2 files changed, 32 insertions, 10 deletions

diff --git a/scripts/manifests.py b/scripts/manifests.py
index 4991ffa2..abf0441b 100644
--- a/scripts/manifests.py
+++ b/scripts/manifests.py
@@ -2,24 +2,32 @@
 
 import rpki.x509, rpki.manifest, time, POW, POW.pkix, glob, os
 
+now = time.time()
+
+certs = glob.glob("resource-cert-samples/*.cer")
+
 def one_cert(filename):
   c = rpki.x509.X509(Auto_file = filename)
   d = POW.Digest(POW.SHA256_DIGEST)
   d.update(c.get_DER())
   return filename.rpartition("/")[2], d.digest()
 
-now = time.time()
+mani1 = rpki.manifest.Manifest()
+mani1.set((0,                                   # version
+           17,                                  # manifestNumber
+           POW.pkix.time2gen(now),              # thisUpdate
+           POW.pkix.time2gen(now + 24*60*60),   # nextUpdate
+           (2, 16, 840, 1, 101, 3, 4, 2, 1),    # id-sha256
+           [one_cert(i) for i in certs]))
 
-certs = glob.glob("resource-cert-samples/*.cer")
+m = rpki.x509.SignedManifest()
+m.build(serial = 17,
+        nextUpdate = now + 24 * 60 * 60,
+        names_and_objs = [(fn, rpki.x509.X509(Auto_file = fn)) for fn in certs])
+mani2 = m.get_content()
 
-mani = rpki.manifest.Manifest()
-mani.set((0,                                   # version
-          17,                                  # manifestNumber
-          POW.pkix.time2gen(now),              # thisUpdate
-          POW.pkix.time2gen(now + 24*60*60),   # nextUpdate
-          (2, 16, 840, 1, 101, 3, 4, 2, 1),    # id-sha256
-          [one_cert(i) for i in certs]))
+assert mani1.toString() == mani2.toString()
 
 f = os.popen("dumpasn1 -a - 2>/dev/null", "w")
-f.write(mani.toString())
+f.write(mani2.toString())
 f.close()
diff --git a/scripts/rpki/x509.py b/scripts/rpki/x509.py
index 605a698f..7f82cd56 100644
--- a/scripts/rpki/x509.py
+++ b/scripts/rpki/x509.py
@@ -552,6 +552,20 @@ class SignedManifest(DER_object):
   def verify(self, ta):
     self.content = rpki.cms.verify(self.get_DER(), ta)
 
+  def build(self, serial, nextUpdate, names_and_objs):
+    filelist = []
+    for name, obj in names_and_objs:
+      d = POW.Digest(POW.SHA256_DIGEST)
+      d.update(obj.get_DER())
+      filelist.append((name.rpartition("/")[2], d.digest()))
+    m = rpki.manifest.Manifest()
+    m.manifestNumber.set(serial)
+    m.thisUpdate.set(POW.pkix.time2gen(time.time()))
+    m.nextUpdate.set(POW.pkix.time2gen(nextUpdate))
+    m.fileHashAlg.set((2, 16, 840, 1, 101, 3, 4, 2, 1)) # id-sha256
+    m.fileList.set(filelist)
+    self.set_content(m)
+
 class CRL(DER_object):
   """Class to hold a Certificate Revocation List."""