Public Member Functions | |
def | ca_details |
def | check_for_updates |
def | construct_sia_uri |
def | create |
def | delete |
def | fetch_active |
def | fetch_deprecated |
def | fetch_pending |
def | fetch_revoked |
def | next_crl_number |
def | next_manifest_number |
def | next_serial_number |
def | parent |
def | rekey |
def | revoke |
Public Attributes | |
gctx | |
parent_id | |
parent_resource_class | |
sia_uri | |
Static Public Attributes | |
int | last_crl_sn = 0 |
int | last_issued_sn = 0 |
int | last_manifest_sn = 0 |
tuple | sql_template |
Internal CA object.
Definition at line 248 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.ca_details | ( | self | ) |
Fetch all ca_detail objects that link to this CA object.
Definition at line 270 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.check_for_updates | ( | self, | ||
parent, | ||||
rc, | ||||
cb, | ||||
eb | ||||
) |
Parent has signaled continued existance of a resource class we already knew about, so we need to check for an updated certificate, changes in resource coverage, revocation and reissue with the same key, etc.
Definition at line 303 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.construct_sia_uri | ( | self, | ||
parent, | ||||
rc | ||||
) |
Construct the sia_uri value for this CA given configured information and the parent's up-down protocol list_response PDU.
Definition at line 290 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.create | ( | cls, | ||
parent, | ||||
rc, | ||||
cb, | ||||
eb | ||||
) |
Parent has signaled existance of a new resource class, so we need to create and set up a corresponding CA object.
Definition at line 361 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.delete | ( | self, | ||
parent, | ||||
callback | ||||
) |
The list of current resource classes received from parent does not include the class corresponding to this CA, so we need to delete it (and its little dog too...). All certs published by this CA are now invalid, so need to withdraw them, the CRL, and the manifest from the repository, delete all child_cert and ca_detail records associated with this CA, then finally delete this CA itself.
Definition at line 385 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.fetch_active | ( | self | ) |
def rpki.rpki_engine.ca_obj.fetch_deprecated | ( | self | ) |
def rpki.rpki_engine.ca_obj.fetch_pending | ( | self | ) |
def rpki.rpki_engine.ca_obj.fetch_revoked | ( | self | ) |
def rpki.rpki_engine.ca_obj.next_crl_number | ( | self | ) |
def rpki.rpki_engine.ca_obj.next_manifest_number | ( | self | ) |
def rpki.rpki_engine.ca_obj.next_serial_number | ( | self | ) |
def rpki.rpki_engine.ca_obj.parent | ( | self | ) |
def rpki.rpki_engine.ca_obj.rekey | ( | self, | ||
cb, | ||||
eb | ||||
) |
Initiate a rekey operation for this ca. Generate a new keypair. Request cert from parent using new keypair. Mark result as our active ca_detail. Reissue all child certs issued by this ca using the new ca_detail.
Definition at line 437 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.revoke | ( | self, | ||
cb, | ||||
eb | ||||
) |
Revoke deprecated ca_detail objects associated with this ca.
Definition at line 462 of file rpki_engine.py.
int rpki.rpki_engine.ca_obj.last_crl_sn = 0 [static] |
Definition at line 262 of file rpki_engine.py.
int rpki.rpki_engine.ca_obj.last_issued_sn = 0 [static] |
Definition at line 263 of file rpki_engine.py.
int rpki.rpki_engine.ca_obj.last_manifest_sn = 0 [static] |
Definition at line 264 of file rpki_engine.py.
Definition at line 369 of file rpki_engine.py.
Definition at line 370 of file rpki_engine.py.
Definition at line 314 of file rpki_engine.py.
tuple rpki.rpki_engine.ca_obj.sql_template [static] |
Initial value:
rpki.sql.template( "ca", "ca_id", "last_crl_sn", ("next_crl_update", rpki.sundial.datetime), "last_issued_sn", "last_manifest_sn", ("next_manifest_update", rpki.sundial.datetime), "sia_uri", "parent_id", "parent_resource_class")
Definition at line 253 of file rpki_engine.py.