rpki.rpki_engine.ca_detail_obj Class Reference

Inherits rpki::sql::sql_persistent.

List of all members.

Public Member Functions

def activate
def ca
def child_certs
def create
def crl_published_callback
def crl_uri
def crl_uri_tail
def delete
def generate_crl
def generate_manifest
def generate_manifest_cert
def issue
def issue_ee
def manifest_published_callback
def manifest_uri
def revoke
def revoked_certs
def roas
def sql_decode
def update

Public Attributes

 ca_cert_uri
 ca_id
 gctx
 latest_crl
 latest_manifest
 latest_manifest_cert
 manifest_private_key_id
 manifest_public_key
 nextUpdate
 private_key_id
 public_key
 state

Static Public Attributes

 crl_published = None
 latest_ca_cert = None
 manifest_published = None
tuple sql_template

Detailed Description

Internal CA detail object.

Definition at line 563 of file rpki_engine.py.


Member Function Documentation

def rpki.rpki_engine.ca_detail_obj.activate (   self,
  ca,
  cert,
  uri,
  callback,
  errback,
  predecessor = None 
)
Activate this ca_detail.

Definition at line 625 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.ca (   self  ) 
Fetch CA object to which this ca_detail links.

Definition at line 597 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.child_certs (   self,
  child = None,
  ski = None,
  unique = False 
)
Fetch all child_cert objects that link to this ca_detail.

Definition at line 601 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.create (   cls,
  ca 
)
Create a new ca_detail object for a specified CA.

Definition at line 763 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.crl_published_callback (   self,
  pdu 
)
Check result of CRL publication.

Definition at line 886 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.crl_uri (   self,
  ca 
)
Return publication URI for this ca_detail's CRL.

Definition at line 613 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.crl_uri_tail (   self  ) 
Return tail (filename portion) of publication URI for this ca_detail's CRL.

Definition at line 617 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.delete (   self,
  ca,
  publisher,
  allow_failure = False 
)
Delete this ca_detail and all of the certs it issued.

If allow_failure is true, we clean up as much as we can but don't
raise an exception.

Definition at line 650 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.generate_crl (   self,
  publisher,
  nextUpdate = None 
)
Generate a new CRL for this ca_detail.  At the moment this is
unconditional, that is, it is up to the caller to decide whether a
new CRL is needed.

Definition at line 850 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.generate_manifest (   self,
  publisher,
  nextUpdate = None 
)
Generate a new manifest for this ca_detail.

Definition at line 894 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.generate_manifest_cert (   self,
  ca 
)
Generate a new manifest certificate for this ca_detail.

Definition at line 798 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.issue (   self,
  ca,
  child,
  subject_key,
  sia,
  resources,
  publisher,
  child_cert = None 
)
Issue a new certificate to a child.  Optional child_cert argument
specifies an existing child_cert object to update in place; if not
specified, we create a new one.  Returns the child_cert object
containing the newly issued cert.

Definition at line 810 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.issue_ee (   self,
  ca,
  resources,
  subject_key,
  sia = None 
)
Issue a new EE certificate.

Definition at line 781 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.manifest_published_callback (   self,
  pdu 
)
Check result of manifest publication.

Definition at line 928 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.manifest_uri (   self,
  ca 
)
Return publication URI for this ca_detail's manifest.

Definition at line 621 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.revoke (   self,
  cb,
  eb 
)
Request revocation of all certificates whose SKI matches the key
for this ca_detail.

Tasks:

- Request revocation of old keypair by parent.

- Revoke all child certs issued by the old keypair.

- Generate a final CRL, signed with the old keypair, listing all
  the revoked certs, with a next CRL time after the last cert or
  CRL signed by the old keypair will have expired.

- Generate a corresponding final manifest.

- Destroy old keypairs.

- Leave final CRL and manifest in place until their nextupdate
  time has passed.

Definition at line 674 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.revoked_certs (   self  ) 
Fetch all revoked_cert objects that link to this ca_detail.

Definition at line 605 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.roas (   self  ) 
Fetch all ROA objects that link to this ca_detail.

Definition at line 609 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.sql_decode (   self,
  vals 
)
Extra assertions for SQL decode of a ca_detail_obj.

Reimplemented from rpki.sql.sql_persistent.

Definition at line 589 of file rpki_engine.py.

def rpki.rpki_engine.ca_detail_obj.update (   self,
  parent,
  ca,
  rc,
  sia_uri_changed,
  old_resources,
  callback,
  errback 
)
Need to get a new certificate for this ca_detail and perhaps frob
children of this ca_detail.

Definition at line 738 of file rpki_engine.py.


Member Data Documentation

Definition at line 633 of file rpki_engine.py.

Definition at line 769 of file rpki_engine.py.

Definition at line 585 of file rpki_engine.py.

Reimplemented from rpki.sql.sql_persistent.

Definition at line 768 of file rpki_engine.py.

Definition at line 587 of file rpki_engine.py.

Definition at line 873 of file rpki_engine.py.

Definition at line 914 of file rpki_engine.py.

Definition at line 731 of file rpki_engine.py.

Definition at line 729 of file rpki_engine.py.

Definition at line 730 of file rpki_engine.py.

Definition at line 586 of file rpki_engine.py.

Definition at line 707 of file rpki_engine.py.

Definition at line 728 of file rpki_engine.py.

Definition at line 773 of file rpki_engine.py.

Initial value:
rpki.sql.template(
    "ca_detail",
    "ca_detail_id",
    ("private_key_id",          rpki.x509.RSA),
    ("public_key",              rpki.x509.RSApublic),
    ("latest_ca_cert",          rpki.x509.X509),
    ("manifest_private_key_id", rpki.x509.RSA),
    ("manifest_public_key",     rpki.x509.RSApublic),
    ("latest_manifest_cert",    rpki.x509.X509),
    ("latest_manifest",         rpki.x509.SignedManifest),
    ("latest_crl",              rpki.x509.CRL),
    ("crl_published",           rpki.sundial.datetime),
    ("manifest_published",      rpki.sundial.datetime),
    "state",
    "ca_cert_uri",
    "ca_id")

Definition at line 568 of file rpki_engine.py.

Definition at line 635 of file rpki_engine.py.


The documentation for this class was generated from the following file:

Generated on Tue Jan 12 07:56:02 2010 for RPKI Engine by  doxygen 1.6.1