diff options
Diffstat (limited to 'scripts/rpki')
| -rw-r--r-- | scripts/rpki/sql.py | 2 | ||||
| -rw-r--r-- | scripts/rpki/up_down.py | 2 | ||||
| -rw-r--r-- | scripts/rpki/x509.py | 4 |
3 files changed, 4 insertions, 4 deletions
diff --git a/scripts/rpki/sql.py b/scripts/rpki/sql.py index 055e4476..c1681bd7 100644 --- a/scripts/rpki/sql.py +++ b/scripts/rpki/sql.py @@ -507,7 +507,7 @@ class ca_detail_obj(sql_persistant): if now > child_cert.cert.getNotAfter() + crl_interval: child_cert.sql_delete() else: - certlist.append((child_cert.cert.getSerial(), child_cert.revoked, ())) + certlist.append((child_cert.cert.getSerial(), child_cert.revoked.toASN1tuple(), ())) certlist.sort() self.latest_crl = rpki.x509.CRL.generate( diff --git a/scripts/rpki/up_down.py b/scripts/rpki/up_down.py index e4285257..bf9e37a1 100644 --- a/scripts/rpki/up_down.py +++ b/scripts/rpki/up_down.py @@ -333,7 +333,7 @@ class revoke_pdu(revoke_syntax): def get_SKI(self): """Convert g(SKI) encoding from PDU back to raw SKI.""" - return base64.b64decode(self.ski.replace("_", "/").replace("-", "+")) + return base64.urlsafe_b64decode(self.ski + "=") def serve_pdu(self, gctx, q_msg, r_msg, child): """Serve one revoke request PDU.""" diff --git a/scripts/rpki/x509.py b/scripts/rpki/x509.py index 478fc6c5..93adf196 100644 --- a/scripts/rpki/x509.py +++ b/scripts/rpki/x509.py @@ -155,7 +155,7 @@ class DER_object(object): """Calculate g(SKI) for this object. Only work for subclasses that implement get_SKI(). """ - return base64.b64encode(self.get_SKI()).replace("+", "-").replace("/", "_") + return base64.urlsafe_b64encode(self.get_SKI()).rstrip("=") def get_AKI(self): """Get the AKI extension from this object. Only works for subclasses that support getExtension().""" @@ -673,7 +673,7 @@ class CRL(DER_object): def generate(cls, keypair, issuer, serial, thisUpdate, nextUpdate, revokedCertificates, version = 1, digestType = "sha256WithRSAEncryption"): crl = POW.pkix.CertificateList() crl.setVersion(version) - crl.setIssuer(issuer.get_POWpkix().getIssuer()) + crl.setIssuer(issuer.get_POWpkix().getSubject()) crl.setThisUpdate(thisUpdate.toASN1tuple()) crl.setNextUpdate(nextUpdate.toASN1tuple()) if revokedCertificates: |