rpki.myrpki.CA Class Reference

Inherits object.

Collaboration diagram for rpki.myrpki.CA:
Collaboration graph

List of all members.

Public Member Functions

def __init__
def bsc
def cms_xml_sign
def cms_xml_verify
def ee
def fxcert
def run_ca
def run_dgst
def run_openssl
def run_req
def setup
def touch_file
def xcert

Public Attributes

 cer
 cfg
 crl
 crlnum
 dir
 env
 index
 key
 openssl
 req
 serial

Static Public Attributes

dictionary path_restriction

Detailed Description

Representation of one certification authority.

Definition at line 547 of file myrpki.py.


Member Function Documentation

def rpki.myrpki.CA.__init__ (   self,
  cfg_file,
  dir 
)

Definition at line 558 of file myrpki.py.

def rpki.myrpki.CA.bsc (   self,
  pkcs10 
)
Issue BSC certificiate, if we have a PKCS #10 request for it.

Definition at line 711 of file myrpki.py.

def rpki.myrpki.CA.cms_xml_sign (   self,
  ee_name,
  base_name,
  elt 
)
Sign an XML object with CMS, return Base64 text.

Definition at line 673 of file myrpki.py.

def rpki.myrpki.CA.cms_xml_verify (   self,
  b64,
  ca 
)
Attempt to verify and extract XML from a Base64-encoded signed CMS
object.  CA is the filename of a certificate that we expect to be
the issuer of the EE certificate bundled with the CMS, and must
previously have been cross-certified under our trust anchor.

Definition at line 686 of file myrpki.py.

def rpki.myrpki.CA.ee (   self,
  ee_name,
  base_name 
)
Issue an end-enity certificate.

Definition at line 659 of file myrpki.py.

def rpki.myrpki.CA.fxcert (   self,
  b64,
  filename = None,
  path_restriction = 0 
)
Write PEM certificate to file, then cross-certify.

Definition at line 732 of file myrpki.py.

def rpki.myrpki.CA.run_ca (   self,
  args 
)
Run OpenSSL "ca" command with common initial arguments.

Definition at line 593 of file myrpki.py.

def rpki.myrpki.CA.run_dgst (   self,
  input,
  algorithm = "md5" 
)
Run OpenSSL "dgst" command, return cleaned-up result.

Definition at line 610 of file myrpki.py.

def rpki.myrpki.CA.run_openssl (   self,
  cmd,
  kwargs 
)
Run an OpenSSL command, suppresses stderr unless OpenSSL returns
failure, and returns stdout.

Definition at line 577 of file myrpki.py.

def rpki.myrpki.CA.run_req (   self,
  key_file,
  req_file,
  log_key = sys.stdout 
)
Run OpenSSL "genrsa" and  "req" commands.

Definition at line 599 of file myrpki.py.

def rpki.myrpki.CA.setup (   self,
  ca_name 
)
Set up this CA.  ca_name is an X.509 distinguished name in
/tag=val/tag=val format.

Definition at line 633 of file myrpki.py.

def rpki.myrpki.CA.touch_file (   filename,
  content = None 
)
Create dumb little text files expected by OpenSSL "ca" utility.

Definition at line 623 of file myrpki.py.

def rpki.myrpki.CA.xcert (   self,
  cert,
  path_restriction = 0 
)
Cross-certify a certificate represented as a PEM file.

Definition at line 745 of file myrpki.py.


Member Data Documentation

Definition at line 561 of file myrpki.py.

Definition at line 559 of file myrpki.py.

Definition at line 564 of file myrpki.py.

Definition at line 567 of file myrpki.py.

Definition at line 560 of file myrpki.py.

Definition at line 572 of file myrpki.py.

Definition at line 565 of file myrpki.py.

Definition at line 562 of file myrpki.py.

Definition at line 570 of file myrpki.py.

dictionary rpki.myrpki.CA.path_restriction [static]
Initial value:
{ 0 : "ca_x509_ext_xcert0",
                       1 : "ca_x509_ext_xcert1" }

Definition at line 555 of file myrpki.py.

Definition at line 563 of file myrpki.py.

Definition at line 566 of file myrpki.py.


The documentation for this class was generated from the following file:
 All Classes Namespaces Files Functions Variables
Generated on Wed May 12 19:43:50 2010 for RPKI Engine by  doxygen 1.6.3