2 files changed, 14 insertions, 22 deletions

diff --git a/scripts/rpki/left_right.py b/scripts/rpki/left_right.py
index 4b52a61b..eefbd14c 100644
--- a/scripts/rpki/left_right.py
+++ b/scripts/rpki/left_right.py
@@ -2,7 +2,7 @@
 
 """RPKI "left-right" protocol."""
 
-import base64, sax_utils, resource_set, lxml.etree, POW, POW.pkix
+import base64, sax_utils, resource_set, lxml.etree, x509
 
 xmlns = "http://www.hactrn.net/uris/rpki/left-right-spec/"
 
@@ -51,12 +51,6 @@ class base_elt(object):
   def __str__(self):
     lxml.etree.tostring(self.toXML(), pretty_print=True, encoding="us-ascii")
 
-def biz_cert(text):
-  """Parse a DER certificate."""
-  cert = POW.pkix.Certificate()
-  cert.fromString(base64.b64decode(text))
-  return cert
-
 class extension_preference_elt(base_elt):
   """Container for extension preferences."""
 
@@ -133,7 +127,7 @@ class bsc_elt(base_elt):
   def endElement(self, stack, name, text):
     """Handle <bsc/> element."""
     if name == "signing_cert":
-      self.signing_cert.append(biz_cert(text))
+      self.signing_cert.append(x509.X509(DER=base64.b64decode(text)))
     elif name == "public_key":
       self.public_key = base64.b64decode(text)
     elif name == "pkcs10_cert_request":
@@ -146,7 +140,7 @@ class bsc_elt(base_elt):
     """Generate <bsc/> element."""
     elt = self.make_elt()
     for cert in self.signing_cert:
-      self.make_b64elt(elt, "signing_cert", cert.toString())
+      self.make_b64elt(elt, "signing_cert", cert.get_DER())
     self.make_b64elt(elt, "pkcs10_cert_request")
     self.make_b64elt(elt, "public_key")
     return elt
@@ -169,7 +163,7 @@ class parent_elt(base_elt):
   def endElement(self, stack, name, text):
     """Handle <bsc/> element."""
     if name == "peer_ta":
-      self.peer_ta = biz_cert(text)
+      self.peer_ta = x509.X509(DER=base64.b64decode(text))
     else:
       assert name == "parent", "Unexpected name %s, stack %s" % (name, stack)
       stack.pop()
@@ -178,7 +172,7 @@ class parent_elt(base_elt):
     """Generate <bsc/> element."""
     elt = self.make_elt()
     if self.peer_ta:
-      self.make_b64elt(elt, "peer_ta", self.peer_ta.toString())
+      self.make_b64elt(elt, "peer_ta", self.peer_ta.get_DER())
     return elt
 
 class child_elt(base_elt):
@@ -199,7 +193,7 @@ class child_elt(base_elt):
   def endElement(self, stack, name, text):
     """Handle <child/> element."""
     if name == "peer_ta":
-      self.peer_ta = biz_cert(text)
+      self.peer_ta = x509.X509(DER=base64.b64decode(text))
     else:
       assert name == "child", "Unexpected name %s, stack %s" % (name, stack)
       stack.pop()
@@ -208,7 +202,7 @@ class child_elt(base_elt):
     """Generate <child/> element."""
     elt = self.make_elt()
     if self.peer_ta:
-      self.make_b64elt(elt, "peer_ta", self.peer_ta.toString())
+      self.make_b64elt(elt, "peer_ta", self.peer_ta.get_DER())
     return elt
 
 class repository_elt(base_elt):
@@ -228,7 +222,7 @@ class repository_elt(base_elt):
   def endElement(self, stack, name, text):
     """Handle <repository/> element."""
     if name == "peer_ta":
-      self.peer_ta = biz_cert(text)
+      self.peer_ta = x509.X509(DER=base64.b64decode(text))
     else:
       assert name == "repository", "Unexpected name %s, stack %s" % (name, stack)
       stack.pop()
@@ -237,7 +231,7 @@ class repository_elt(base_elt):
     """Generate <repository/> element."""
     elt = self.make_elt()
     if self.peer_ta:
-      self.make_b64elt(elt, "peer_ta", self.peer_ta.toString())
+      self.make_b64elt(elt, "peer_ta", self.peer_ta.get_DER())
     return elt
 
 class route_origin_elt(base_elt):
diff --git a/scripts/rpki/up_down.py b/scripts/rpki/up_down.py
index 28e801b8..91dc6aaa 100644
--- a/scripts/rpki/up_down.py
+++ b/scripts/rpki/up_down.py
@@ -2,7 +2,7 @@
 
 """RPKI "up-down" protocol."""
 
-import base64, sax_utils, resource_set, lxml.etree, POW, POW.pkix
+import base64, sax_utils, resource_set, lxml.etree, x509
 
 xmlns="http://www.apnic.net/specs/rescerts/up-down/"
 
@@ -59,14 +59,13 @@ class certificate_elt(base_elt):
   def endElement(self, stack, name, text):
     """Handle text content of a <certificate/> element."""
     assert name == "certificate"
-    self.cert = POW.pkix.Certificate()
-    self.cert.fromString(base64.b64decode(text))
+    self.cert = x509.X509(DER=base64.b64decode(text))
     stack.pop()
 
   def toXML(self):
     """Generate a <certificate/> element."""
     elt = self.make_elt("certificate", "cert_url", "req_resource_set_as", "req_resource_set_ipv4", "req_resource_set_ipv6")
-    elt.text = base64.b64encode(self.cert.toString())
+    elt.text = base64.b64encode(self.cert.get_DER())
     return elt
 
 class class_elt(base_elt):
@@ -94,8 +93,7 @@ class class_elt(base_elt):
   def endElement(self, stack, name, text):
     """Handle <class/> elements and their children."""
     if name == "issuer":
-      self.issuer = POW.pkix.Certificate()
-      self.issuer.fromString(base64.b64decode(text))
+      self.issuer = x509.X509(DER=base64.b64decode(text))
     else:
       assert name == "class", "Unexpected name %s, stack %s" % (name, stack)
       stack.pop()
@@ -104,7 +102,7 @@ class class_elt(base_elt):
     """Generate a <class/> element."""
     elt = self.make_elt("class", "class_name", "cert_url", "resource_set_as", "resource_set_ipv4", "resource_set_ipv6", "suggested_sia_head")
     elt.extend([i.toXML() for i in self.certs])
-    self.make_b64elt(elt, "issuer", self.issuer.toString())
+    self.make_b64elt(elt, "issuer", self.issuer.get_DER())
     return elt
 
 class list_pdu(base_elt):