aboutsummaryrefslogtreecommitdiff
path: root/scripts/manifests.py
blob: 1f6a571dd9d4ff8dc95060ae31d1c3b57a0a4dac (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

# $Id$

import rpki.x509, rpki.manifest, time, glob, os

show_content_1                  = True
show_signed_manifest_PEM        = True
show_signed_manifest_asn1dump   = True
show_content_2                  = True
show_content_3                  = True

def dumpasn1(thing):
  i,o = os.popen4(("dumpasn1", "-a", "-"))
  i.write(thing)
  i.close()
  print "\n".join(x for x in o.read().splitlines() if x.startswith(" "))
  o.close()


m = rpki.x509.SignedManifest()
m.build(serial = 17,
        nextUpdate = time.time() + 24 * 60 * 60,
        names_and_objs = [(fn, rpki.x509.X509(Auto_file = fn))
                          for fn in glob.glob("resource-cert-samples/*.cer")])

if show_content_1:
  dumpasn1(m.get_content().toString())

m.sign(keypair = rpki.x509.RSA(Auto_file = "biz-certs/Alice-EE.key"),
       certs   = rpki.x509.X509_chain(Auto_files = ("biz-certs/Alice-EE.cer", "biz-certs/Alice-CA.cer")))

if show_signed_manifest_PEM:
  print m.get_PEM()

if show_signed_manifest_asn1dump:
  dumpasn1(m.get_DER())

n = rpki.x509.SignedManifest(DER = m.get_DER())

n.verify(ta = rpki.x509.X509(Auto_file = "biz-certs/Alice-Root.cer"))

if show_content_2:
  dumpasn1(n.get_content().toString())

assert m.get_content().toString() == n.get_content().toString()
assert m.get_content().get()      == n.get_content().get()

print
print n.get_content().get()
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-14 11:26:30 +0000