aboutsummaryrefslogtreecommitdiff
path: root/rp/utils/scan_routercerts
diff options
context:
space:
mode:
Diffstat (limited to 'rp/utils/scan_routercerts')
-rwxr-xr-xrp/utils/scan_routercerts39
1 files changed, 18 insertions, 21 deletions
diff --git a/rp/utils/scan_routercerts b/rp/utils/scan_routercerts
index 081a6293..540a8e25 100755
--- a/rp/utils/scan_routercerts
+++ b/rp/utils/scan_routercerts
@@ -26,32 +26,29 @@ import base64
import argparse
import rpki.POW
import rpki.oids
+import rpki.config
-def check_dir(s):
- if not os.path.isdir(s):
- raise argparse.ArgumentTypeError("%r is not a directory" % s)
- return s
-
-parser = argparse.ArgumentParser(description = __doc__)
-parser.add_argument("rcynic_dir", type = check_dir, help = "rcynic authenticated output directory")
-args = parser.parse_args()
+from rpki.rcynicdb.iterator import authenticated_objects
-for root, dirs, files in os.walk(args.rcynic_dir):
-
- for fn in files:
+def check_dir(s):
+ if not os.path.isdir(s):
+ raise argparse.ArgumentTypeError("{!r} is not a directory".format(s))
+ return s
- if not fn.endswith(".cer"):
- continue
+cfg = rpki.config.argparser(doc = __doc__)
+cfg.argparser.add_argument("rcynic_dir", nargs = "?", type = check_dir,
+ help = "rcynic authenticated output directory")
+args = cfg.argparser.parse_args()
- x = rpki.POW.X509.derReadFile(os.path.join(root, fn))
+for uri, cer in authenticated_objects(args.rcynic_dir, uri_suffix = ".cer"):
- if rpki.oids.id_kp_bgpsec_router not in (x.getEKU() or ()):
- continue
+ if rpki.oids.id_kp_bgpsec_router not in (cer.getEKU() or ()):
+ continue
- sys.stdout.write(base64.urlsafe_b64encode(x.getSKI()).rstrip("="))
+ sys.stdout.write(base64.urlsafe_b64encode(cer.getSKI()).rstrip("="))
- for min_asn, max_asn in x.getRFC3779()[0]:
- for asn in xrange(min_asn, max_asn + 1):
- sys.stdout.write(" %s" % asn)
+ for min_asn, max_asn in cer.getRFC3779()[0]:
+ for asn in xrange(min_asn, max_asn + 1):
+ sys.stdout.write(" {}".format(asn))
- sys.stdout.write(" %s\n" % base64.b64encode(x.getPublicKey().derWritePublic()))
+ sys.stdout.write(" {}\n".format(base64.b64encode(cer.getPublicKey().derWritePublic())))
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-11 07:20:06 +0000