cnert
Class cnert.CA
A CA object.
Examples:
>>> ca = cnert.CA()
>>> ca.is_root_ca
True
>>> ca.is_intermediate_ca
False
>>> ca.parent is None
True
Parameters: |
|
---|
is_intermediate_ca: bool
property
Returns: |
|
---|
is_root_ca: bool
property
Examples:
>>> ca = CA()
>>> ca.is_root_ca
True
>>> intermediate = ca.issue_intermediate()
>>> intermediate.is_root_ca
False
Returns: |
|
---|
issue_cert(*sans, subject_attrs=None, not_valid_before=None, not_valid_after=None, serial_number=None, csr=None)
Issues a certificate
Examples:
>>> ca = CA()
>>> ca.issue_cert()
<cnert.Cert at 0x107f87f50>
Parameters: |
|
---|
Returns: |
|
---|
Class cnert.NameAttrs
An object for storing (and freezing) Name Attributes for Subject Name Attributes and Issuer Name Attributes.
Accepts any valid x509.NameAttribute as key arguments with arbitrary string values.
Has methods for returning initialized attributes in a dict and for
returning a cryptography.x509.Name
There is alse a method for showing the allowed attributes.
Examples:
>>> subject_attrs = cnert.NameAttrs(COMMON_NAME="example.com")
>>> subject_attrs.COMMON_NAME
'example.com'
>>> subject_attrs.dict_
{'COMMON_NAME': 'example.com'}
>>> subject_attrs.x509_name
<Name(CN=example.com)>
allowed_keys()
Returns a list of allowed key arguments.
Examples:
>>> cnert.NameAttrs().allowed_keys()
['BUSINESS_CATEGORY',
'COMMON_NAME',
'COUNTRY_NAME',
'DN_QUALIFIER',
'DOMAIN_COMPONENT',
'EMAIL_ADDRESS',
'GENERATION_QUALIFIER',
'GIVEN_NAME',
'INN',
'JURISDICTION_COUNTRY_NAME',
'JURISDICTION_LOCALITY_NAME',
'JURISDICTION_STATE_OR_PROVINCE_NAME',
'LOCALITY_NAME',
'OGRN',
'ORGANIZATIONAL_UNIT_NAME',
'ORGANIZATION_NAME',
'POSTAL_ADDRESS',
'POSTAL_CODE',
'PSEUDONYM',
'SERIAL_NUMBER',
'SNILS',
'STATE_OR_PROVINCE_NAME',
'STREET_ADDRESS',
'SURNAME',
'TITLE',
'UNSTRUCTURED_NAME',
'USER_ID',
'X500_UNIQUE_IDENTIFIER']
Returns: |
|
---|
x509_name()
Examples:
>>> subject_attrs = cnert.NameAttrs(COMMON_NAME="example.com")
>>> subject_attrs.x509_name()
<Name(CN=example.com)>
Returns: |
|
---|
Class cnert._CertBuilder
Builds and signs a X509 Certificate.
build(sans, subject_attrs_X509_name, issuer_attrs_X509_name, serial_number, not_valid_before, not_valid_after, is_ca, public_key, issuer_public_key=None, path_length=None)
Does the Certificate building.
Parameters: |
|
---|
Class cnert._Cert
A _Cert object.
This object is returned by cnert.CA().issue_cert()
Examples:
>>> ca = CA()
>>> cert = ca.issue_cert()
>>> cert.subject_attrs
NameAttrs(COMMON_NAME="example.com")
>>> cert.issuer_attrs
NameAttrs(ORGANIZATION_NAME="Root CA")
>>> cert.not_valid_before
datetime.datetime(2023, 3, 24, 23, 56, 55, 901545)
>>> cert.not_valid_after
datetime.datetime(2023, 6, 23, 23, 56, 55, 901545)
MD5: str
property
Examples:
>>> cert = cnert.CA().issue_cert()
>>> cert.MD5
'A03D37486DD47BE3E9C7EC1624073856'
Returns: |
|
---|
SHA1: str
property
Examples:
>>> cert = cnert.CA().issue_cert()
>>> cert.SHA1
'9E0A06CFB37B352FDA5B2226E6D631CF07D5D185'
Returns: |
|
---|
SHA256: str
property
Examples:
>>> cert = cnert.CA().issue_cert()
>>> cert.SHA256
'68307A6CBE2804038DF85FB53AEE96AB47EA81439AB2E059DDDEA9F901097D84'
Returns: |
|
---|
authority_key_identifier_digest: str | None
property
Examples:
>>> cert = cnert.CA().issue_cert()
>>> cert.authority_key_identifier_digest
'8F85C564F62E39D5A5CA346CA26AAE67029B671E'
Returns: |
|
---|
private_key_pem_PKCS1: bytes
property
Examples:
>>> cert = CA().issue_cert()
>>> cert.private_key_pem_PKCS1
b'-----begin rsa private key-----
...
Returns: |
|
---|
private_key_pem_PKCS8: bytes
property
Examples:
>>> cert = CA().issue_cert()
>>> cert.private_key_pem_PKCS8
b'-----BEGIN PRIVATE KEY-----
...
Returns: |
|
---|
public_key: rsa.RSAPublicKey
property
Examples:
>>> cert = cnert.CA().issue_cert()
>>> cert.private_key
<cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey object
at 0x1014e4e10>
Returns: |
|
---|
public_key_pem: bytes
property
Examples:
>>> cert = CA().issue_cert()
>>> cert.public_key_pem
b'-----BEGIN PUBLIC KEY-----
...
Returns: |
|
---|
subject_key_identifier_digest: str
property
Examples:
>>> cert = cnert.CA().issue_cert()
>>> cert.subject_key_identifier_digest
'8F85C564F62E39D5A5CA346CA26AAE67029B671E'
Returns: |
|
---|
__init__(*sans, subject_attrs, issuer_attrs, not_valid_before=None, not_valid_after=None, serial_number=None, parent=None, private_key=None, path_length=0, is_ca=False)
Initialize a _Cert object.
Parameters: |
|
---|
Class cnert.CSR
A CSR object.
Examples:
>>> csr = cnert.CSR()
Parameters: |
|
---|
Function build_private_key
Creates a private key.
Parameters: |
|
---|
Function idna_encode
Creates a valid internationalized domain name
Parameters: |
|
---|