = None, strip = None): """ - Utility function to convert a Python long into a POW.pkix tuple + Utility function to convert a Python long into a rpki.POW.pkix tuple bitstring. This is a bit complicated because it supports the fiendishly compact encoding used in RFC 3779. """ diff --git a/rpkid/rpki/roa.py b/rpkid/rpki/roa.py index 9f7c1849..51b141e1 100644 --- a/rpkid/rpki/roa.py +++ b/rpkid/rpki/roa.py @@ -42,7 +42,7 @@ draft-ietf-sidr-roa-format-03 2.1.3.2 specifies: IPAddress ::= BIT STRING """ -from POW._der import * +from rpki.POW._der import * class ROAIPAddress(Sequence): def __init__(self, optional=0, default=''): diff --git a/rpkid/rpki/x509.py b/rpkid/rpki/x509.py index 41f89bf0..ebf8e089 100644 --- a/rpkid/rpki/x509.py +++ b/rpkid/rpki/x509.py @@ -43,7 +43,7 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. """ -import POW, POW.pkix, base64, lxml.etree, os, subprocess, sys +import rpki.POW, rpki.POW.pkix, base64, lxml.etree, os, subprocess, sys import email.mime.application, email.utils, mailbox, time import rpki.exceptions, rpki.resource_set, rpki.oids, rpki.sundial import rpki.manifest, rpki.roa, rpki.log, rpki.async @@ -62,9 +62,9 @@ def calculate_SKI(public_key_der): Calculate the SKI value given the DER representation of a public key, which requires first peeling the ASN.1 wrapper off the key. """ - k = POW.pkix.SubjectPublicKeyInfo() + k = rpki.POW.pkix.SubjectPublicKeyInfo() k.fromString(public_key_der) - d = POW.Digest(POW.SHA1_DIGEST) + d = rpki.POW.Digest(rpki.POW.SHA1_DIGEST) d.update(k.subjectPublicKey.get()) return d.digest() @@ -430,20 +430,20 @@ class X509(DER_object): def get_POW(self): """ - Get the POW value of this certificate. + Get the rpki.POW value of this certificate. """ self.check() if not self.POW: - self.POW = POW.derRead(POW.X509_CERTIFICATE, self.get_DER()) + self.POW = rpki.POW.derRead(rpki.POW.X509_CERTIFICATE, self.get_DER()) return self.POW def get_POWpkix(self): """ - Get the POW.pkix value of this certificate. + Get the rpki.POW.pkix value of this certificate. """ self.check() if not self.POWpkix: - cert = POW.pkix.Certificate() + cert = rpki.POW.pkix.Certificate() cert.fromString(self.get_DER()) self.POWpkix = cert return self.POWpkix @@ -505,7 +505,7 @@ class X509(DER_object): # if notAfter is None: notAfter = now + rpki.sundial.timedelta(days = 30) - cert = POW.pkix.Certificate() + cert = rpki.POW.pkix.Certificate() cert.setVersion(2) cert.setSerial(serial) cert.setIssuer(self.get_POWpkix().getSubject()) @@ -547,7 +547,7 @@ class X509(DER_object): x[0] = rpki.oids.name2oid[x[0]] cert.setExtensions(exts) - cert.sign(keypair.get_POW(), POW.SHA256_DIGEST) + cert.sign(keypair.get_POW(), rpki.POW.SHA256_DIGEST) return X509(POWpkix = cert) @@ -562,7 +562,7 @@ class X509(DER_object): assert isinstance(pathLenConstraint, int) and pathLenConstraint >= 0 - cert = POW.pkix.Certificate() + cert = rpki.POW.pkix.Certificate() cert.setVersion(2) cert.setSerial(serial) cert.setIssuer(self.get_POWpkix().getSubject()) @@ -575,7 +575,7 @@ class X509(DER_object): (rpki.oids.name2oid["subjectKeyIdentifier" ], False, source_cert.get_SKI()), (rpki.oids.name2oid["authorityKeyIdentifier"], False, (self.get_SKI(), (), None)), (rpki.oids.name2oid["basicConstraints" ], True, (1, 0)))) - cert.sign(keypair.get_POW(), POW.SHA256_DIGEST) + cert.sign(keypair.get_POW(), rpki.POW.SHA256_DIGEST) return X509(POWpkix = cert) @@ -615,11 +615,11 @@ class PKCS10(DER_object): def get_POWpkix(self): """ - Get the POW.pkix value of this certification request. + Get the rpki.POW.pkix value of this certification request. """ self.check() if not self.POWpkix: - req = POW.pkix.CertificationRequest() + req = rpki.POW.pkix.CertificationRequest() req.fromString(self.get_DER()) self.POWpkix = req return self.POWpkix @@ -695,13 +695,13 @@ class PKCS10(DER_object): Create a new request for a given keypair, including given extensions. """ cn = "".join(("%02X" % ord(i) for i in keypair.get_SKI())) - req = POW.pkix.CertificationRequest() + req = rpki.POW.pkix.CertificationRequest() req.certificationRequestInfo.version.set(0) req.certificationRequestInfo.subject.set((((rpki.oids.name2oid["commonName"], ("printableString", cn)),),)) if exts is not None: req.setExtensions(exts) - req.sign(keypair.get_POW(), POW.SHA256_DIGEST) + req.sign(keypair.get_POW(), rpki.POW.SHA256_DIGEST) return cls(POWpkix = req) class RSA(DER_object): @@ -720,17 +720,17 @@ class RSA(DER_object): if self.DER: return self.DER if self.POW: - self.DER = self.POW.derWrite(POW.RSA_PRIVATE_KEY) + self.DER = self.POW.derWrite(rpki.POW.RSA_PRIVATE_KEY) return self.get_DER() raise rpki.exceptions.DERObjectConversionError, "No conversion path to DER available" def get_POW(self): """ - Get the POW value of this keypair. + Get the rpki.POW value of this keypair. """ self.check() if not self.POW: - self.POW = POW.derRead(POW.RSA_PRIVATE_KEY, self.get_DER()) + self.POW = rpki.POW.derRead(rpki.POW.RSA_PRIVATE_KEY, self.get_DER()) return self.POW @classmethod @@ -739,13 +739,13 @@ class RSA(DER_object): Generate a new keypair. """ rpki.log.debug("Generating new %d-bit RSA key" % keylength) - return cls(POW = POW.Asymmetric(POW.RSA_CIPHER, keylength)) + return cls(POW = rpki.POW.Asymmetric(rpki.POW.RSA_CIPHER, keylength)) def get_public_DER(self): """ Get the DER encoding of the public key from this keypair. """ - return self.get_POW().derWrite(POW.RSA_PUBLIC_KEY) + return self.get_POW().derWrite(rpki.POW.RSA_PUBLIC_KEY) def get_SKI(self): """ @@ -775,17 +775,17 @@ class RSApublic(DER_object): if self.DER: return self.DER if self.POW: - self.DER = self.POW.derWrite(POW.RSA_PUBLIC_KEY) + self.DER = self.POW.derWrite(rpki.POW.RSA_PUBLIC_KEY) return self.get_DER() raise rpki.exceptions.DERObjectConversionError, "No conversion path to DER available" def get_POW(self): """ - Get the POW value of this public key. + Get the rpki.POW value of this public key. """ self.check() if not self.POW: - self.POW = POW.derRead(POW.RSA_PUBLIC_KEY, self.get_DER()) + self.POW = rpki.POW.derRead(rpki.POW.RSA_PUBLIC_KEY, self.get_DER()) return self.POW def get_SKI(self): @@ -797,7 +797,7 @@ class RSApublic(DER_object): def POWify_OID(oid): """ Utility function to convert tuple form of an OID to the - dotted-decimal string form that POW uses. + dotted-decimal string form that rpki.POW uses. """ if isinstance(oid, str): return POWify_OID(rpki.oids.name2oid[oid]) @@ -859,11 +859,11 @@ class CMS_object(DER_object): def get_POW(self): """ - Get the POW value of this CMS_object. + Get the rpki.POW value of this CMS_object. """ self.check() if not self.POW: - self.POW = POW.derRead(POW.CMS_MESSAGE, self.get_DER()) + self.POW = rpki.POW.derRead(rpki.POW.CMS_MESSAGE, self.get_DER()) return self.POW def get_content(self): @@ -913,7 +913,7 @@ class CMS_object(DER_object): for c in crls: rpki.log.debug("Received CMS CRL issuer %r" % (c.getIssuer(),)) - store = POW.X509Store() + store = rpki.POW.X509Store() trusted_ee = None @@ -984,7 +984,7 @@ class CMS_object(DER_object): if cms.eContentType() != self.econtent_oid: raise rpki.exceptions.WrongEContentType, "Got CMS eContentType %s, expected %s" % (cms.eContentType(), self.econtent_oid) - content = cms.verify(POW.X509Store(), None, POW.CMS_NOCRL | POW.CMS_NO_SIGNER_CERT_VERIFY | POW.CMS_NO_ATTR_VERIFY | POW.CMS_NO_CONTENT_VERIFY) + content = cms.verify(rpki.POW.X509Store(), None, rpki.POW.CMS_NOCRL | rpki.POW.CMS_NO_SIGNER_CERT_VERIFY | rpki.POW.CMS_NO_ATTR_VERIFY | rpki.POW.CMS_NO_CONTENT_VERIFY) self.decode(content) return self.get_content() @@ -1013,7 +1013,7 @@ class CMS_object(DER_object): for i, c in enumerate(certs): rpki.log.debug("Additional cert %d issuer %s subject %s SKI %s" % (i, c.getIssuer(), c.getSubject(), c.hSKI())) - cms = POW.CMS() + cms = rpki.POW.CMS() cms.sign(cert.get_POW(), keypair.get_POW(), @@ -1021,7 +1021,7 @@ class CMS_object(DER_object): [x.get_POW() for x in certs], [c.get_POW() for c in crls], self.econtent_oid, - POW.CMS_NOCERTS if no_certs else 0) + rpki.POW.CMS_NOCERTS if no_certs else 0) self.POW = cms @@ -1073,7 +1073,7 @@ class SignedManifest(DER_CMS_object): self = cls() filelist = [] for name, obj in names_and_objs: - d = POW.Digest(POW.SHA256_DIGEST) + d = rpki.POW.Digest(rpki.POW.SHA256_DIGEST) d.update(obj.get_DER()) filelist.append((name.rpartition("/")[2], d.digest())) filelist.sort(key = lambda x: x[0]) @@ -1111,7 +1111,7 @@ class ROA(DER_CMS_object): self.set_content(r) self.sign(keypair, certs) return self - except POW.pkix.DerError, e: + except rpki.POW.pkix.DerError, e: rpki.log.debug("Encoding error while generating ROA %r: %s" % (self, e)) rpki.log.debug("ROA inner content: %r" % (r.get(),)) raise @@ -1243,20 +1243,20 @@ class CRL(DER_object): def get_POW(self): """ - Get the POW value of this CRL. + Get the rpki.POW value of this CRL. """ self.check() if not self.POW: - self.POW = POW.derRead(POW.X509_CRL, self.get_DER()) + self.POW = rpki.POW.derRead(rpki.POW.X509_CRL, self.get_DER()) return self.POW def get_POWpkix(self): """ - Get the POW.pkix value of this CRL. + Get the rpki.POW.pkix value of this CRL. """ self.check() if not self.POWpkix: - crl = POW.pkix.CertificateList() + crl = rpki.POW.pkix.CertificateList() crl.fromString(self.get_DER()) self.POWpkix = crl return self.POWpkix @@ -1284,7 +1284,7 @@ class CRL(DER_object): """ Generate a new CRL. """ - crl = POW.pkix.CertificateList() + crl = rpki.POW.pkix.CertificateList() crl.setVersion(version) crl.setIssuer(issuer.get_POWpkix().getSubject()) crl.setThisUpdate(thisUpdate.toASN1tuple()) diff --git a/rpkid/tests/POW b/rpkid/tests/POW deleted file mode 120000 index 5ddce7b5..00000000 --- a/rpkid/tests/POW +++ /dev/null @@ -1 +0,0 @@ -../POW
\ No newline at end of file diff --git a/rtr-origin/POW b/rtr-origin/POW deleted file mode 120000 index 43fccd7b..00000000 --- a/rtr-origin/POW +++ /dev/null @@ -1 +0,0 @@ -../pow/buildlib/POW
\ No newline at end of file diff --git a/scripts/POW b/scripts/POW deleted file mode 120000 index 43fccd7b..00000000 --- a/scripts/POW +++ /dev/null @@ -1 +0,0 @@ -../pow/buildlib/POW
\ No newline at end of file |