Public Member Functions | Public Attributes | Static Public Attributes

rpki.myrpki.CA Class Reference

Inherits object.

Collaboration diagram for rpki.myrpki.CA:
Collaboration graph

List of all members.

Public Member Functions

def __init__
def bsc
def cms_xml_sign
def cms_xml_verify
def ee
def fxcert
def run_ca
def run_dgst
def run_openssl
def run_req
def setup
def touch_file
def xcert
def xcert_filename
def xcert_revoke

Public Attributes

 cer
 cfg
 crl
 crlnum
 dir
 env
 index
 key
 openssl
 req
 serial

Static Public Attributes

dictionary path_restriction

Detailed Description

Representation of one certification authority.

Definition at line 559 of file myrpki.py.


Member Function Documentation

def rpki.myrpki.CA.__init__ (   self,
  cfg_file,
  dir 
)

Definition at line 570 of file myrpki.py.

def rpki.myrpki.CA.bsc (   self,
  pkcs10 
)
Issue BSC certificiate, if we have a PKCS #10 request for it.

Definition at line 723 of file myrpki.py.

def rpki.myrpki.CA.cms_xml_sign (   self,
  ee_name,
  base_name,
  elt 
)
Sign an XML object with CMS, return Base64 text.

Definition at line 685 of file myrpki.py.

def rpki.myrpki.CA.cms_xml_verify (   self,
  b64,
  ca 
)
Attempt to verify and extract XML from a Base64-encoded signed CMS
object.  CA is the filename of a certificate that we expect to be
the issuer of the EE certificate bundled with the CMS, and must
previously have been cross-certified under our trust anchor.

Definition at line 698 of file myrpki.py.

def rpki.myrpki.CA.ee (   self,
  ee_name,
  base_name 
)
Issue an end-enity certificate.

Definition at line 671 of file myrpki.py.

def rpki.myrpki.CA.fxcert (   self,
  b64,
  filename = None,
  path_restriction = 0 
)
Write PEM certificate to file, then cross-certify.

Definition at line 744 of file myrpki.py.

def rpki.myrpki.CA.run_ca (   self,
  args 
)
Run OpenSSL "ca" command with common initial arguments.

Definition at line 605 of file myrpki.py.

def rpki.myrpki.CA.run_dgst (   self,
  input,
  algorithm = "md5" 
)
Run OpenSSL "dgst" command, return cleaned-up result.

Definition at line 622 of file myrpki.py.

def rpki.myrpki.CA.run_openssl (   self,
  cmd,
  kwargs 
)
Run an OpenSSL command, suppresses stderr unless OpenSSL returns
failure, and returns stdout.

Definition at line 589 of file myrpki.py.

def rpki.myrpki.CA.run_req (   self,
  key_file,
  req_file,
  log_key = sys.stdout 
)
Run OpenSSL "genrsa" and  "req" commands.

Definition at line 611 of file myrpki.py.

def rpki.myrpki.CA.setup (   self,
  ca_name 
)
Set up this CA.  ca_name is an X.509 distinguished name in
/tag=val/tag=val format.

Definition at line 645 of file myrpki.py.

def rpki.myrpki.CA.touch_file (   filename,
  content = None 
)
Create dumb little text files expected by OpenSSL "ca" utility.

Definition at line 635 of file myrpki.py.

def rpki.myrpki.CA.xcert (   self,
  cert,
  path_restriction = 0 
)
Cross-certify a certificate represented as a PEM file, if we
haven't already.  This only works for self-signed certs, due to
limitations of the OpenSSL command line tool, but that suffices
for our purposes.

Definition at line 771 of file myrpki.py.

def rpki.myrpki.CA.xcert_filename (   self,
  cert 
)
Generate filename for a cross-certification.

Extracts public key and subject name from PEM file and hash it so
we can use the result as a tag for cross-certifying this cert.

Definition at line 757 of file myrpki.py.

def rpki.myrpki.CA.xcert_revoke (   self,
  cert 
)
Revoke a cross-certification and regenerate CRL.

Definition at line 784 of file myrpki.py.


Member Data Documentation

Definition at line 573 of file myrpki.py.

Definition at line 571 of file myrpki.py.

Definition at line 576 of file myrpki.py.

Definition at line 579 of file myrpki.py.

Definition at line 572 of file myrpki.py.

Definition at line 584 of file myrpki.py.

Definition at line 577 of file myrpki.py.

Definition at line 574 of file myrpki.py.

Definition at line 582 of file myrpki.py.

dictionary rpki.myrpki.CA.path_restriction [static]
Initial value:
{ 0 : "ca_x509_ext_xcert0",
                       1 : "ca_x509_ext_xcert1" }

Definition at line 567 of file myrpki.py.

Definition at line 575 of file myrpki.py.

Definition at line 578 of file myrpki.py.


The documentation for this class was generated from the following file:
 All Classes Namespaces Files Functions Variables