Check if certificate is revoked using the x509 CRL extension
Project description
:warning: Library deprecated, please migrate to pki-tools :warning:
crl-checker
This small python library checks if a specific certificate is revoked using the CRL defined in the x509 CRL distribution points extension (https://datatracker.ietf.org/doc/html/rfc5280.html#section-4.2.1.13)
Installation
pip install crl-checker
Usage
Checking revocation using PEM encoded certificate
from crl_checker import check_revoked, Revoked, Error
cert_pem = """
-----BEGIN CERTIFICATE-----
<CERTIFICATE_PEM_BYTES>
-----END CERTIFICATE-----
"""
crl_issuer_pem = """
-----BEGIN CERTIFICATE-----
<CERTIFICATE_PEM_BYTES>
-----END CERTIFICATE-----
"""
try:
check_revoked(cert_pem, crl_issuer_pem)
except Revoked as e:
print(f"Certificate revoked: {e}")
except Error as e:
print(f"Revocation check failed. Error: {e}")
raise
Checking revocation using an already loaded cryptography x509.Certificate:
from cryptography import x509
from crl_checker import check_revoked_crypto_cert, Revoked, Error
cert : x509.Certificate = ...
chain: x509.Certificate = ...
try:
check_revoked_crypto_cert(cert, chain)
except Revoked as e:
print(f"Certificate revoked: {e}")
except Error as e:
print(f"Revocation check failed. Error: {e}")
raise
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
crl_checker-2.0.0.tar.gz
(2.7 kB
view hashes)
Built Distribution
Close
Hashes for crl_checker-2.0.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | ac591ee28ab1c5b1d0f8b7a09b31ae7196bfb8e98f00c6d562eb47d838a91c2f |
|
MD5 | 5b5031037138c90625cb8f29e92ff3c8 |
|
BLAKE2b-256 | b39dc30ed4ff7ecc57e527e8f8291eae351f3a34e1cd5c4e9c4f6ee9fc0f6a3e |