Back to module index

Go to module by name

cryptography.x509

cryptography

cryptography.x509.ocsp

This module has no docstring.

Classes

Enum

    Generic enumeration.

    Derive from this class to define new enumerations.
    

OCSPCertStatus

An enumeration.

GOOD = <OCSPCertStatus.GOOD: 0>

REVOKED = <OCSPCertStatus.REVOKED: 1>

UNKNOWN = <OCSPCertStatus.UNKNOWN: 2>

name = <types.DynamicClassAttribute object at 0x7f0227ac4b80>
  The name of the Enum member.

value = <types.DynamicClassAttribute object at 0x7f0227ac4bb0>
  The value of the Enum member.

OCSPRequest

public_bytes(self, encoding: cryptography.hazmat.primitives._serialization.Encoding) -> bytes


          Serializes the request to DER
        

extensions = <abc.abstractproperty object at 0x7f0226593b80>

          The list of request extensions. Not single request extensions.
        

hash_algorithm = <abc.abstractproperty object at 0x7f0226593ac0>

          The hash algorithm used in the issuer name and key hashes
        

issuer_key_hash = <abc.abstractproperty object at 0x7f0226593a00>

          The hash of the issuer public key
        

issuer_name_hash = <abc.abstractproperty object at 0x7f0226593a60>

          The hash of the issuer name
        

serial_number = <abc.abstractproperty object at 0x7f0226593b20>

          The serial number of the cert whose status is being checked
        

OCSPRequestBuilder

add_certificate(self, cert: cryptography.x509.base.Certificate, issuer: cryptography.x509.base.Certificate, algorithm: cryptography.hazmat.primitives.hashes.HashAlgorithm) -> 'OCSPRequestBuilder'

add_extension(self, extval: cryptography.x509.extensions.ExtensionType, critical: bool) -> 'OCSPRequestBuilder'

build(self) -> cryptography.x509.ocsp.OCSPRequest

OCSPResponderEncoding

An enumeration.

HASH = <OCSPResponderEncoding.HASH: 'By Hash'>

NAME = <OCSPResponderEncoding.NAME: 'By Name'>

name = <types.DynamicClassAttribute object at 0x7f0227ac4b80>
  The name of the Enum member.

value = <types.DynamicClassAttribute object at 0x7f0227ac4bb0>
  The value of the Enum member.

OCSPResponse

public_bytes(self, encoding: cryptography.hazmat.primitives._serialization.Encoding) -> bytes


          Serializes the response to DER
        

certificate_status = <abc.abstractproperty object at 0x7f0226593f40>

          The status of the certificate (an element from the OCSPCertStatus enum)
        

certificates = <abc.abstractproperty object at 0x7f0226593dc0>

          A list of certificates used to help build a chain to verify the OCSP
          response. This situation occurs when the OCSP responder uses a delegate
          certificate.
        

extensions = <abc.abstractproperty object at 0x7f02265ab2e0>

          The list of response extensions. Not single response extensions.
        

hash_algorithm = <abc.abstractproperty object at 0x7f02265ab220>

          The hash algorithm used in the issuer name and key hashes
        

issuer_key_hash = <abc.abstractproperty object at 0x7f02265ab160>

          The hash of the issuer public key
        

issuer_name_hash = <abc.abstractproperty object at 0x7f02265ab1c0>

          The hash of the issuer name
        

next_update = <abc.abstractproperty object at 0x7f02265ab100>

          The time when newer information will be available
        

produced_at = <abc.abstractproperty object at 0x7f0226593ee0>

          The time the response was produced
        

responder_key_hash = <abc.abstractproperty object at 0x7f0226593e20>

          The responder's key hash or None
        

responder_name = <abc.abstractproperty object at 0x7f0226593e80>

          The responder's Name or None
        

response_status = <abc.abstractproperty object at 0x7f0226593be0>

          The status of the response. This is a value from the OCSPResponseStatus
          enumeration
        

revocation_reason = <abc.abstractproperty object at 0x7f02265ab040>

          The reason the certificate was revoked or None if not specified or
          not revoked.
        

revocation_time = <abc.abstractproperty object at 0x7f0226593fa0>

          The date of when the certificate was revoked or None if not
          revoked.
        

serial_number = <abc.abstractproperty object at 0x7f02265ab280>

          The serial number of the cert whose status is being checked
        

signature = <abc.abstractproperty object at 0x7f0226593d00>

          The signature bytes
        

signature_algorithm_oid = <abc.abstractproperty object at 0x7f0226593c40>

          The ObjectIdentifier of the signature algorithm
        

signature_hash_algorithm = <abc.abstractproperty object at 0x7f0226593ca0>

          Returns a HashAlgorithm corresponding to the type of the digest signed
        

single_extensions = <abc.abstractproperty object at 0x7f02265ab340>

          The list of single response extensions. Not response extensions.
        

tbs_response_bytes = <abc.abstractproperty object at 0x7f0226593d60>

          The tbsResponseData bytes
        

this_update = <abc.abstractproperty object at 0x7f02265ab0a0>

          The most recent time at which the status being indicated is known by
          the responder to have been correct
        

OCSPResponseBuilder

add_extension(self, extval: cryptography.x509.extensions.ExtensionType, critical: bool) -> 'OCSPResponseBuilder'

add_response(self, cert: cryptography.x509.base.Certificate, issuer: cryptography.x509.base.Certificate, algorithm: cryptography.hazmat.primitives.hashes.HashAlgorithm, cert_status: cryptography.x509.ocsp.OCSPCertStatus, this_update: datetime.datetime, next_update: Optional[datetime.datetime], revocation_time: Optional[datetime.datetime], revocation_reason: Optional[cryptography.x509.extensions.ReasonFlags]) -> 'OCSPResponseBuilder'

build_unsuccessful(response_status: cryptography.x509.ocsp.OCSPResponseStatus) -> cryptography.x509.ocsp.OCSPResponse

certificates(self, certs: Iterable[cryptography.x509.base.Certificate]) -> 'OCSPResponseBuilder'

responder_id(self, encoding: cryptography.x509.ocsp.OCSPResponderEncoding, responder_cert: cryptography.x509.base.Certificate) -> 'OCSPResponseBuilder'

sign(self, private_key: Union[cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey, cryptography.hazmat.primitives.asymmetric.ed448.Ed448PrivateKey, cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey, cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey, cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey], algorithm: Optional[cryptography.hazmat.primitives.hashes.HashAlgorithm]) -> cryptography.x509.ocsp.OCSPResponse

OCSPResponseStatus

An enumeration.

INTERNAL_ERROR = <OCSPResponseStatus.INTERNAL_ERROR: 2>

MALFORMED_REQUEST = <OCSPResponseStatus.MALFORMED_REQUEST: 1>

SIG_REQUIRED = <OCSPResponseStatus.SIG_REQUIRED: 5>

SUCCESSFUL = <OCSPResponseStatus.SUCCESSFUL: 0>

TRY_LATER = <OCSPResponseStatus.TRY_LATER: 3>

UNAUTHORIZED = <OCSPResponseStatus.UNAUTHORIZED: 6>

name = <types.DynamicClassAttribute object at 0x7f0227ac4b80>
  The name of the Enum member.

value = <types.DynamicClassAttribute object at 0x7f0227ac4bb0>
  The value of the Enum member.

Functions

load_der_ocsp_request

load_der_ocsp_request(data: bytes) -> cryptography.x509.ocsp.OCSPRequest

load_der_ocsp_response

load_der_ocsp_response(data: bytes) -> cryptography.x509.ocsp.OCSPResponse

Modules

abc

datetime

hashes

serialization

typing

x509