Public Member Functions | |
def | ca_details |
def | check_for_updates |
def | construct_sia_uri |
def | create |
def | delete |
def | fetch_active |
def | fetch_deprecated |
def | fetch_pending |
def | fetch_revoked |
def | next_crl_number |
def | next_manifest_number |
def | next_serial_number |
def | parent |
def | rekey |
def | revoke |
Public Attributes | |
gctx | |
parent_id | |
parent_resource_class | |
sia_uri | |
Static Public Attributes | |
int | last_crl_sn = 0 |
int | last_issued_sn = 0 |
int | last_manifest_sn = 0 |
tuple | sql_template |
Internal CA object.
Definition at line 160 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.ca_details | ( | self | ) |
Fetch all ca_detail objects that link to this CA object.
Definition at line 180 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.check_for_updates | ( | self, | ||
parent, | ||||
rc | ||||
) |
Parent has signaled continued existance of a resource class we already knew about, so we need to check for an updated certificate, changes in resource coverage, revocation and reissue with the same key, etc.
Definition at line 213 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.construct_sia_uri | ( | self, | ||
parent, | ||||
rc | ||||
) |
Construct the sia_uri value for this CA given configured information and the parent's up-down protocol list_response PDU.
Definition at line 200 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.create | ( | cls, | ||
parent, | ||||
rc | ||||
) |
Parent has signaled existance of a new resource class, so we need to create and set up a corresponding CA object.
Definition at line 257 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.delete | ( | self, | ||
parent | ||||
) |
The list of current resource classes received from parent does not include the class corresponding to this CA, so we need to delete it (and its little dog too...). All certs published by this CA are now invalid, so need to withdraw them, the CRL, and the manifest from the repository, delete all child_cert and ca_detail records associated with this CA, then finally delete this CA itself.
Definition at line 278 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.fetch_active | ( | self | ) |
def rpki.rpki_engine.ca_obj.fetch_deprecated | ( | self | ) |
def rpki.rpki_engine.ca_obj.fetch_pending | ( | self | ) |
def rpki.rpki_engine.ca_obj.fetch_revoked | ( | self | ) |
def rpki.rpki_engine.ca_obj.next_crl_number | ( | self | ) |
def rpki.rpki_engine.ca_obj.next_manifest_number | ( | self | ) |
def rpki.rpki_engine.ca_obj.next_serial_number | ( | self | ) |
def rpki.rpki_engine.ca_obj.parent | ( | self | ) |
def rpki.rpki_engine.ca_obj.rekey | ( | self | ) |
Initiate a rekey operation for this ca. Generate a new keypair. Request cert from parent using new keypair. Mark result as our active ca_detail. Reissue all child certs issued by this ca using the new ca_detail.
Definition at line 312 of file rpki_engine.py.
def rpki.rpki_engine.ca_obj.revoke | ( | self | ) |
Revoke deprecated ca_detail objects associated with this ca.
Definition at line 334 of file rpki_engine.py.
int rpki.rpki_engine.ca_obj.last_crl_sn = 0 [static] |
Definition at line 172 of file rpki_engine.py.
int rpki.rpki_engine.ca_obj.last_issued_sn = 0 [static] |
Definition at line 173 of file rpki_engine.py.
int rpki.rpki_engine.ca_obj.last_manifest_sn = 0 [static] |
Definition at line 174 of file rpki_engine.py.
Definition at line 264 of file rpki_engine.py.
Definition at line 265 of file rpki_engine.py.
Definition at line 223 of file rpki_engine.py.
tuple rpki.rpki_engine.ca_obj.sql_template [static] |
Initial value:
rpki.sql.template( "ca", "ca_id", "last_crl_sn", ("next_crl_update", rpki.sundial.datetime), "last_issued_sn", "last_manifest_sn", ("next_manifest_update", rpki.sundial.datetime), "sia_uri", "parent_id", "parent_resource_class")
Definition at line 163 of file rpki_engine.py.