rpki.rpki_engine.ca_detail_obj Class Reference

Inheritance diagram for rpki.rpki_engine.ca_detail_obj:

Inheritance graph

List of all members.

Public Member Functions

def activate
def ca
def child_certs
def create
def crl_uri
def delete
def generate_crl
def generate_manifest
def generate_manifest_cert
def issue
def issue_ee
def manifest_uri
def revoke
def revoked_certs
def route_origins
def sql_decode
def update

Public Attributes

 ca_cert_uri
 ca_id
 gctx
 latest_ca_cert
 latest_crl
 latest_manifest
 latest_manifest_cert
 manifest_private_key_id
 manifest_public_key
 private_key_id
 public_key
 state

Static Public Attributes

tuple sql_template


Detailed Description

Internal CA detail object.

Definition at line 332 of file rpki_engine.py.


Member Function Documentation

def rpki.rpki_engine.ca_detail_obj.activate (   self,
  ca,
  cert,
  uri,
  predecessor = None 
)

Activate this ca_detail.

Definition at line 382 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.ca (   self  ) 

Fetch CA object to which this ca_detail links.

Definition at line 358 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.child_certs (   self,
  child = None,
  ski = None,
  unique = False 
)

Fetch all child_cert objects that link to this ca_detail.

Definition at line 362 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.create (   cls,
  ca 
)

Create a new ca_detail object for a specified CA.

Definition at line 487 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.crl_uri (   self,
  ca 
)

Return publication URI for this ca_detail's CRL.

Definition at line 374 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.delete (   self,
  ca,
  repository 
)

Delete this ca_detail and all of the certs it issued.

Definition at line 401 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.generate_crl (   self,
  nextUpdate = None 
)

Generate a new CRL for this ca_detail.  At the moment this is
unconditional, that is, it is up to the caller to decide whether a
new CRL is needed.

Definition at line 571 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.generate_manifest (   self,
  nextUpdate = None 
)

Generate a new manifest for this ca_detail.

Definition at line 604 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.generate_manifest_cert (   self,
  ca 
)

Generate a new manifest certificate for this ca_detail.

Definition at line 520 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.issue (   self,
  ca,
  child,
  subject_key,
  sia,
  resources,
  child_cert = None 
)

Issue a new certificate to a child.  Optional child_cert
argument specifies an existing child_cert object to update in
place; if not specified, we create a new one.  Returns the
child_cert object containing the newly issued cert.

Definition at line 530 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.issue_ee (   self,
  ca,
  resources,
  subject_key,
  sia = None 
)

Issue a new EE certificate.

Definition at line 505 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.manifest_uri (   self,
  ca 
)

Return publication URI for this ca_detail's manifest.

Definition at line 378 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.revoke (   self  ) 

Request revocation of all certificates whose SKI matches the key for this ca_detail.

Tasks:

- Request revocation of old keypair by parent.

- Revoke all child certs issued by the old keypair.

- Generate a final CRL, signed with the old keypair, listing all
  the revoked certs, with a next CRL time after the last cert or
  CRL signed by the old keypair will have expired.

- Destroy old keypair (and manifest keypair).

- Leave final CRL in place until its next CRL time has passed.

Definition at line 415 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.revoked_certs (   self  ) 

Fetch all revoked_cert objects that link to this ca_detail.

Definition at line 366 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.route_origins (   self  ) 

Fetch all route_origin objects that link to this ca_detail.

Definition at line 370 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.sql_decode (   self,
  vals 
)

Extra assertions for SQL decode of a ca_detail_obj.

Reimplemented from rpki.sql.sql_persistant.

Definition at line 350 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.update (   self,
  parent,
  ca,
  rc,
  sia_uri_changed,
  old_resources 
)

Need to get a new certificate for this ca_detail and perhaps
frob children of this ca_detail.

Definition at line 467 of file rpki_engine.py.


Member Data Documentation

Definition at line 386 of file rpki_engine.py.

Definition at line 491 of file rpki_engine.py.

Reimplemented from rpki.sql.sql_persistant.

Definition at line 490 of file rpki_engine.py.

Definition at line 385 of file rpki_engine.py.

Definition at line 594 of file rpki_engine.py.

Definition at line 619 of file rpki_engine.py.

Definition at line 463 of file rpki_engine.py.

Definition at line 461 of file rpki_engine.py.

Definition at line 462 of file rpki_engine.py.

Definition at line 460 of file rpki_engine.py.

Definition at line 496 of file rpki_engine.py.

Initial value:

rpki.sql.template(
    "ca_detail",
    "ca_detail_id",
    ("private_key_id",          rpki.x509.RSA),
    ("public_key",              rpki.x509.RSApublic),
    ("latest_ca_cert",          rpki.x509.X509),
    ("manifest_private_key_id", rpki.x509.RSA),
    ("manifest_public_key",     rpki.x509.RSApublic),
    ("latest_manifest_cert",    rpki.x509.X509),
    ("latest_manifest",         rpki.x509.SignedManifest),
    ("latest_crl",              rpki.x509.CRL),
    "state",
    "ca_cert_uri",
    "ca_id")

Definition at line 335 of file rpki_engine.py.

Definition at line 390 of file rpki_engine.py.


The documentation for this class was generated from the following file:

Generated on Mon Jun 16 22:22:52 2008 for RPKI Engine by  doxygen 1.5.5