💾 Archived View for tris.fyi › pydoc › cryptography.x509.ocsp captured on 2022-07-16 at 15:05:45. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2022-04-28)

➡️ Next capture (2023-01-29)

🚧 View Differences

-=-=-=-=-=-=-

Back to module index

Go to module by name

cryptography.x509

cryptography

cryptography.x509.ocsp

This module has no docstring.

Classes

OCSPCertStatus

An enumeration.

GOOD = <OCSPCertStatus.GOOD: 0>

REVOKED = <OCSPCertStatus.REVOKED: 1>

UNKNOWN = <OCSPCertStatus.UNKNOWN: 2>

OCSPRequest

public_bytes(self, encoding: cryptography.hazmat.primitives._serialization.Encoding) -> bytes


          Serializes the request to DER
        

extensions = <abc.abstractproperty object at 0x7f92be182940>

          The list of request extensions. Not single request extensions.
        

hash_algorithm = <abc.abstractproperty object at 0x7f92be182880>

          The hash algorithm used in the issuer name and key hashes
        

issuer_key_hash = <abc.abstractproperty object at 0x7f92be1827c0>

          The hash of the issuer public key
        

issuer_name_hash = <abc.abstractproperty object at 0x7f92be182820>

          The hash of the issuer name
        

serial_number = <abc.abstractproperty object at 0x7f92be1828e0>

          The serial number of the cert whose status is being checked
        

OCSPRequestBuilder

add_certificate(self, cert: cryptography.x509.base.Certificate, issuer: cryptography.x509.base.Certificate, algorithm: cryptography.hazmat.primitives.hashes.HashAlgorithm) -> 'OCSPRequestBuilder'

add_extension(self, extval: cryptography.x509.extensions.ExtensionType, critical: bool) -> 'OCSPRequestBuilder'

build(self) -> cryptography.x509.ocsp.OCSPRequest

OCSPResponderEncoding

An enumeration.

HASH = <OCSPResponderEncoding.HASH: 'By Hash'>

NAME = <OCSPResponderEncoding.NAME: 'By Name'>

OCSPResponse

public_bytes(self, encoding: cryptography.hazmat.primitives._serialization.Encoding) -> bytes


          Serializes the response to DER
        

certificate_status = <abc.abstractproperty object at 0x7f92be182d00>

          The status of the certificate (an element from the OCSPCertStatus enum)
        

certificates = <abc.abstractproperty object at 0x7f92be182b80>

          A list of certificates used to help build a chain to verify the OCSP
          response. This situation occurs when the OCSP responder uses a delegate
          certificate.
        

extensions = <abc.abstractproperty object at 0x7f92be18f0a0>

          The list of response extensions. Not single response extensions.
        

hash_algorithm = <abc.abstractproperty object at 0x7f92be182fa0>

          The hash algorithm used in the issuer name and key hashes
        

issuer_key_hash = <abc.abstractproperty object at 0x7f92be182ee0>

          The hash of the issuer public key
        

issuer_name_hash = <abc.abstractproperty object at 0x7f92be182f40>

          The hash of the issuer name
        

next_update = <abc.abstractproperty object at 0x7f92be182e80>

          The time when newer information will be available
        

produced_at = <abc.abstractproperty object at 0x7f92be182ca0>

          The time the response was produced
        

responder_key_hash = <abc.abstractproperty object at 0x7f92be182be0>

          The responder's key hash or None
        

responder_name = <abc.abstractproperty object at 0x7f92be182c40>

          The responder's Name or None
        

response_status = <abc.abstractproperty object at 0x7f92be1829a0>

          The status of the response. This is a value from the OCSPResponseStatus
          enumeration
        

revocation_reason = <abc.abstractproperty object at 0x7f92be182dc0>

          The reason the certificate was revoked or None if not specified or
          not revoked.
        

revocation_time = <abc.abstractproperty object at 0x7f92be182d60>

          The date of when the certificate was revoked or None if not
          revoked.
        

serial_number = <abc.abstractproperty object at 0x7f92be18f040>

          The serial number of the cert whose status is being checked
        

signature = <abc.abstractproperty object at 0x7f92be182ac0>

          The signature bytes
        

signature_algorithm_oid = <abc.abstractproperty object at 0x7f92be182a00>

          The ObjectIdentifier of the signature algorithm
        

signature_hash_algorithm = <abc.abstractproperty object at 0x7f92be182a60>

          Returns a HashAlgorithm corresponding to the type of the digest signed
        

single_extensions = <abc.abstractproperty object at 0x7f92be18f100>

          The list of single response extensions. Not response extensions.
        

tbs_response_bytes = <abc.abstractproperty object at 0x7f92be182b20>

          The tbsResponseData bytes
        

this_update = <abc.abstractproperty object at 0x7f92be182e20>

          The most recent time at which the status being indicated is known by
          the responder to have been correct
        

OCSPResponseBuilder

add_extension(self, extval: cryptography.x509.extensions.ExtensionType, critical: bool) -> 'OCSPResponseBuilder'

add_response(self, cert: cryptography.x509.base.Certificate, issuer: cryptography.x509.base.Certificate, algorithm: cryptography.hazmat.primitives.hashes.HashAlgorithm, cert_status: cryptography.x509.ocsp.OCSPCertStatus, this_update: datetime.datetime, next_update: Optional[datetime.datetime], revocation_time: Optional[datetime.datetime], revocation_reason: Optional[cryptography.x509.extensions.ReasonFlags]) -> 'OCSPResponseBuilder'

build_unsuccessful(response_status: cryptography.x509.ocsp.OCSPResponseStatus) -> cryptography.x509.ocsp.OCSPResponse

certificates(self, certs: Iterable[cryptography.x509.base.Certificate]) -> 'OCSPResponseBuilder'

responder_id(self, encoding: cryptography.x509.ocsp.OCSPResponderEncoding, responder_cert: cryptography.x509.base.Certificate) -> 'OCSPResponseBuilder'

sign(self, private_key: Union[cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey, cryptography.hazmat.primitives.asymmetric.ed448.Ed448PrivateKey, cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey, cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey, cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey], algorithm: Optional[cryptography.hazmat.primitives.hashes.HashAlgorithm]) -> cryptography.x509.ocsp.OCSPResponse

OCSPResponseStatus

An enumeration.

INTERNAL_ERROR = <OCSPResponseStatus.INTERNAL_ERROR: 2>

MALFORMED_REQUEST = <OCSPResponseStatus.MALFORMED_REQUEST: 1>

SIG_REQUIRED = <OCSPResponseStatus.SIG_REQUIRED: 5>

SUCCESSFUL = <OCSPResponseStatus.SUCCESSFUL: 0>

TRY_LATER = <OCSPResponseStatus.TRY_LATER: 3>

UNAUTHORIZED = <OCSPResponseStatus.UNAUTHORIZED: 6>

Functions

load_der_ocsp_request

load_der_ocsp_request(data: bytes) -> cryptography.x509.ocsp.OCSPRequest

load_der_ocsp_response

load_der_ocsp_response(data: bytes) -> cryptography.x509.ocsp.OCSPResponse

Other members

PRIVATE_KEY_TYPES = typing.Union[cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey, cryptography.hazmat.primitives.asymmetric.ed448.Ed448PrivateKey, cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey, cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey, cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey]

Modules

abc

datetime

hashes

ocsp

serialization

typing

utils

x509