Back to module index

Go to module by name

cryptography.x509

cryptography

cryptography.x509.ocsp

This module has no docstring.

Classes

Enum


    Generic enumeration.

    Derive from this class to define new enumerations.
    

OCSPCertStatus

An enumeration.
GOOD = <OCSPCertStatus.GOOD: 0>
REVOKED = <OCSPCertStatus.REVOKED: 1>
UNKNOWN = <OCSPCertStatus.UNKNOWN: 2>
name = <types.DynamicClassAttribute object at 0x7f0567f3eb80>
  The name of the Enum member.
value = <types.DynamicClassAttribute object at 0x7f0567f3ebb0>
  The value of the Enum member.

OCSPRequest

public_bytes(self, encoding: cryptography.hazmat.primitives._serialization.Encoding) -> bytes


          Serializes the request to DER
        
extensions = <abc.abstractproperty object at 0x7f0566a41b80>

          The list of request extensions. Not single request extensions.
        
hash_algorithm = <abc.abstractproperty object at 0x7f0566a41ac0>

          The hash algorithm used in the issuer name and key hashes
        
issuer_key_hash = <abc.abstractproperty object at 0x7f0566a41a00>

          The hash of the issuer public key
        
issuer_name_hash = <abc.abstractproperty object at 0x7f0566a41a60>

          The hash of the issuer name
        
serial_number = <abc.abstractproperty object at 0x7f0566a41b20>

          The serial number of the cert whose status is being checked
        

OCSPRequestBuilder

add_certificate(self, cert: cryptography.x509.base.Certificate, issuer: cryptography.x509.base.Certificate, algorithm: cryptography.hazmat.primitives.hashes.HashAlgorithm) -> 'OCSPRequestBuilder'
add_extension(self, extval: cryptography.x509.extensions.ExtensionType, critical: bool) -> 'OCSPRequestBuilder'
build(self) -> cryptography.x509.ocsp.OCSPRequest

OCSPResponderEncoding

An enumeration.
HASH = <OCSPResponderEncoding.HASH: 'By Hash'>
NAME = <OCSPResponderEncoding.NAME: 'By Name'>
name = <types.DynamicClassAttribute object at 0x7f0567f3eb80>
  The name of the Enum member.
value = <types.DynamicClassAttribute object at 0x7f0567f3ebb0>
  The value of the Enum member.

OCSPResponse

public_bytes(self, encoding: cryptography.hazmat.primitives._serialization.Encoding) -> bytes


          Serializes the response to DER
        
certificate_status = <abc.abstractproperty object at 0x7f0566a41f40>

          The status of the certificate (an element from the OCSPCertStatus enum)
        
certificates = <abc.abstractproperty object at 0x7f0566a41dc0>

          A list of certificates used to help build a chain to verify the OCSP
          response. This situation occurs when the OCSP responder uses a delegate
          certificate.
        
extensions = <abc.abstractproperty object at 0x7f0566a5b2e0>

          The list of response extensions. Not single response extensions.
        
hash_algorithm = <abc.abstractproperty object at 0x7f0566a5b220>

          The hash algorithm used in the issuer name and key hashes
        
issuer_key_hash = <abc.abstractproperty object at 0x7f0566a5b160>

          The hash of the issuer public key
        
issuer_name_hash = <abc.abstractproperty object at 0x7f0566a5b1c0>

          The hash of the issuer name
        
next_update = <abc.abstractproperty object at 0x7f0566a5b100>

          The time when newer information will be available
        
produced_at = <abc.abstractproperty object at 0x7f0566a41ee0>

          The time the response was produced
        
responder_key_hash = <abc.abstractproperty object at 0x7f0566a41e20>

          The responder's key hash or None
        
responder_name = <abc.abstractproperty object at 0x7f0566a41e80>

          The responder's Name or None
        
response_status = <abc.abstractproperty object at 0x7f0566a41be0>

          The status of the response. This is a value from the OCSPResponseStatus
          enumeration
        
revocation_reason = <abc.abstractproperty object at 0x7f0566a5b040>

          The reason the certificate was revoked or None if not specified or
          not revoked.
        
revocation_time = <abc.abstractproperty object at 0x7f0566a41fa0>

          The date of when the certificate was revoked or None if not
          revoked.
        
serial_number = <abc.abstractproperty object at 0x7f0566a5b280>

          The serial number of the cert whose status is being checked
        
signature = <abc.abstractproperty object at 0x7f0566a41d00>

          The signature bytes
        
signature_algorithm_oid = <abc.abstractproperty object at 0x7f0566a41c40>

          The ObjectIdentifier of the signature algorithm
        
signature_hash_algorithm = <abc.abstractproperty object at 0x7f0566a41ca0>

          Returns a HashAlgorithm corresponding to the type of the digest signed
        
single_extensions = <abc.abstractproperty object at 0x7f0566a5b340>

          The list of single response extensions. Not response extensions.
        
tbs_response_bytes = <abc.abstractproperty object at 0x7f0566a41d60>

          The tbsResponseData bytes
        
this_update = <abc.abstractproperty object at 0x7f0566a5b0a0>

          The most recent time at which the status being indicated is known by
          the responder to have been correct
        

OCSPResponseBuilder

add_extension(self, extval: cryptography.x509.extensions.ExtensionType, critical: bool) -> 'OCSPResponseBuilder'
add_response(self, cert: cryptography.x509.base.Certificate, issuer: cryptography.x509.base.Certificate, algorithm: cryptography.hazmat.primitives.hashes.HashAlgorithm, cert_status: cryptography.x509.ocsp.OCSPCertStatus, this_update: datetime.datetime, next_update: Optional[datetime.datetime], revocation_time: Optional[datetime.datetime], revocation_reason: Optional[cryptography.x509.extensions.ReasonFlags]) -> 'OCSPResponseBuilder'
build_unsuccessful(response_status: cryptography.x509.ocsp.OCSPResponseStatus) -> cryptography.x509.ocsp.OCSPResponse
certificates(self, certs: Iterable[cryptography.x509.base.Certificate]) -> 'OCSPResponseBuilder'
responder_id(self, encoding: cryptography.x509.ocsp.OCSPResponderEncoding, responder_cert: cryptography.x509.base.Certificate) -> 'OCSPResponseBuilder'
sign(self, private_key: Union[cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey, cryptography.hazmat.primitives.asymmetric.ed448.Ed448PrivateKey, cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey, cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey, cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey], algorithm: Optional[cryptography.hazmat.primitives.hashes.HashAlgorithm]) -> cryptography.x509.ocsp.OCSPResponse

OCSPResponseStatus

An enumeration.
INTERNAL_ERROR = <OCSPResponseStatus.INTERNAL_ERROR: 2>
MALFORMED_REQUEST = <OCSPResponseStatus.MALFORMED_REQUEST: 1>
SIG_REQUIRED = <OCSPResponseStatus.SIG_REQUIRED: 5>
SUCCESSFUL = <OCSPResponseStatus.SUCCESSFUL: 0>
TRY_LATER = <OCSPResponseStatus.TRY_LATER: 3>
UNAUTHORIZED = <OCSPResponseStatus.UNAUTHORIZED: 6>
name = <types.DynamicClassAttribute object at 0x7f0567f3eb80>
  The name of the Enum member.
value = <types.DynamicClassAttribute object at 0x7f0567f3ebb0>
  The value of the Enum member.

Functions

load_der_ocsp_request

load_der_ocsp_request(data: bytes) -> cryptography.x509.ocsp.OCSPRequest

load_der_ocsp_response

load_der_ocsp_response(data: bytes) -> cryptography.x509.ocsp.OCSPResponse

Modules

abc

datetime

hashes

serialization

typing

x509