rpki.x509.CMS_object Class Reference

Inherits rpki::x509::DER_object.

Inherited by rpki.x509.DER_CMS_object, and rpki.x509.XML_CMS_object.

List of all members.

Public Member Functions

def extract
def get_content
def get_DER
def get_POW
def set_content
def sign
def verify

Public Attributes

 content
 DER
 DER value of this object.
 POW

Static Public Attributes

 debug_cms_certs = False
 Set this to True to log a lot of chatter about CMS certificates.
 dump_on_verify_failure = True
 Set this to True to get dumpasn1 dumps of ASN.1 on CMS verify failures.
tuple econtent_oid = POWify_OID("id-data")
tuple formats = ("DER", "POW")
 Formats supported in this object.
tuple other_clear = ("content",)
 Other attributes that self.clear() should whack.
tuple pem_converter = PEM_converter("CMS")
 PEM converter for this object.
 print_on_der_error = True
 Set this to True to log alleged DER when we have trouble parsing it, in case it's really a Perl backtrace or something.
 require_crls = False
 Set this to False to make CMS CRLs optional in the cases where we would otherwise require them.

Detailed Description

Class to hold a CMS-wrapped object.

CMS-wrapped objects are a little different from the other DER_object
types because the signed object is CMS wrapping inner content that's
also ASN.1, and due to our current minimal support for CMS we can't
just handle this as a pretty composite object.  So, for now anyway,
a CMS_object is the outer CMS wrapped object so that the usual DER
and PEM operations do the obvious things, and the inner content is
handle via separate methods.

Definition at line 702 of file x509.py.


Member Function Documentation

def rpki.x509.CMS_object.extract (   self  ) 
Extract and store inner content from CMS wrapper without verifying
the CMS.

DANGER WILL ROBINSON!!!

Do not use this method on unvalidated data.  Use the verify()
method instead.

If you don't understand this warning, don't use this method.

Definition at line 853 of file x509.py.

def rpki.x509.CMS_object.get_content (   self  ) 
Get the inner content of this CMS_object.

Definition at line 764 of file x509.py.

def rpki.x509.CMS_object.get_DER (   self  ) 
Get the DER value of this CMS_object.

Reimplemented from rpki.x509.DER_object.

Definition at line 743 of file x509.py.

def rpki.x509.CMS_object.get_POW (   self  ) 
Get the POW value of this CMS_object.

Definition at line 755 of file x509.py.

def rpki.x509.CMS_object.set_content (   self,
  content 
)
Set the (inner) content of this CMS_object, clearing the wrapper.

Definition at line 772 of file x509.py.

def rpki.x509.CMS_object.sign (   self,
  keypair,
  certs,
  crls = None,
  no_certs = False 
)
Sign and wrap inner content.

Definition at line 881 of file x509.py.

def rpki.x509.CMS_object.verify (   self,
  ta 
)
Verify CMS wrapper and store inner content.

Definition at line 779 of file x509.py.


Member Data Documentation

Reimplemented in rpki.x509.DER_CMS_object, and rpki.x509.XML_CMS_object.

Definition at line 777 of file x509.py.

Set this to True to log a lot of chatter about CMS certificates.

Definition at line 728 of file x509.py.

DER value of this object.

Reimplemented from rpki.x509.DER_object.

Definition at line 751 of file x509.py.

Set this to True to get dumpasn1 dumps of ASN.1 on CMS verify failures.

Definition at line 723 of file x509.py.

tuple rpki.x509.CMS_object.econtent_oid = POWify_OID("id-data") [static]

Reimplemented in rpki.x509.SignedManifest, rpki.x509.ROA, and rpki.x509.XML_CMS_object.

Definition at line 717 of file x509.py.

tuple rpki.x509.CMS_object.formats = ("DER", "POW") [static]

Formats supported in this object.

Reimplemented from rpki.x509.DER_object.

Definition at line 715 of file x509.py.

tuple rpki.x509.CMS_object.other_clear = ("content",) [static]

Other attributes that self.clear() should whack.

Reimplemented from rpki.x509.DER_object.

Definition at line 716 of file x509.py.

PEM converter for this object.

Reimplemented from rpki.x509.DER_object.

Reimplemented in rpki.x509.SignedManifest, and rpki.x509.ROA.

Definition at line 718 of file x509.py.

Definition at line 761 of file x509.py.

Set this to True to log alleged DER when we have trouble parsing it, in case it's really a Perl backtrace or something.

Definition at line 741 of file x509.py.

Set this to False to make CMS CRLs optional in the cases where we would otherwise require them.

Some day this option should go away and CRLs should be uncondtionally mandatory in such cases.

Definition at line 735 of file x509.py.


The documentation for this class was generated from the following file:

Generated on Tue Jan 12 07:56:03 2010 for RPKI Engine by  doxygen 1.6.1