cert_chain_resolver package¶

Submodules¶

cert_chain_resolver.cli module¶

cert_chain_resolver.cli.cli(file_bytes=None, show_details=None)[source]¶

cert_chain_resolver.cli.parse_args()[source]¶

cert_chain_resolver.exceptions module¶

exception cert_chain_resolver.exceptions.ImproperlyFormattedCert[source]¶: Bases: Exception

cert_chain_resolver.models module¶

class cert_chain_resolver.models.Cert(x509_obj)[source]¶

Bases: object

The Cert object, which is a convenience wrapper for interacting with the underlying cryptography.x509.Certificate object

Parameters: x509_obj (cryptography.x509.Certificate) – An instance of cryptography.x509.Certificate
Raises: ValueError – given type is not an instance of cryptography.x509.Certificate

property ca_issuer_access_location¶

a URL that contains the CA issuer certificate

Type: str

property common_name¶

Extracted common name from the underlying cryptography.x509.Certificate object

Type: str

export(encoding=<Encoding.PEM: 'PEM'>)[source]¶

Export the cryptography.x509.Certificate object”

Parameters: encoding (cryptography.hazmat.primitives.serialization.Encoding, optional) – The output format. Defaults to Encoding.PEM.
Returns: ascii formatted
Return type: str

property fingerprint¶

ascii encoded sha256 fingerprint by calling get_fingerprint()

Type: str

get_fingerprint(_hash=<class 'cryptography.hazmat.primitives.hashes.SHA256'>)[source]¶

Get fingerprint of the certificate

Parameters: _hash (cryptography.hazmat.primitives.hashes, optional) – Hasher to use. Defaults to hashes.SHA256.
Returns: ascii formatted fingerprint
Return type: str

property is_ca¶

Checks whether the Certificate Authority bit has been set

Type: bool

property is_root¶

Checks whether the certificate is a root

Type: bool

property issuer¶

RFC4515 formatted string of the issuer field from the underlying cryptography.x509.Certificate object

Type: str

property not_valid_after¶

from the underlying cryptography.x509.Certificate object

Type: datetime.datetime

property not_valid_before¶

from the underlying cryptography.x509.Certificate object

Type: datetime.datetime

property serial¶

gets the serial from the underlying cryptography.x509.Certificate object

Type: str

property signature_hash_algorithm¶

gets the signature hashing algorithm name from the underlying cryptography.x509.Certificate object

Type: str

property subject¶

RFC4515 formatted string of the subject field from the underlying cryptography.x509.Certificate object

Type: str

property subject_alternative_names¶

Extracted x509 Extensions from the cryptography.x509.Certificate object

Type: list(str)

class cert_chain_resolver.models.CertificateChain(chain=None)[source]¶

Bases: object

Creates an iterable that contains a list of Cert objects.

Parameters: chain (CertificateChain, optional) – Create a new CertificateChain based on this chain. Defaults to None.

property intermediates¶: A new CertificateChain object with only intermediate certificates

property leaf¶

in the chain. Also known as the ‘leaf’

Type: First Cert

cert_chain_resolver.resolver module¶

cert_chain_resolver.resolver.resolve(bytes_cert, _chain=None)[source]¶

A recursive function that follows the CA issuer chain

Parameters

bytes_cert (bytes) – A DER/PKCS7/PEM certificate
_chain (CertificateChain, optional) – Chain to complete. Defaults to None.

Returns

All resolved certificates in chain

Return type

CertificateChain

cert_chain_resolver.utils module¶

cert_chain_resolver.utils.load_ascii_to_x509(bytes_input, ascii_input)[source]¶

cert_chain_resolver.utils.load_bytes_to_x509(bytes_input)[source]¶

cert_chain_resolver.utils.load_der_to_x509(bytes_input)[source]¶