rpki.rpki_engine.ca_detail_obj Class Reference

Inherits rpki::sql::sql_persistent.

List of all members.

Public Member Functions

def activate
def ca
def child_certs
def create
def crl_uri
def crl_uri_tail
def delete
def generate_crl
def generate_manifest
def generate_manifest_cert
def issue
def issue_ee
def manifest_uri
def revoke
def revoked_certs
def route_origins
def sql_decode
def update

Public Attributes

 ca_cert_uri
 ca_id
 gctx
 latest_ca_cert
 latest_crl
 latest_manifest
 latest_manifest_cert
 manifest_private_key_id
 manifest_public_key
 nextUpdate
 private_key_id
 public_key
 state

Static Public Attributes

tuple sql_template


Detailed Description

Internal CA detail object.

Definition at line 441 of file rpki_engine.py.


Member Function Documentation

def rpki.rpki_engine.ca_detail_obj.activate (   self,
  ca,
  cert,
  uri,
  callback,
  errback,
  predecessor = None 
)

Activate this ca_detail.

Definition at line 499 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.ca (   self  ) 

Fetch CA object to which this ca_detail links.

Definition at line 471 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.child_certs (   self,
  child = None,
  ski = None,
  unique = False 
)

Fetch all child_cert objects that link to this ca_detail.

Definition at line 475 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.create (   cls,
  ca 
)

Create a new ca_detail object for a specified CA.

Definition at line 653 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.crl_uri (   self,
  ca 
)

Return publication URI for this ca_detail's CRL.

Definition at line 487 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.crl_uri_tail (   self  ) 

Return tail (filename portion) of publication URI for this ca_detail's CRL.

Definition at line 491 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.delete (   self,
  ca,
  repository,
  cb,
  eb 
)

Delete this ca_detail and all of the certs it issued.

Definition at line 532 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.generate_crl (   self,
  callback,
  errback,
  nextUpdate = None 
)

Generate a new CRL for this ca_detail.  At the moment this is
unconditional, that is, it is up to the caller to decide whether a
new CRL is needed.

Definition at line 744 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.generate_manifest (   self,
  callback,
  errback,
  nextUpdate = None 
)

Generate a new manifest for this ca_detail.

Definition at line 778 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.generate_manifest_cert (   self,
  ca 
)

Generate a new manifest certificate for this ca_detail.

Definition at line 688 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.issue (   self,
  ca,
  child,
  subject_key,
  sia,
  resources,
  callback,
  errback,
  child_cert = None 
)

Issue a new certificate to a child.  Optional child_cert argument
specifies an existing child_cert object to update in place; if not
specified, we create a new one.  Returns the child_cert object
containing the newly issued cert.

Definition at line 700 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.issue_ee (   self,
  ca,
  resources,
  subject_key,
  sia = None 
)

Issue a new EE certificate.

Definition at line 671 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.manifest_uri (   self,
  ca 
)

Return publication URI for this ca_detail's manifest.

Definition at line 495 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.revoke (   self,
  cb,
  eb 
)

Request revocation of all certificates whose SKI matches the key
for this ca_detail.

Tasks:

- Request revocation of old keypair by parent.

- Revoke all child certs issued by the old keypair.

- Generate a final CRL, signed with the old keypair, listing all
  the revoked certs, with a next CRL time after the last cert or
  CRL signed by the old keypair will have expired.

- Generate a corresponding final manifest.

- Destroy old keypairs.

- Leave final CRL and manifest in place until their nextupdate
  time has passed.

Definition at line 560 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.revoked_certs (   self  ) 

Fetch all revoked_cert objects that link to this ca_detail.

Definition at line 479 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.route_origins (   self  ) 

Fetch all route_origin objects that link to this ca_detail.

Definition at line 483 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.sql_decode (   self,
  vals 
)

Extra assertions for SQL decode of a ca_detail_obj.

Reimplemented from rpki.sql.sql_persistent.

Definition at line 461 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.update (   self,
  parent,
  ca,
  rc,
  sia_uri_changed,
  old_resources,
  callback,
  errback 
)

Need to get a new certificate for this ca_detail and perhaps frob
children of this ca_detail.

Definition at line 624 of file rpki_engine.py.


Member Data Documentation

Definition at line 505 of file rpki_engine.py.

Definition at line 659 of file rpki_engine.py.

Reimplemented from rpki.sql.sql_persistent.

Definition at line 658 of file rpki_engine.py.

Definition at line 504 of file rpki_engine.py.

Definition at line 768 of file rpki_engine.py.

Definition at line 802 of file rpki_engine.py.

Definition at line 615 of file rpki_engine.py.

Definition at line 613 of file rpki_engine.py.

Definition at line 614 of file rpki_engine.py.

Definition at line 592 of file rpki_engine.py.

Definition at line 612 of file rpki_engine.py.

Definition at line 663 of file rpki_engine.py.

Initial value:

rpki.sql.template(
    "ca_detail",
    "ca_detail_id",
    ("private_key_id",          rpki.x509.RSA),
    ("public_key",              rpki.x509.RSApublic),
    ("latest_ca_cert",          rpki.x509.X509),
    ("manifest_private_key_id", rpki.x509.RSA),
    ("manifest_public_key",     rpki.x509.RSApublic),
    ("latest_manifest_cert",    rpki.x509.X509),
    ("latest_manifest",         rpki.x509.SignedManifest),
    ("latest_crl",              rpki.x509.CRL),
    "state",
    "ca_cert_uri",
    "ca_id")

Definition at line 446 of file rpki_engine.py.

Definition at line 512 of file rpki_engine.py.


The documentation for this class was generated from the following file:

Generated on Tue Jun 2 19:10:20 2009 for RPKI Engine by  doxygen 1.5.8