diff options
Diffstat (limited to 'rp/utils/uri')
| -rwxr-xr-x | rp/utils/uri | 80 |
1 files changed, 45 insertions, 35 deletions
diff --git a/rp/utils/uri b/rp/utils/uri index e72d5e0d..d3d9eebb 100755 --- a/rp/utils/uri +++ b/rp/utils/uri @@ -24,47 +24,57 @@ Input files must be in DER format and may be either X.509v3 certificates or CMS objects which contain X.509v3 certificates in the CMS wrapper. """ -import argparse +import rpki.config import rpki.POW class Certificate(object): - @staticmethod - def first_rsync(uris): - if uris is not None: - for uri in uris: - if uri.startswith("rsync://"): - return uri - return None + @staticmethod + def first_whatever(uris, prefix): + if uris is not None: + for uri in uris: + if uri.startswith(prefix): + return uri + return None - def __init__(self, fn): - try: - x = rpki.POW.X509.derReadFile(fn) - except: # pylint: disable=W0702 - try: - cms = rpki.POW.CMS.derReadFile(fn) - cms.extractWithoutVerifying() - x = cms.certs()[0] - except: - raise ValueError - sia = x.getSIA() or (None, None, None) - self.fn = fn - self.uris = ( - ("AIA:caIssuers", self.first_rsync(x.getAIA())), - ("SIA:caRepository", self.first_rsync(sia[0])), - ("SIA:rpkiManifest", self.first_rsync(sia[1])), - ("SIA:signedObject", self.first_rsync(sia[2])), - ("CRLDP", self.first_rsync(x.getCRLDP()))) + def first_rsync(self, uris): + return self.first_whatever(uris, "rsync://") - def __str__(self): - words = [self.fn] if args.single_line else ["File: " + self.fn] - words.extend(" %s: %s" % (tag, uri) for tag, uri in self.uris if uri is not None) - return ("" if args.single_line else "\n").join(words) + def first_https(self, uris): + return self.first_whatever(uris, "https://") -parser = argparse.ArgumentParser(description = __doc__) -parser.add_argument("-s", "--single-line", action = "store_true", help = "single output line per object") -parser.add_argument("certs", nargs = "+", type = Certificate, help = "RPKI objects to examine") -args = parser.parse_args() + def first_http(self, uris): + return self.first_whatever(uris, "http://") + + def __init__(self, fn): + try: + x = rpki.POW.X509.derReadFile(fn) + except: + try: + cms = rpki.POW.CMS.derReadFile(fn) + cms.extractWithoutVerifying() + x = cms.certs()[0] + except: + raise ValueError + sia = x.getSIA() or (None, None, None, None) + self.fn = fn + self.uris = ( + ("AIA:caIssuers", self.first_rsync(x.getAIA())), + ("SIA:caRepository", self.first_rsync(sia[0])), + ("SIA:rpkiManifest", self.first_rsync(sia[1])), + ("SIA:signedObject", self.first_rsync(sia[2])), + ("SIA:rpkiNotify", self.first_https(sia[3]) or self.first_http(sia[3])), + ("CRLDP", self.first_rsync(x.getCRLDP()))) + + def __str__(self): + words = [self.fn] if args.single_line else ["File: " + self.fn] + words.extend(" %s: %s" % (tag, uri) for tag, uri in self.uris if uri is not None) + return ("" if args.single_line else "\n").join(words) + +cfg = rpki.config.argparser(doc = __doc__) +cfg.argparser.add_argument("-s", "--single-line", action = "store_true", help = "single output line per object") +cfg.argparser.add_argument("certs", nargs = "+", type = Certificate, help = "RPKI objects to examine") +args = cfg.argparser.parse_args() for cert in args.certs: - print cert + print cert |