Extensions

AccessDescription ¶

Bases: CryptoParser

Represents an Access Description in X.509 certificates.

Attributes:	`access_method` (`AccessDescriptionId`) – The access method identifier. `access_location` (`GeneralName`) – The access location.

from_cryptography `classmethod` ¶

from_cryptography(extension: x509.AccessDescription) -> AccessDescription

Constructs an AccessDescription object from a cryptography AccessDescription object.

Parameters:	`extension` (`x509.AccessDescription`) – The cryptography AccessDescription object.

Returns:	`AccessDescription` – The constructed AccessDescription object.

AccessDescriptionId ¶

Bases: Enum

Enumeration of access description identifiers for X.509 certificates.

AlternativeName ¶

Bases: Extension

Represents an alternative name extension.

Attributes:	`general_names` (`List[GeneralName]`) – List of general names.

from_cryptography `classmethod` ¶

from_cryptography(extension: Union[x509.SubjectAlternativeName, x509.IssuerAlternativeName]) -> AlternativeName

Create an AlternativeName instance from a cryptography SubjectAlternativeName or IssuerAlternativeName object.

Parameters:	`extension` (`Union[x509.SubjectAlternativeName, x509.IssuerAlternativeName]`) – The cryptography SubjectAlternativeName or IssuerAlternativeName object.

Returns:	`AlternativeName` – The AlternativeName instance.

AttributeTypeAndValue ¶

Bases: CryptoParser

Represents an Attribute Type and Value in X.509 certificates.

Attributes:	`oid` (`str`) – The Object Identifier (OID) of the attribute. `value` (`str`) – The value of the attribute.

from_cryptography `classmethod` ¶

from_cryptography(x509_obj: x509.NameAttribute) -> AttributeTypeAndValue

Constructs an AttributeTypeAndValue object from a cryptography NameAttribute object.

Parameters:	`x509_obj` (`x509.NameAttribute`) – The cryptography NameAttribute object.

Returns:	`AttributeTypeAndValue` – The constructed AttributeTypeAndValue object.

AuthorityInformationAccess ¶

Bases: Extension

Represents the Authority Information Access extension in X.509 certificates.

Attributes:	`access_description` (`List[AccessDescription]`) – List of access descriptions.

from_cryptography `classmethod` ¶

from_cryptography(extension: x509.AuthorityInformationAccess) -> AuthorityInformationAccess

Constructs an AuthorityInformationAccess object from a cryptography AuthorityInformationAccess object.

Parameters:	`extension` (`x509.AuthorityInformationAccess`) – The cryptography AuthorityInformationAccess object.

Returns:	`AuthorityInformationAccess` – The constructed AuthorityInformationAccess object.

AuthorityKeyIdentifier ¶

Bases: Extension

Represents an authority key identifier extension.

Attributes:	`key_identifier` (`Optional[bytes]`) – The key identifier. `authority_cert_issuer` (`Optional[List[GeneralName]]`) – The issuer of the authority certificate. `authority_cert_serial_number` (`Optional[int]`) – The serial number of the authority certificate.

from_cryptography `classmethod` ¶

from_cryptography(extension: x509.AuthorityKeyIdentifier) -> AuthorityKeyIdentifier

Create an AuthorityKeyIdentifier instance from a cryptography AuthorityKeyIdentifier object.

Parameters:	`extension` (`x509.AuthorityKeyIdentifier`) – The cryptography AuthorityKeyIdentifier object.

Returns:	`AuthorityKeyIdentifier` – The AuthorityKeyIdentifier instance.

BasicConstraints ¶

Bases: Extension

Represents a basic constraints extension.

Attributes:	`ca` (`bool`) – Indicates if the certificate is a CA. `path_len_constrain` (`bool`) – The path length constraint.

from_cryptography `classmethod` ¶

from_cryptography(extension: x509.BasicConstraints) -> BasicConstraints

Create a BasicConstraints instance from a cryptography BasicConstraints object.

Parameters:	`extension` (`x509.BasicConstraints`) – The cryptography BasicConstraints object.

Returns:	`BasicConstraints` – The BasicConstraints instance.

CertificatePolicies ¶

Bases: Extension

Represents a certificate policies extension.

Attributes:	`policy_information` (`List[PolicyInformation]`) – List of policy information.

from_cryptography `classmethod` ¶

from_cryptography(extension: x509.CertificatePolicies) -> CertificatePolicies

Create a CertificatePolicies instance from a cryptography CertificatePolicies object.

Parameters:	`extension` (`x509.CertificatePolicies`) – The cryptography CertificatePolicies object.

Returns:	`CertificatePolicies` – The CertificatePolicies instance.

CrlDistributionPoints ¶

Bases: Extension

Represents the CRL Distribution Points extension in X.509 certificates.

Attributes:	`crl_distribution_points` (`List[DistributionPoint]`) – List of CRL distribution points.

from_cryptography `classmethod` ¶

from_cryptography(extension: x509.CRLDistributionPoints) -> CrlDistributionPoints

Constructs a CrlDistributionPoints object from a cryptography CRLDistributionPoints object.

Parameters:	`extension` (`x509.CRLDistributionPoints`) – The cryptography CRLDistributionPoints object.

Returns:	`CrlDistributionPoints` – The constructed CrlDistributionPoints object.

DirectoryName ¶

Bases: GeneralName

Represents a directory name.

Attributes:	`value` – The directory name value.

from_cryptography `classmethod` ¶

from_cryptography(crypto_obj: x509.GeneralName) -> DirectoryName

Create a DirectoryName instance from a cryptography DirectoryName object.

Parameters:	`crypto_obj` (`x509.GeneralName`) – The cryptography DirectoryName object.

Returns:	`DirectoryName` – The DirectoryName instance.

DistributionPoint ¶

Bases: CryptoParser

Represents a Distribution Point in X.509 certificates.

Attributes:

full_name (Optional[List[GeneralName]]) –

List of full names associated with the distribution point.
name_relative_to_crl_issuer (Optional[RelativeDistinguishedName]) –

Relative name to the CRL issuer.
reasons (Optional[List[Reason]]) –

List of reasons for the distribution point.
crl_issuer (Optional[List[GeneralName]]) –

List of CRL issuers associated with the distribution point.

from_cryptography `classmethod` ¶

from_cryptography(extension: x509.DistributionPoint) -> DistributionPoint

Constructs a DistributionPoint object from a cryptography DistributionPoint object.

Parameters:	`extension` (`x509.DistributionPoint`) – The cryptography DistributionPoint object.

Returns:	`DistributionPoint`( `DistributionPoint` ) – The constructed DistributionPoint object.

DnsName ¶

Bases: GeneralName

Represents a DNS name.

Attributes:	`value` – The DNS name value.

ExtendedKeyUsage ¶

Bases: Extension

Represents the Extended Key Usage extension in X.509 certificates.

Attributes:	`ext_key_usage_syntax` (`List[str]`) – List of extended key usage OIDs.

from_cryptography `classmethod` ¶

from_cryptography(extension: x509.ExtendedKeyUsage) -> ExtendedKeyUsage

Constructs an ExtendedKeyUsage object from a cryptography ExtendedKeyUsage object.

Parameters:	`extension` (`x509.ExtendedKeyUsage`) – The cryptography ExtendedKeyUsage object.

Returns:	`ExtendedKeyUsage` – The constructed ExtendedKeyUsage object.

Extension ¶

Bases: CryptoParser

Represents a cryptographic extension.

Attributes:	`critical` (`Optional[bool]`) – Indicates whether the extension is critical.

name `property` ¶

name: str

Get the name of the extension.

Returns:	`str`( `str` ) – The name of the extension.

Extensions ¶

Bases: CryptoParser

Extensions in X.509 certificates.

Attributes:

authority_key_identifier (Optional[AuthorityKeyIdentifier]) –

Authority Key Identifier extension.
subject_key_identifier (Optional[SubjectKeyIdentifier]) –

Subject Key Identifier extension.
key_usage (Optional[KeyUsage]) –

Key Usage extension.
certificate_policies (Optional[CertificatePolicies]) –

Certificate Policies extension.
subject_alternative_name (Optional[SubjectAlternativeName]) –

Subject Alternative Name extension.
issuer_alternative_name (Optional[IssuerAlternativeName]) –

Issuer Alternative Name extension.
subject_directory_attributes (Optional[SubjectDirectoryAttributes]) –

Subject Directory Attributes extension.
basic_constraints (Optional[BasicConstraints]) –

Basic Constraints extension.
name_constraints (Optional[NameConstraints]) –

Name Constraints extension.
policy_constraints (Optional[PolicyConstraints]) –

Policy Constraints extension.
extended_key_usage (Optional[ExtendedKeyUsage]) –

Extended Key Usage extension.
crl_distribution_points (Optional[CrlDistributionPoints]) –

CRL Distribution Points extension.
inhibit_any_policy (Optional[InhibitAnyPolicy]) –

Inhibit Any Policy extension.
freshest_crl (Optional[FreshestCrl]) –

Freshest CRL extension.
authority_information_access (Optional[AuthorityInformationAccess]) –

Authority Information Access extension.
subject_information_access (Optional[SubjectInformationAccess]) –

Subject Information Access extension.

from_cryptography `classmethod` ¶

from_cryptography(cert_extensions: x509.Extensions) -> Extensions

Constructs an Extensions object from cryptography X.509 Extensions.

Parameters:	`cert_extensions` (`x509.Extensions`) – The cryptography X.509 Extensions.

Returns:	`Extensions` – The constructed Extensions object.

FreshestCrl ¶

Bases: CrlDistributionPoints

Represents the Freshest CRL extension in X.509 certificates.

GeneralName ¶

Bases: CryptoParser

Represents a general name.

Attributes:	`name` (`str`) – The name of the general name. `value` (`Union[str, Name]`) – The value of the general name.

from_cryptography `classmethod` ¶

from_cryptography(crypto_obj: x509.GeneralName) -> GeneralName

Create a GeneralName instance from a cryptography GeneralName object.

Parameters:	`crypto_obj` (`x509.GeneralName`) – The cryptography GeneralName object.

Returns:	`GeneralName` – The GeneralName instance.

InhibitAnyPolicy ¶

Bases: Extension

Represents the Inhibit Any Policy extension in X.509 certificates.

Attributes:	`skip_certs` (`int`) – Number of certificates to skip.

from_cryptography `classmethod` ¶

from_cryptography(extension: x509.InhibitAnyPolicy) -> InhibitAnyPolicy

Constructs an InhibitAnyPolicy object from a cryptography InhibitAnyPolicy object.

Parameters:	`extension` (`x509.InhibitAnyPolicy`) – The cryptography InhibitAnyPolicy object.

Returns:	`InhibitAnyPolicy` – The constructed InhibitAnyPolicy object.

IpAddress ¶

Bases: GeneralName

Represents an IP address. Can either be a IPv4/IPv6 single address or network.

Attributes:	`value` – The IP address or network

IssuerAlternativeName ¶

Bases: AlternativeName

Represents an issuer alternative name extension.

KeyUsage ¶

Bases: Extension

Represents a key usage extension.

Attributes:

digital_signature (bool) –

Indicates if digital signature is allowed.
content_commitment (bool) –

Indicates if content commitment is allowed.
key_encipherment (bool) –

Indicates if key encipherment is allowed.
data_encipherment (bool) –

Indicates if data encipherment is allowed.
key_agreement (bool) –

Indicates if key agreement is allowed.
key_cert_sign (bool) –

Indicates if key certificate signing is allowed.
crl_sign (bool) –

Indicates if CRL signing is allowed.
encipher_only (bool) –

Indicates if encipher only is allowed.
decipher_only (bool) –

Indicates if decipher only is allowed.

from_cryptography `classmethod` ¶

from_cryptography(extension: x509.KeyUsage) -> KeyUsage

Create a KeyUsage instance from a cryptography KeyUsage object.

Parameters:	`extension` (`x509.KeyUsage`) – The cryptography KeyUsage object.

Returns:	`KeyUsage` – The KeyUsage instance.

NameConstraints ¶

Bases: Extension

Represents a name constraints extension.

Attributes:	`permitted_subtrees` (`Optional[List[GeneralName]]`) – List of permitted subtrees. `excluded_subtrees` (`Optional[List[GeneralName]]`) – List of excluded subtrees.

NoticeReference ¶

Bases: Extension

Represents a notice reference extension.

Attributes:	`organization` (`str`) – The organization associated with the notice. `notice_numbers` (`List[int]`) – List of notice numbers.

OtherName ¶

Bases: GeneralName

Represents an other name.

Attributes:	`value` – The other name value. `oid` (`str`) – The object identifier (OID) of the other name.

from_cryptography `classmethod` ¶

from_cryptography(crypto_obj: x509.OtherName) -> OtherName

Create a OtherName instance from a cryptography OtherName object.

Parameters:	`crypto_obj` (`x509.OtherName`) – The cryptography OtherName object.

Returns:	`OtherName` – The OtherName instance.

PolicyConstraints ¶

Bases: Extension

Represents a policy constraints extension.

Attributes:	`require_explicit_policy` (`Optional[int]`) – The require explicit policy value. `inhibit_policy_mapping` (`Optional[int]`) – The inhibit policy mapping value.

PolicyInformation ¶

Bases: Extension

Represents a policy information extension.

Attributes:	`policy_identifier` (`str`) – The policy identifier associated with the policy information. `policy_qualifiers` (`Optional[List[Union[str, UserNotice]]]`) – List of policy qualifiers.

from_cryptography `classmethod` ¶

from_cryptography(policy_info: x509.PolicyInformation) -> PolicyInformation

Create a PolicyInformation instance from a cryptography PolicyInformation object.

Parameters:	`policy_info` (`x509.PolicyInformation`) – The cryptography PolicyInformation object.

Returns:	`PolicyInformation` – The PolicyInformation instance.

RFC822Name ¶

Bases: GeneralName

Represents an RFC822 name.

Attributes:	`value` – The RFC822 name value.

Reason ¶

Bases: Enum

Reasons for the DistributionPoint extension

RegisteredId ¶

Bases: GeneralName

Represents a registered ID.

Attributes:	`value` – The registered ID value.

from_cryptography `classmethod` ¶

from_cryptography(crypto_obj: x509.RegisteredID) -> RegisteredId

Create a RegisteredId instance from a cryptography RegisteredId object.

Parameters:	`crypto_obj` (`x509.RegisteredID`) – The cryptography RegisteredId object.

Returns:	`RegisteredId` – The RegisteredId instance.

RelativeDistinguishedName ¶

Bases: CryptoParser

Represents a Relative Distinguished Name in X.509 certificates.

Attributes:	`attributes` (`List[AttributeTypeAndValue]`) – List of attributes in the RDN.

from_cryptography `classmethod` ¶

from_cryptography(x509_obj: x509.RelativeDistinguishedName) -> RelativeDistinguishedName

Constructs a RelativeDistinguishedName object from a cryptography RelativeDistinguishedName object.

Parameters:	`x509_obj` (`x509.RelativeDistinguishedName`) – The cryptography RelativeDistinguishedName object.

Returns:	`RelativeDistinguishedName` – The constructed RelativeDistinguishedName object.

SubjectAlternativeName ¶

Bases: AlternativeName

Represents a subject alternative name extension.

SubjectDirectoryAttributes ¶

Bases: Extension

Represents a subject directory attributes extension.

Attributes:	`attributes` (`List[str]`) – List of attributes.

from_cryptography `classmethod` ¶

from_cryptography(extension: x509.UnrecognizedExtension) -> SubjectDirectoryAttributes

Create a SubjectDirectoryAttributes instance from a cryptography UnrecognizedExtension object.

Parameters:	`extension` (`x509.UnrecognizedExtension`) – The cryptography UnrecognizedExtension object.

Returns:	`SubjectDirectoryAttributes` – The SubjectDirectoryAttributes instance.

SubjectInformationAccess ¶

Bases: AuthorityInformationAccess

Represents the Subject Information Access extension in X.509 certificates.

SubjectKeyIdentifier ¶

Bases: Extension

Represents a subject key identifier extension.

Attributes:	`subject_key_identifier` (`bytes`) – The subject key identifier.

from_cryptography `classmethod` ¶

from_cryptography(extension: x509.SubjectKeyIdentifier) -> SubjectKeyIdentifier

Create a SubjectKeyIdentifier instance from a cryptography SubjectKeyIdentifier object.

Parameters:	`extension` (`x509.SubjectKeyIdentifier`) – The cryptography SubjectKeyIdentifier object.

Returns:	`SubjectKeyIdentifier` – The SubjectKeyIdentifier instance.

UniformResourceIdentifier ¶

Bases: GeneralName

Represents a uniform resource identifier (URI).

Attributes:	`value` – The URI value.

UserNotice ¶

Bases: Extension

Represents a user notice extension.

Attributes:	`notice_reference` (`Optional[NoticeReference]`) – The notice reference associated with the user notice. `explicit_text` (`Optional[str]`) – The explicit text of the user notice.

from_cryptography `classmethod` ¶

from_cryptography(policy_info: x509.UserNotice) -> UserNotice

Create a UserNotice instance from a cryptography UserNotice object.

Parameters:	`policy_info` (`x509.UserNotice`) – The cryptography UserNotice object.

Returns:	`UserNotice` – The UserNotice instance.

AccessDescription ¶

from_cryptography classmethod ¶

AccessDescriptionId ¶

AlternativeName ¶

from_cryptography classmethod ¶

AttributeTypeAndValue ¶

from_cryptography classmethod ¶

AuthorityInformationAccess ¶

from_cryptography classmethod ¶

AuthorityKeyIdentifier ¶

from_cryptography classmethod ¶

BasicConstraints ¶

from_cryptography classmethod ¶

CertificatePolicies ¶

from_cryptography classmethod ¶

CrlDistributionPoints ¶

from_cryptography classmethod ¶

DirectoryName ¶

from_cryptography classmethod ¶

DistributionPoint ¶

from_cryptography classmethod ¶

DnsName ¶

ExtendedKeyUsage ¶

from_cryptography classmethod ¶

Extension ¶

name property ¶

Extensions ¶

from_cryptography classmethod ¶

FreshestCrl ¶

GeneralName ¶

from_cryptography classmethod ¶

InhibitAnyPolicy ¶

from_cryptography classmethod ¶

IpAddress ¶

IssuerAlternativeName ¶

KeyUsage ¶

from_cryptography classmethod ¶

NameConstraints ¶

NoticeReference ¶

OtherName ¶

from_cryptography classmethod ¶

PolicyConstraints ¶

PolicyInformation ¶

from_cryptography classmethod ¶

RFC822Name ¶

Reason ¶

RegisteredId ¶

from_cryptography classmethod ¶

RelativeDistinguishedName ¶

from_cryptography classmethod ¶

SubjectAlternativeName ¶

SubjectDirectoryAttributes ¶

from_cryptography classmethod ¶

SubjectInformationAccess ¶

SubjectKeyIdentifier ¶

from_cryptography classmethod ¶

UniformResourceIdentifier ¶

UserNotice ¶

from_cryptography classmethod ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

name `property` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶

from_cryptography `classmethod` ¶