Public Member Functions | |
def | ca_details |
def | check_for_updates |
def | construct_sia_uri |
def | create |
def | delete |
def | fetch_active |
def | fetch_deprecated |
def | fetch_pending |
def | fetch_revoked |
def | next_crl_number |
def | next_manifest_number |
def | next_serial_number |
def | parent |
def | rekey |
def | revoke |
Public Attributes | |
gctx | |
parent_id | |
parent_resource_class | |
sia_uri | |
Static Public Attributes | |
int | last_crl_sn = 0 |
int | last_issued_sn = 0 |
int | last_manifest_sn = 0 |
tuple | sql_template |
Internal CA object.
Definition at line 215 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.ca_details | ( | self | ) |
Fetch all ca_detail objects that link to this CA object.
Definition at line 237 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.check_for_updates | ( | self, | ||
parent, | ||||
rc, | ||||
cb, | ||||
eb | ||||
) |
Parent has signaled continued existance of a resource class we already knew about, so we need to check for an updated certificate, changes in resource coverage, revocation and reissue with the same key, etc.
Definition at line 270 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.construct_sia_uri | ( | self, | ||
parent, | ||||
rc | ||||
) |
Construct the sia_uri value for this CA given configured information and the parent's up-down protocol list_response PDU.
Definition at line 257 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.create | ( | cls, | ||
parent, | ||||
rc, | ||||
cb, | ||||
eb | ||||
) |
Parent has signaled existance of a new resource class, so we need to create and set up a corresponding CA object.
Definition at line 328 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.delete | ( | self, | ||
parent, | ||||
callback | ||||
) |
The list of current resource classes received from parent does not include the class corresponding to this CA, so we need to delete it (and its little dog too...). All certs published by this CA are now invalid, so need to withdraw them, the CRL, and the manifest from the repository, delete all child_cert and ca_detail records associated with this CA, then finally delete this CA itself.
Definition at line 352 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.fetch_active | ( | self | ) |
def rpki.rpki_engine.ca_obj.fetch_deprecated | ( | self | ) |
def rpki.rpki_engine.ca_obj.fetch_pending | ( | self | ) |
def rpki.rpki_engine.ca_obj.fetch_revoked | ( | self | ) |
def rpki.rpki_engine.ca_obj.next_crl_number | ( | self | ) |
def rpki.rpki_engine.ca_obj.next_manifest_number | ( | self | ) |
def rpki.rpki_engine.ca_obj.next_serial_number | ( | self | ) |
def rpki.rpki_engine.ca_obj.parent | ( | self | ) |
def rpki.rpki_engine.ca_obj.rekey | ( | self, | ||
cb, | ||||
eb | ||||
) |
Initiate a rekey operation for this ca. Generate a new keypair. Request cert from parent using new keypair. Mark result as our active ca_detail. Reissue all child certs issued by this ca using the new ca_detail.
Definition at line 404 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.revoke | ( | self, | ||
cb, | ||||
eb | ||||
) |
Revoke deprecated ca_detail objects associated with this ca.
Definition at line 429 of file rpki_engine.py.
int rpki.rpki_engine.ca_obj.last_crl_sn = 0 [static] |
Definition at line 229 of file rpki_engine.py.
int rpki.rpki_engine.ca_obj.last_issued_sn = 0 [static] |
Definition at line 230 of file rpki_engine.py.
int rpki.rpki_engine.ca_obj.last_manifest_sn = 0 [static] |
Definition at line 231 of file rpki_engine.py.
Definition at line 336 of file rpki_engine.py.
Definition at line 337 of file rpki_engine.py.
Definition at line 281 of file rpki_engine.py.
tuple rpki.rpki_engine.ca_obj.sql_template [static] |
Initial value:
rpki.sql.template( "ca", "ca_id", "last_crl_sn", ("next_crl_update", rpki.sundial.datetime), "last_issued_sn", "last_manifest_sn", ("next_manifest_update", rpki.sundial.datetime), "sia_uri", "parent_id", "parent_resource_class")
Definition at line 220 of file rpki_engine.py.