RPKI Engine
1.0
|
Public Member Functions | |
def | extract |
def | get_content |
def | get_DER |
def | get_POW |
def | get_signingTime |
def | set_content |
def | sign |
def | verify |
Public Attributes | |
content | |
DER | |
DER value of this object. | |
POW | |
Static Public Attributes | |
debug_cms_certs = False | |
Set this to True to log a lot of chatter about CMS certificates. | |
dump_on_verify_failure = True | |
Set this to True to get dumpasn1 dumps of ASN.1 on CMS verify failures. | |
dump_using_dumpasn1 = False | |
Set this to use external dumpasn1 program, which is prettier and more informative than OpenSSL's CMS text dump, but which won't work if the dumpasn1 program isn't installed. | |
tuple | econtent_oid = POWify_OID("id-data") |
tuple | formats = ("DER", "POW") |
Formats supported in this object. | |
tuple | other_clear = ("content",) |
Other attributes that self.clear() should whack. | |
tuple | pem_converter = PEM_converter("CMS") |
PEM converter for this object. | |
print_on_der_error = True | |
Set this to True to log alleged DER when we have trouble parsing it, in case it's really a Perl backtrace or something. | |
require_crls = False | |
Set this to False to make CMS CRLs optional in the cases where we would otherwise require them. |
Class to hold a CMS-wrapped object. CMS-wrapped objects are a little different from the other DER_object types because the signed object is CMS wrapping inner content that's also ASN.1, and due to our current minimal support for CMS we can't just handle this as a pretty composite object. So, for now anyway, a CMS_object is the outer CMS wrapped object so that the usual DER and PEM operations do the obvious things, and the inner content is handle via separate methods.
def rpki::x509::CMS_object::extract | ( | self | ) |
Extract and store inner content from CMS wrapper without verifying the CMS. DANGER WILL ROBINSON!!! Do not use this method on unvalidated data. Use the verify() method instead. If you don't understand this warning, don't use this method.
Definition at line 994 of file x509.py.
References rpki::x509::DER_CMS_object::decode(), rpki::x509::XML_CMS_object::decode(), rpki::x509::Ghostbuster::decode(), econtent_oid, get_content(), rpki::x509::X509::get_POW(), rpki::x509::RSA::get_POW(), rpki::x509::RSApublic::get_POW(), and get_POW().
def rpki::x509::CMS_object::get_content | ( | self | ) |
Get the inner content of this CMS_object.
Definition at line 888 of file x509.py.
References content.
Referenced by rpki::x509::DER_CMS_object::encode(), rpki::x509::XML_CMS_object::encode(), rpki::x509::Ghostbuster::encode(), extract(), rpki::x509::SignedManifest::getNextUpdate(), rpki::x509::SignedManifest::getThisUpdate(), rpki::x509::XML_CMS_object::pretty_print_content(), rpki::x509::XML_CMS_object::schema_check(), rpki::x509::XML_CMS_object::unwrap(), and verify().
def rpki::x509::CMS_object::get_DER | ( | self | ) |
Get the DER value of this CMS_object.
Reimplemented from rpki::x509::DER_object.
Definition at line 867 of file x509.py.
Referenced by rpki::x509::XML_CMS_object::dump_to_disk(), verify(), and rpki::x509::XML_CMS_object::wrap().
def rpki::x509::CMS_object::get_POW | ( | self | ) |
Get the rpki.POW value of this CMS_object.
Definition at line 879 of file x509.py.
Referenced by extract(), get_signingTime(), rpki::x509::CRL::getIssuer(), and verify().
def rpki::x509::CMS_object::get_signingTime | ( | self | ) |
Extract signingTime from CMS signed attributes.
Definition at line 903 of file x509.py.
References rpki::x509::X509::get_POW(), rpki::x509::RSA::get_POW(), rpki::x509::RSApublic::get_POW(), and get_POW().
def rpki::x509::CMS_object::set_content | ( | self, | |
content | |||
) |
Set the (inner) content of this CMS_object, clearing the wrapper.
Definition at line 896 of file x509.py.
Referenced by rpki::x509::SignedManifest::build(), rpki::x509::ROA::build(), rpki::x509::Ghostbuster::build(), and rpki::x509::XML_CMS_object::wrap().
def rpki::x509::CMS_object::sign | ( | self, | |
keypair, | |||
certs, | |||
crls = None , |
|||
no_certs = False |
|||
) |
Sign and wrap inner content.
Definition at line 1022 of file x509.py.
References debug_cms_certs, econtent_oid, rpki::x509::DER_CMS_object::encode(), rpki::x509::XML_CMS_object::encode(), rpki::x509::Ghostbuster::encode(), rpki::x509::X509::POW, rpki::x509::RSA::POW, rpki::x509::RSApublic::POW, and POW.
Referenced by rpki::x509::SignedManifest::build(), rpki::x509::ROA::build(), rpki::x509::Ghostbuster::build(), and rpki::x509::XML_CMS_object::wrap().
def rpki::x509::CMS_object::verify | ( | self, | |
ta | |||
) |
Verify CMS wrapper and store inner content.
Definition at line 909 of file x509.py.
References debug_cms_certs, rpki::x509::DER_CMS_object::decode(), rpki::x509::XML_CMS_object::decode(), rpki::x509::Ghostbuster::decode(), dump_on_verify_failure, dump_using_dumpasn1, rpki::x509::DER_object::dumpasn1(), econtent_oid, get_content(), rpki::x509::DER_object::get_DER(), rpki::x509::X509::get_DER(), rpki::x509::PKCS10::get_DER(), rpki::x509::RSA::get_DER(), rpki::x509::RSApublic::get_DER(), get_DER(), rpki::x509::X509::get_POW(), rpki::x509::RSA::get_POW(), rpki::x509::RSApublic::get_POW(), get_POW(), rpki::x509::DER_object::is_CA(), print_on_der_error, and require_crls.
Referenced by rpki::x509::XML_CMS_object::unwrap().
Reimplemented in rpki::x509::Ghostbuster, rpki::x509::XML_CMS_object, and rpki::x509::DER_CMS_object.
Definition at line 898 of file x509.py.
Referenced by get_content().
rpki::x509::CMS_object::debug_cms_certs = False [static] |
DER value of this object.
Reimplemented from rpki::x509::DER_object.
rpki::x509::CMS_object::dump_on_verify_failure = True [static] |
rpki::x509::CMS_object::dump_using_dumpasn1 = False [static] |
tuple rpki::x509::CMS_object::econtent_oid = POWify_OID("id-data") [static] |
Reimplemented in rpki::x509::Ghostbuster, rpki::x509::XML_CMS_object, rpki::x509::ROA, and rpki::x509::SignedManifest.
tuple rpki::x509::CMS_object::formats = ("DER", "POW") [static] |
Formats supported in this object.
Reimplemented from rpki::x509::DER_object.
tuple rpki::x509::CMS_object::other_clear = ("content",) [static] |
Other attributes that self.clear() should whack.
Reimplemented from rpki::x509::DER_object.
tuple rpki::x509::CMS_object::pem_converter = PEM_converter("CMS") [static] |
PEM converter for this object.
Reimplemented from rpki::x509::DER_object.
Reimplemented in rpki::x509::Ghostbuster, rpki::x509::ROA, and rpki::x509::SignedManifest.
rpki::x509::CMS_object::print_on_der_error = True [static] |
rpki::x509::CMS_object::require_crls = False [static] |