A library for using DANE for public key discovery.
Project description
A library for using DANE TLSA records for certificate discovery.
Quick Start
Installation
pip install dane-discovery
Load a certificate from DNS and print the PEM representation
from dane_discovery.dane import DANE from dane_discovery.pki import PKI dns_name = "dns.name.having.a.tlsa.record" tlsa_record = DANE.get_first_leaf_certificate(dns_name) if not tlsa_record: raise ValueError("No leaf certificate found for {}.".format(dns_name)) der_cert = PKI.certificate_association_to_der(tlsa_record["certificate_association"]) print(PKI.der_to_pem(der_cert))
Load a DANE identity from DNS and print the request context
from dane_discovery.identity import Identity dns_name = "dns.name.having.a.tlsa.record" dane_identity = Identity(dns_name) print(dane_identity.report()) Name: abc123.air-quality-sensor._device.example.net Request context: DNSSEC: False TLS: False TCP: True Credential index: 0 certificate usage: DANE-EE selector: Full certificate match matching type: Exact match against certificate association x509 attributes: {'extensions': {'BasicConstrints': {'ca': False, 'path_length': None}, 'KeyUsage': {'content_commitment': True, 'crl_sign': False, 'data_encipherment': False, 'digital_signature': True, 'key_agreement': False, 'key_cert_sign': False, 'key_encipherment': True}}, 'subject': {'commonName': 'abc123.air-quality-sensor._device.example.net', 'countryName': 'US', 'organizationName': 'Example Networks', 'stateOrProvinceName': 'CA'}}
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
dane_discovery-0.22.tar.gz
(21.2 kB
view hashes)
Built Distribution
Close
Hashes for dane_discovery-0.22-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | ff23cd0399293b540d7876a0bd540924d327427b5e75e246ec4ae6a6befc569a |
|
MD5 | 702dbfb6d9c9194a872a63454a6307e9 |
|
BLAKE2-256 | bcdd475657d40ec1b70590dac76dfe9974ada30f473d8ba667a87f816fd1764f |