From 6c64a286f5bba47fe4e4f6e2f63d75039e368223 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Mon, 5 Nov 2007 16:50:16 +0000
Subject: Debug X509.issue()

svn path=/scripts/rpki/x509.py; revision=1235
---
 scripts/rpki/x509.py | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/scripts/rpki/x509.py b/scripts/rpki/x509.py
index 78be04c0..4235649f 100644
--- a/scripts/rpki/x509.py
+++ b/scripts/rpki/x509.py
@@ -272,12 +272,8 @@ class X509(DER_object):
     """Issue a certificate."""
 
     now = time.time()
-
     aki = self.get_SKI()
-
-    ski = POW.Digest(POW.SHA1_DIGEST)
-    ski.update(subject_key)
-    ski = ski.digest()
+    ski = subject_key.get_SKI()
 
     if cn is None:
       cn = "".join(("%02X" % ord(i) for i in ski))
@@ -290,14 +286,14 @@ class X509(DER_object):
     cert.setSerial(serial)
     cert.setIssuer(self.get_POWpkix().getSubject())
     cert.setSubject(((((2, 5, 4, 3), ("printableString", cn)),),))
-    cert.setNotBefore(("UTCTime", POW.pkix.time2utc(now)))
-    cert.setNotAfter(("UTCTime", POW.pkix.time2utc(notAfter)))
+    cert.setNotBefore(("utcTime", POW.pkix.time2utc(now)))
+    cert.setNotAfter(("utcTime", POW.pkix.time2utc(notAfter)))
     cert.tbs.subjectPublicKeyInfo.fromString(subject_key.get_DER())
 
     exts = [ ["subjectKeyIdentifier",   False, ski],
              ["authorityKeyIdentifier", False, (aki, (), None)],
              ["cRLDistributionPoints",  False, ((("fullName", (("uri", crldp),)), None, ()),)],
-             ["authorityInfoAccess",    False, ((1, 3, 6, 1, 5, 5, 7, 48, 2), ("uri", aia))],
+             ["authorityInfoAccess",    False, (((1, 3, 6, 1, 5, 5, 7, 48, 2), ("uri", aia)),)],
              ["subjectInfoAccess",      False, sia],
              ["certificatePolicies",    True,  (((1, 3, 6, 1, 5, 5, 7, 14, 2), ()),)] ]
 
-- 
cgit v1.2.3