# $Id$ # Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") # # Permission to use, copy, modify, and distribute this software for any # purpose with or without fee is hereby granted, provided that the above # copyright notice and this permission notice appear in all copies. # # THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH # REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY # AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, # INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM # LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. """ Usage: python http-client [ { -c | --config } configfile ] [ { -h | --help } ] [ { -m | --msg } message ] Default configuration file is http-demo.conf, override with --config option. """ import rpki.config, rpki.https, getopt, sys msg = "This is a test. This is only a test. Had this been real you would now be really confused.\n" cfg_file = "http-demo.conf" opts,argv = getopt.getopt(sys.argv[1:], "c:hm:?", ["config=", "help", "msg="]) for o,a in opts: if o in ("-h", "--help", "-?"): print __doc__ sys.exit(0) elif o in ("-m", "--msg"): msg = a elif o in ("-c", "--config"): cfg_file = a if argv: print __doc__ raise RuntimeError, "Unexpected arguments %s" % argv cfg = rpki.config.parser(cfg_file, "client") print rpki.https.client(privateKey = rpki.x509.RSA(Auto_file = cfg.get("https-key")), certChain = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-cert")), x509TrustList = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-ta")), url = cfg.get("https-url"), msg = msg) tion>
path: root/potpourri/generate-ripe-root-cert.py
blob: 1b891dce170aec65c429df45e05a6655b57a6d14 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

# $Id$
#
# Copyright (C) 2010-2012  Internet Systems Consortium ("ISC")
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.

"""
Parse IANA XML data and write out just what we need to generate a root
cert for Pseudo-RIPE.
"""

import sys
import lxml.etree
from rpki.csv_utils import csv_writer

def iterate_xml(filename, tag):
    return lxml.etree.parse(filename).getroot().getiterator(tag)

def ns(tag):
    return "{http://www.iana.org/assignments}" + tag

tag_description = ns("description")
tag_designation = ns("designation")
tag_record      = ns("record")
tag_number      = ns("number")
tag_prefix      = ns("prefix")

asns     = csv_writer("asns.csv")
prefixes = csv_writer("prefixes.csv")

for record in iterate_xml("as-numbers.xml", tag_record):
    if record.findtext(tag_description) == "Assigned by RIPE NCC":
        asns.writerow(("RIPE", record.findtext(tag_number)))

for record in iterate_xml("ipv4-address-space.xml", tag_record):
    if record.findtext(tag_designation) in ("RIPE NCC", "Administered by RIPE NCC"):
        prefix = record.findtext(tag_prefix)
        p, l = prefix.split("/")
        assert l == "8", "Violated /8 assumption: %r" % prefix
        prefixes.writerow(("RIPE", "%d.0.0.0/8" % int(p)))

for record in iterate_xml("ipv6-unicast-address-assignments.xml", tag_record):
    if record.findtext(tag_description) == "RIPE NCC":
        prefixes.writerow(("RIPE", record.findtext(tag_prefix)))

asns.close()
prefixes.close()