💾 Archived View for tris.fyi › pydoc › cryptography.x509.extensions captured on 2023-01-29 at 04:18:39. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2022-07-16)
-=-=-=-=-=-=-
This module has no docstring.
access_location = <property object at 0x7f75e2cb4950>
access_method = <property object at 0x7f75e2cb4900>
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=1.3.6.1.5.5.7.1.1, name=authorityInfoAccess)>
from_issuer_public_key(public_key: Union[cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey, cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey, cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey, cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey, cryptography.hazmat.primitives.asymmetric.ed448.Ed448PublicKey]) -> 'AuthorityKeyIdentifier'
from_issuer_subject_key_identifier(ski: 'SubjectKeyIdentifier') -> 'AuthorityKeyIdentifier'
public_bytes(self) -> bytes
authority_cert_issuer = <property object at 0x7f75e2cb44a0>
authority_cert_serial_number = <property object at 0x7f75e2cb44f0>
key_identifier = <property object at 0x7f75e2cb4360>
oid = <ObjectIdentifier(oid=2.5.29.35, name=authorityKeyIdentifier)>
public_bytes(self) -> bytes
ca = <property object at 0x7f75e2cb49f0>
oid = <ObjectIdentifier(oid=2.5.29.19, name=basicConstraints)>
path_length = <property object at 0x7f75e2cb4a40>
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=2.5.29.31, name=cRLDistributionPoints)>
CERTIFICATE_ISSUER = <ObjectIdentifier(oid=2.5.29.29, name=certificateIssuer)>
CRL_REASON = <ObjectIdentifier(oid=2.5.29.21, name=cRLReason)>
INVALIDITY_DATE = <ObjectIdentifier(oid=2.5.29.24, name=invalidityDate)>
public_bytes(self) -> bytes
crl_number = <property object at 0x7f75e2cb4180>
oid = <ObjectIdentifier(oid=2.5.29.20, name=cRLNumber)>
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=2.5.29.21, name=cRLReason)>
reason = <property object at 0x7f75e2cb7240>
get_values_for_type(self, type: Union[Type[cryptography.x509.general_name.DNSName], Type[cryptography.x509.general_name.DirectoryName], Type[cryptography.x509.general_name.IPAddress], Type[cryptography.x509.general_name.OtherName], Type[cryptography.x509.general_name.RFC822Name], Type[cryptography.x509.general_name.RegisteredID], Type[cryptography.x509.general_name.UniformResourceIdentifier]]) -> Union[List[Union[ipaddress.IPv4Address, ipaddress.IPv6Address, ipaddress.IPv4Network, ipaddress.IPv6Network]], List[str], List[cryptography.x509.general_name.OtherName], List[cryptography.x509.name.Name], List[ObjectIdentifier]]
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=2.5.29.29, name=certificateIssuer)>
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=2.5.29.32, name=certificatePolicies)>
value = <property object at 0x7f75e2c97830>
public_bytes(self) -> bytes
crl_number = <property object at 0x7f75e2cb4bd0>
oid = <ObjectIdentifier(oid=2.5.29.27, name=deltaCRLIndicator)>
value = <property object at 0x7f75e2c979c0>
crl_issuer = <property object at 0x7f75e2cb5120>
full_name = <property object at 0x7f75e2cb5030>
reasons = <property object at 0x7f75e2cb50d0>
relative_name = <property object at 0x7f75e2cb5080>
with_traceback(...)
Exception.with_traceback(tb) --
set self.__traceback__ to tb and return self.
args = <attribute 'args' of 'BaseException' objects>
from_encoded_point(curve: cryptography.hazmat.primitives.asymmetric.ec.EllipticCurve, data: bytes) -> 'EllipticCurvePublicKey'
public_bytes(self, encoding: cryptography.hazmat.primitives._serialization.Encoding, format: cryptography.hazmat.primitives._serialization.PublicFormat) -> bytes
Returns the key serialized as bytes.
public_numbers(self) -> 'EllipticCurvePublicNumbers'
Returns an EllipticCurvePublicNumbers.
verify(self, signature: bytes, data: bytes, signature_algorithm: cryptography.hazmat.primitives.asymmetric.ec.EllipticCurveSignatureAlgorithm) -> None
Verifies the signature of the data.
curve = <abc.abstractproperty object at 0x7f75e313a920>
The EllipticCurve that this key is on.
key_size = <abc.abstractproperty object at 0x7f75e313a980>
Bit size of a secret scalar for the curve.
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=2.5.29.37, name=extendedKeyUsage)>
critical = <property object at 0x7f75e2cb6660>
oid = <property object at 0x7f75e2cb6610>
value = <property object at 0x7f75e2cb66b0>
with_traceback(...)
Exception.with_traceback(tb) --
set self.__traceback__ to tb and return self.
args = <attribute 'args' of 'BaseException' objects>
AUTHORITY_INFORMATION_ACCESS = <ObjectIdentifier(oid=1.3.6.1.5.5.7.1.1, name=authorityInfoAccess)>
AUTHORITY_KEY_IDENTIFIER = <ObjectIdentifier(oid=2.5.29.35, name=authorityKeyIdentifier)>
BASIC_CONSTRAINTS = <ObjectIdentifier(oid=2.5.29.19, name=basicConstraints)>
CERTIFICATE_POLICIES = <ObjectIdentifier(oid=2.5.29.32, name=certificatePolicies)>
CRL_DISTRIBUTION_POINTS = <ObjectIdentifier(oid=2.5.29.31, name=cRLDistributionPoints)>
CRL_NUMBER = <ObjectIdentifier(oid=2.5.29.20, name=cRLNumber)>
DELTA_CRL_INDICATOR = <ObjectIdentifier(oid=2.5.29.27, name=deltaCRLIndicator)>
EXTENDED_KEY_USAGE = <ObjectIdentifier(oid=2.5.29.37, name=extendedKeyUsage)>
FRESHEST_CRL = <ObjectIdentifier(oid=2.5.29.46, name=freshestCRL)>
INHIBIT_ANY_POLICY = <ObjectIdentifier(oid=2.5.29.54, name=inhibitAnyPolicy)>
ISSUER_ALTERNATIVE_NAME = <ObjectIdentifier(oid=2.5.29.18, name=issuerAltName)>
ISSUING_DISTRIBUTION_POINT = <ObjectIdentifier(oid=2.5.29.28, name=issuingDistributionPoint)>
KEY_USAGE = <ObjectIdentifier(oid=2.5.29.15, name=keyUsage)>
NAME_CONSTRAINTS = <ObjectIdentifier(oid=2.5.29.30, name=nameConstraints)>
OCSP_NO_CHECK = <ObjectIdentifier(oid=1.3.6.1.5.5.7.48.1.5, name=OCSPNoCheck)>
POLICY_CONSTRAINTS = <ObjectIdentifier(oid=2.5.29.36, name=policyConstraints)>
POLICY_MAPPINGS = <ObjectIdentifier(oid=2.5.29.33, name=policyMappings)>
PRECERT_POISON = <ObjectIdentifier(oid=1.3.6.1.4.1.11129.2.4.3, name=ctPoison)>
PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS = <ObjectIdentifier(oid=1.3.6.1.4.1.11129.2.4.2, name=signedCertificateTimestampList)>
SIGNED_CERTIFICATE_TIMESTAMPS = <ObjectIdentifier(oid=1.3.6.1.4.1.11129.2.4.5, name=signedCertificateTimestampList)>
SUBJECT_ALTERNATIVE_NAME = <ObjectIdentifier(oid=2.5.29.17, name=subjectAltName)>
SUBJECT_DIRECTORY_ATTRIBUTES = <ObjectIdentifier(oid=2.5.29.9, name=subjectDirectoryAttributes)>
SUBJECT_INFORMATION_ACCESS = <ObjectIdentifier(oid=1.3.6.1.5.5.7.1.11, name=subjectInfoAccess)>
SUBJECT_KEY_IDENTIFIER = <ObjectIdentifier(oid=2.5.29.14, name=subjectKeyIdentifier)>
TLS_FEATURE = <ObjectIdentifier(oid=1.3.6.1.5.5.7.1.24, name=TLSFeature)>
public_bytes(self) -> bytes
Serializes the extension type to DER.
get_extension_for_class(self, extclass: Type[+ExtensionTypeVar]) -> 'Extension[ExtensionTypeVar]'
get_extension_for_oid(self, oid: ObjectIdentifier) -> 'Extension[ExtensionType]'
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=2.5.29.46, name=freshestCRL)>
value = <abc.abstractproperty object at 0x7f75e2e99ea0>
Return the value of the object
get_values_for_type(self, type: Union[Type[cryptography.x509.general_name.DNSName], Type[cryptography.x509.general_name.DirectoryName], Type[cryptography.x509.general_name.IPAddress], Type[cryptography.x509.general_name.OtherName], Type[cryptography.x509.general_name.RFC822Name], Type[cryptography.x509.general_name.RegisteredID], Type[cryptography.x509.general_name.UniformResourceIdentifier]]) -> Union[List[Union[ipaddress.IPv4Address, ipaddress.IPv6Address, ipaddress.IPv4Network, ipaddress.IPv6Network]], List[str], List[cryptography.x509.general_name.OtherName], List[cryptography.x509.name.Name], List[ObjectIdentifier]]
value = <property object at 0x7f75e2c97bf0>
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=2.5.29.54, name=inhibitAnyPolicy)>
skip_certs = <property object at 0x7f75e2cb5f30>
public_bytes(self) -> bytes
invalidity_date = <property object at 0x7f75e2cb7330>
oid = <ObjectIdentifier(oid=2.5.29.24, name=invalidityDate)>
get_values_for_type(self, type: Union[Type[cryptography.x509.general_name.DNSName], Type[cryptography.x509.general_name.DirectoryName], Type[cryptography.x509.general_name.IPAddress], Type[cryptography.x509.general_name.OtherName], Type[cryptography.x509.general_name.RFC822Name], Type[cryptography.x509.general_name.RegisteredID], Type[cryptography.x509.general_name.UniformResourceIdentifier]]) -> Union[List[Union[ipaddress.IPv4Address, ipaddress.IPv6Address, ipaddress.IPv4Network, ipaddress.IPv6Network]], List[str], List[cryptography.x509.general_name.OtherName], List[cryptography.x509.name.Name], List[ObjectIdentifier]]
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=2.5.29.18, name=issuerAltName)>
public_bytes(self) -> bytes
full_name = <property object at 0x7f75e2cb78d0>
indirect_crl = <property object at 0x7f75e2cb7a60>
oid = <ObjectIdentifier(oid=2.5.29.28, name=issuingDistributionPoint)>
only_contains_attribute_certs = <property object at 0x7f75e2cb7ab0>
only_contains_ca_certs = <property object at 0x7f75e2cb79c0>
only_contains_user_certs = <property object at 0x7f75e2cb7970>
only_some_reasons = <property object at 0x7f75e2cb7a10>
relative_name = <property object at 0x7f75e2cb7920>
public_bytes(self) -> bytes
content_commitment = <property object at 0x7f75e2cb60c0>
crl_sign = <property object at 0x7f75e2cb62a0>
data_encipherment = <property object at 0x7f75e2cb61b0>
decipher_only = <property object at 0x7f75e2cb6340>
digital_signature = <property object at 0x7f75e2cb6110>
encipher_only = <property object at 0x7f75e2cb62f0>
key_agreement = <property object at 0x7f75e2cb6200>
key_cert_sign = <property object at 0x7f75e2cb6250>
key_encipherment = <property object at 0x7f75e2cb6160>
oid = <ObjectIdentifier(oid=2.5.29.15, name=keyUsage)>
from_rfc4514_string(data: str, attr_name_overrides: Optional[Mapping[str, ObjectIdentifier]] = None) -> 'Name'
get_attributes_for_oid(self, oid: ObjectIdentifier) -> List[cryptography.x509.name.NameAttribute]
public_bytes(self, backend: Any = None) -> bytes
rfc4514_string(self, attr_name_overrides: Optional[Mapping[ObjectIdentifier, str]] = None) -> str
Format as RFC4514 Distinguished Name string.
For example 'CN=foobar.com,O=Foo Corp,C=US'
An X.509 name is a two-level structure: a list of sets of attributes.
Each list element is separated by ',' and within each list element, set
elements are separated by '+'. The latter is almost never used in
real world certificates. According to RFC4514 section 2.1 the
RDNSequence must be reversed when converting to string representation.
rdns = <property object at 0x7f75e2c973d0>
public_bytes(self) -> bytes
excluded_subtrees = <property object at 0x7f75e2cb64d0>
oid = <ObjectIdentifier(oid=2.5.29.30, name=nameConstraints)>
permitted_subtrees = <property object at 0x7f75e2cb6480>
notice_numbers = <property object at 0x7f75e2cb5ad0>
organization = <property object at 0x7f75e2cb59e0>
NONCE = <ObjectIdentifier(oid=1.3.6.1.5.5.7.48.1.2, name=OCSPNonce)>
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=1.3.6.1.5.5.7.48.1.5, name=OCSPNoCheck)>
public_bytes(self) -> bytes
nonce = <property object at 0x7f75e2cb76f0>
oid = <ObjectIdentifier(oid=1.3.6.1.5.5.7.48.1.2, name=OCSPNonce)>
dotted_string = <attribute 'dotted_string' of 'builtins.ObjectIdentifier' objects>
type_id = <property object at 0x7f75e2c97d30>
value = <property object at 0x7f75e2c97d80>
public_bytes(self) -> bytes
inhibit_policy_mapping = <property object at 0x7f75e2cb5210>
oid = <ObjectIdentifier(oid=2.5.29.36, name=policyConstraints)>
require_explicit_policy = <property object at 0x7f75e2cb51c0>
policy_identifier = <property object at 0x7f75e2cb5620>
policy_qualifiers = <property object at 0x7f75e2cb5760>
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=1.3.6.1.4.1.11129.2.4.3, name=ctPoison)>
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=1.3.6.1.4.1.11129.2.4.2, name=signedCertificateTimestampList)>
value = <property object at 0x7f75e2c962a0>
encrypt(self, plaintext: bytes, padding: cryptography.hazmat.primitives._asymmetric.AsymmetricPadding) -> bytes
Encrypts the given plaintext.
public_bytes(self, encoding: cryptography.hazmat.primitives._serialization.Encoding, format: cryptography.hazmat.primitives._serialization.PublicFormat) -> bytes
Returns the key serialized as bytes.
public_numbers(self) -> 'RSAPublicNumbers'
Returns an RSAPublicNumbers
recover_data_from_signature(self, signature: bytes, padding: cryptography.hazmat.primitives._asymmetric.AsymmetricPadding, algorithm: Optional[cryptography.hazmat.primitives.hashes.HashAlgorithm]) -> bytes
Recovers the original data from the signature.
verify(self, signature: bytes, data: bytes, padding: cryptography.hazmat.primitives._asymmetric.AsymmetricPadding, algorithm: Union[cryptography.hazmat.primitives.asymmetric.utils.Prehashed, cryptography.hazmat.primitives.hashes.HashAlgorithm]) -> None
Verifies the signature of the data.
key_size = <abc.abstractproperty object at 0x7f75e313ba60>
The bit length of the public modulus.
An enumeration.
aa_compromise = <ReasonFlags.aa_compromise: 'aACompromise'>
affiliation_changed = <ReasonFlags.affiliation_changed: 'affiliationChanged'>
ca_compromise = <ReasonFlags.ca_compromise: 'cACompromise'>
certificate_hold = <ReasonFlags.certificate_hold: 'certificateHold'>
cessation_of_operation = <ReasonFlags.cessation_of_operation: 'cessationOfOperation'>
key_compromise = <ReasonFlags.key_compromise: 'keyCompromise'>
privilege_withdrawn = <ReasonFlags.privilege_withdrawn: 'privilegeWithdrawn'>
remove_from_crl = <ReasonFlags.remove_from_crl: 'removeFromCRL'>
superseded = <ReasonFlags.superseded: 'superseded'>
unspecified = <ReasonFlags.unspecified: 'unspecified'>
value = <property object at 0x7f75e2c97ab0>
get_attributes_for_oid(self, oid: ObjectIdentifier) -> List[cryptography.x509.name.NameAttribute]
rfc4514_string(self, attr_name_overrides: Optional[Mapping[ObjectIdentifier, str]] = None) -> str
Format as RFC4514 Distinguished Name string.
Within each RDN, attributes are joined by '+', although that is rarely
used in certificates.
entry_type = <abc.abstractproperty object at 0x7f75e30b99c0>
Returns whether this is an SCT for a certificate or pre-certificate.
extension_bytes = <abc.abstractproperty object at 0x7f75e30b9b40>
Returns the raw bytes of any extensions for this SCT.
log_id = <abc.abstractproperty object at 0x7f75e30b9660>
Returns an identifier indicating which log this SCT is for.
signature = <abc.abstractproperty object at 0x7f75e30b9ae0>
Returns the signature for this SCT.
signature_algorithm = <abc.abstractproperty object at 0x7f75e30b9a80>
Returns the signing algorithm used for the SCT's signature.
signature_hash_algorithm = <abc.abstractproperty object at 0x7f75e30b9a20>
Returns the hash algorithm used for the SCT's signature.
timestamp = <abc.abstractproperty object at 0x7f75e30b9600>
Returns the timestamp for this SCT.
version = <abc.abstractproperty object at 0x7f75e30b9540>
Returns the SCT version.
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=1.3.6.1.4.1.11129.2.4.5, name=signedCertificateTimestampList)>
get_values_for_type(self, type: Union[Type[cryptography.x509.general_name.DNSName], Type[cryptography.x509.general_name.DirectoryName], Type[cryptography.x509.general_name.IPAddress], Type[cryptography.x509.general_name.OtherName], Type[cryptography.x509.general_name.RFC822Name], Type[cryptography.x509.general_name.RegisteredID], Type[cryptography.x509.general_name.UniformResourceIdentifier]]) -> Union[List[Union[ipaddress.IPv4Address, ipaddress.IPv6Address, ipaddress.IPv4Network, ipaddress.IPv6Network]], List[str], List[cryptography.x509.general_name.OtherName], List[cryptography.x509.name.Name], List[ObjectIdentifier]]
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=2.5.29.17, name=subjectAltName)>
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=1.3.6.1.5.5.7.1.11, name=subjectInfoAccess)>
from_public_key(public_key: Union[cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey, cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey, cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey, cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey, cryptography.hazmat.primitives.asymmetric.ed448.Ed448PublicKey, cryptography.hazmat.primitives.asymmetric.x25519.X25519PublicKey, cryptography.hazmat.primitives.asymmetric.x448.X448PublicKey]) -> 'SubjectKeyIdentifier'
public_bytes(self) -> bytes
digest = <property object at 0x7f75e2cb4590>
key_identifier = <property object at 0x7f75e2cb45e0>
oid = <ObjectIdentifier(oid=2.5.29.14, name=subjectKeyIdentifier)>
public_bytes(self) -> bytes
oid = <ObjectIdentifier(oid=1.3.6.1.5.5.7.1.24, name=TLSFeature)>
An enumeration.
status_request = <TLSFeatureType.status_request: 5>
status_request_v2 = <TLSFeatureType.status_request_v2: 17>
value = <property object at 0x7f75e2c97970>
public_bytes(self) -> bytes
oid = <property object at 0x7f75e2cb7b50>
value = <property object at 0x7f75e2cb7ba0>
explicit_text = <property object at 0x7f75e2cb58a0>
notice_reference = <property object at 0x7f75e2cb5850>
CERTIFICATE_ISSUER_PUBLIC_KEY_TYPES = typing.Union[cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey, cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey, cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey, cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey, cryptography.hazmat.primitives.asymmetric.ed448.Ed448PublicKey]
CERTIFICATE_PUBLIC_KEY_TYPES = typing.Union[cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey, cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey, cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey, cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey, cryptography.hazmat.primitives.asymmetric.ed448.Ed448PublicKey, cryptography.hazmat.primitives.asymmetric.x25519.X25519PublicKey, cryptography.hazmat.primitives.asymmetric.x448.X448PublicKey]
ExtensionTypeVar = +ExtensionTypeVar