Inherits rpki::x509::DER_object.
List of all members.
Detailed Description
X.509 certificates.
This class is designed to hold all the different representations of
X.509 certs we're using and convert between them. X.509 support in
Python a nasty maze of half-cooked stuff (except perhaps for
cryptlib, which is just different). Users of this module should not
have to care about this implementation nightmare.
Definition at line 394 of file x509.py.
Member Function Documentation
def rpki.x509.X509.cross_certify |
( |
|
self, |
|
|
|
keypair, |
|
|
|
source_cert, |
|
|
|
serial, |
|
|
|
notAfter, |
|
|
|
now = None , |
|
|
|
pathLenConstraint = 0 | |
|
) |
| | |
Issue a certificate with values taking from an existing certificate.
This is used to construct some kinds oF BPKI certificates.
Definition at line 526 of file x509.py.
def rpki.x509.X509.expired |
( |
|
self |
) |
|
Test whether this certificate has expired.
Definition at line 467 of file x509.py.
def rpki.x509.X509.get_DER |
( |
|
self |
) |
|
def rpki.x509.X509.get_POW |
( |
|
self |
) |
|
Get the POW value of this certificate.
Definition at line 423 of file x509.py.
def rpki.x509.X509.get_POWpkix |
( |
|
self |
) |
|
Get the POW.pkix value of this certificate.
Definition at line 432 of file x509.py.
def rpki.x509.X509.getIssuer |
( |
|
self |
) |
|
Get the issuer of this certificate.
Definition at line 443 of file x509.py.
def rpki.x509.X509.getNotAfter |
( |
|
self |
) |
|
Get the expiration time of this certificate.
Definition at line 455 of file x509.py.
def rpki.x509.X509.getNotBefore |
( |
|
self |
) |
|
Get the inception time of this certificate.
Definition at line 451 of file x509.py.
def rpki.x509.X509.getPublicKey |
( |
|
self |
) |
|
Extract the public key from this certificate.
Definition at line 463 of file x509.py.
def rpki.x509.X509.getSerial |
( |
|
self |
) |
|
Get the serial number of this certificate.
Definition at line 459 of file x509.py.
def rpki.x509.X509.getSubject |
( |
|
self |
) |
|
Get the subject of this certificate.
Definition at line 447 of file x509.py.
def rpki.x509.X509.issue |
( |
|
self, |
|
|
|
keypair, |
|
|
|
subject_key, |
|
|
|
serial, |
|
|
|
sia, |
|
|
|
aia, |
|
|
|
crldp, |
|
|
|
notAfter, |
|
|
|
cn = None , |
|
|
|
resources = None , |
|
|
|
is_ca = True | |
|
) |
| | |
def rpki.x509.X509.normalize_chain |
( |
|
cls, |
|
|
|
chain | |
|
) |
| | |
Normalize a chain of certificates into a tuple of X509 objects.
Given all the glue certificates needed for BPKI cross
certification, it's easiest to allow sloppy arguments to the CMS
validation methods and provide a single method that normalizes the
allowed cases. So this method allows X509, None, lists, and
tuples, and returns a tuple of X509 objects.
Definition at line 555 of file x509.py.
Member Data Documentation
The documentation for this class was generated from the following file: