rpki.x509.X509 Class Reference
Inherits rpki::x509::DER_object.
List of all members.
Detailed Description
X.509 certificates.
This class is designed to hold all the different representations of
X.509 certs we're using and convert between them. X.509 support in
Python a nasty maze of half-cooked stuff (except perhaps for
cryptlib, which is just different). Users of this module should not
have to care about this implementation nightmare.
Definition at line 360 of file x509.py.
Member Function Documentation
def rpki.x509.X509.cross_certify |
( |
|
self, |
|
|
|
keypair, |
|
|
|
source_cert, |
|
|
|
serial, |
|
|
|
notAfter, |
|
|
|
now = None , |
|
|
|
pathLenConstraint = 0 | |
|
) |
| | |
Issue a certificate with values taking from an existing certificate.
This is used to construct some kinds oF BPKI certificates.
Definition at line 492 of file x509.py.
def rpki.x509.X509.expired |
( |
|
self |
) |
|
Test whether this certificate has expired.
Definition at line 433 of file x509.py.
def rpki.x509.X509.get_DER |
( |
|
self |
) |
|
def rpki.x509.X509.get_POW |
( |
|
self |
) |
|
Get the POW value of this certificate.
Definition at line 389 of file x509.py.
def rpki.x509.X509.get_POWpkix |
( |
|
self |
) |
|
Get the POW.pkix value of this certificate.
Definition at line 398 of file x509.py.
def rpki.x509.X509.getIssuer |
( |
|
self |
) |
|
Get the issuer of this certificate.
Definition at line 409 of file x509.py.
def rpki.x509.X509.getNotAfter |
( |
|
self |
) |
|
Get the expiration time of this certificate.
Definition at line 421 of file x509.py.
def rpki.x509.X509.getNotBefore |
( |
|
self |
) |
|
Get the inception time of this certificate.
Definition at line 417 of file x509.py.
def rpki.x509.X509.getPublicKey |
( |
|
self |
) |
|
Extract the public key from this certificate.
Definition at line 429 of file x509.py.
def rpki.x509.X509.getSerial |
( |
|
self |
) |
|
Get the serial number of this certificate.
Definition at line 425 of file x509.py.
def rpki.x509.X509.getSubject |
( |
|
self |
) |
|
Get the subject of this certificate.
Definition at line 413 of file x509.py.
def rpki.x509.X509.issue |
( |
|
self, |
|
|
|
keypair, |
|
|
|
subject_key, |
|
|
|
serial, |
|
|
|
sia, |
|
|
|
aia, |
|
|
|
crldp, |
|
|
|
notAfter, |
|
|
|
cn = None , |
|
|
|
resources = None , |
|
|
|
is_ca = True | |
|
) |
| | |
def rpki.x509.X509.normalize_chain |
( |
|
cls, |
|
|
|
chain | |
|
) |
| | |
Normalize a chain of certificates into a tuple of X509 objects.
Given all the glue certificates needed for BPKI cross
certification, it's easiest to allow sloppy arguments to the HTTPS
and CMS validation methods and provide a single method that
normalizes the allowed cases. So this method allows X509, None,
lists, and tuples, and returns a tuple of X509 objects.
Definition at line 521 of file x509.py.
Member Data Documentation
The documentation for this class was generated from the following file: