diff options
Diffstat (limited to 'scripts/rpki')
| -rw-r--r-- | scripts/rpki/sql.py | 26 | ||||
| -rw-r--r-- | scripts/rpki/up_down.py | 12 |
2 files changed, 19 insertions, 19 deletions
diff --git a/scripts/rpki/sql.py b/scripts/rpki/sql.py index ea9299cd..d0d2de97 100644 --- a/scripts/rpki/sql.py +++ b/scripts/rpki/sql.py @@ -166,8 +166,8 @@ class ca_obj(sql_persistant): class ca_detail_obj(sql_persistant): """Internal CA detail object.""" - sql_template = template("ca", "ca_detail_id", "private_key_handle", "public_key", "latest_ca_cert_over_public_key", "manifest_ee_private_key_handle", - "manifest_ee_public_key", "latest_manifest_ee_cert", "latest_manifest", "latest_crl", "ca_id") + sql_template = template("ca", "ca_detail_id", "private_key_id", "public_key", "latest_ca_cert", "manifest_private_key_id", + "manifest_public_key", "latest_manifest_cert", "latest_manifest", "latest_crl", "ca_id") def __init__(self): self.certs = [] @@ -175,26 +175,26 @@ class ca_detail_obj(sql_persistant): def sql_decode(self, vals): sql_persistant.sql_decode(self, vals) - self.private_key_handle = rpki.x509.RSA_Keypair(DER = self.private_key_handle) + self.private_key_id = rpki.x509.RSA_Keypair(DER = self.private_key_id) if self.public_key is not None: - assert self.private_key_handle.get_public_DER() == self.public_key + assert self.private_key_id.get_public_DER() == self.public_key - self.latest_ca_cert_over_public_key = rpki.x509.X509(DER = self.latest_ca_cert_over_public_key) + self.latest_ca_cert = rpki.x509.X509(DER = self.latest_ca_cert) - self.manifest_ee_private_key_handle = rpki.x509.RSA_Keypair(DER = self.manifest_ee_private_key_handle) - if self.manifest_ee_public_key is not None: - assert self.manifest_ee_private_key_handle.get_public_DER() == self.manifest_ee_public_key + self.manifest_private_key_id = rpki.x509.RSA_Keypair(DER = self.manifest_private_key_id) + if self.manifest_public_key is not None: + assert self.manifest_private_key_id.get_public_DER() == self.manifest_public_key - self.manifest_ee_cert = rpki.x509.X509(DER = self.manifest_ee_cert) + self.manifest_cert = rpki.x509.X509(DER = self.manifest_cert) # todo: manifest, crl def sql_encode(self): d = sql_persistant.sql_encode(self) - d["private_key_handle"] = self.private_key_handle.get_DER() - d["latest_ca_cert_over_public_key"] = self.latest_ca_cert_over_public_key.get_DER() - d["manifest_ee_private_key_handle"] = self.manifest_ee_private_key_handle.get_DER() - d["manifest_ee_cert"] = self.manifest_ee_cert.get_DER() + d["private_key_id"] = self.private_key_id.get_DER() + d["latest_ca_cert"] = self.latest_ca_cert.get_DER() + d["manifest_private_key_id"] = self.manifest_private_key_id.get_DER() + d["manifest_cert"] = self.manifest_cert.get_DER() return d class child_cert_obj(sql_persistant): diff --git a/scripts/rpki/up_down.py b/scripts/rpki/up_down.py index 06aafa05..2b424d9b 100644 --- a/scripts/rpki/up_down.py +++ b/scripts/rpki/up_down.py @@ -137,14 +137,14 @@ class class_elt(base_elt): def cons_resource_class(gctx, now, child, ca_id, irdb_as, irdb_v4, irdb_v6): ca_detail = None for c in rpki.sql.ca_detail_elt.sql_fetch_where(gctx.db, gctx.cur, "ca_id = %s" % ca_id): - if c.latest_ca_cert_over_public_key is not None and \ - c.latest_ca_cert_over_public_key.getNotBefore() <= now and \ - c.latest_ca_cert_over_public_key.getNotAfter() >= now and \ - (ca_detail is None or c.latest_ca_cert_over_public_key.getNotBefore() > ca_detail.latest_ca_cert_over_public_key.getNotBefore()): + if c.latest_ca_cert is not None and \ + c.latest_ca_cert.getNotBefore() <= now and \ + c.latest_ca_cert.getNotAfter() >= now and \ + (ca_detail is None or c.latest_ca_cert.getNotBefore() > ca_detail.latest_ca_cert.getNotBefore()): ca_detail = c if not ca_detail: return None - rc_as, rc_v4, rc_v6 = ca_detail.latest_ca_cert_over_public_key.get_3779resources() + rc_as, rc_v4, rc_v6 = ca_detail.latest_ca_cert.get_3779resources() rc_as.intersection(irdb_as) rc_v4.intersection(irdb_v4) rc_v6.intersection(irdb_v6) @@ -161,7 +161,7 @@ def cons_resource_class(gctx, now, child, ca_id, irdb_as, irdb_v4, irdb_v6): c.cert_url = "rsync://niy.invalid" c.cert = child_cert.cert rc.certs.append(c) - rc.issuer = ca_detail.latest_ca_cert_over_public_key + rc.issuer = ca_detail.latest_ca_cert return rc class list_pdu(base_elt): |