PKI tools for e.g. checking certificate CRL/OCSP revocation
Project description
PKI tools exposes a high level cryptography
API for e.g.:
- Loading certificates from PEM strings/files/cryptography object into a pydantic model including all x509 v3 extensions
- Checking revocation of certificates using OCSP with CRL fallback
Docs
Documentation is available at: https://pki-tools.fulder.dev
Quickstart
Install
pip install pki-tools
Usage
Loading certificate
from pki_tools import Certificate
cert_pem = """
-----BEGIN CERTIFICATE-----
<CERT_PEM_BYTES>
-----END CERTIFICATE-----
"""
cert = Certificate.from_pem_string(cert_pem)
Loading chain
from pki_tools import Chain
issuer_cert_pem = """
-----BEGIN CERTIFICATE-----
<ISSUER_CERT_PEM_BYTES>
-----END CERTIFICATE-----
"""
chain = Chain.from_pem_string(issuer_cert_pem)
Checking revocation using OCSP with CRL fallback
The following example is using the cert
and chain
from the examples above
from pki_tools import is_revoked
if is_revoked(cert, chain):
print("Certificate Revoked!")
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
pki_tools-0.0.0.tar.gz
(24.1 kB
view hashes)
Built Distribution
pki_tools-0.0.0-py3-none-any.whl
(32.0 kB
view hashes)
Close
Hashes for pki_tools-0.0.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 14ba8bb4658982ca6e9bb83e47634c8ae10b65ea8c3cb8d32705aaad572dcfe4 |
|
MD5 | 2e8c012ea4e9354154b44cf7f494b63a |
|
BLAKE2b-256 | 0c3792403f9f1a0f49576c55a6f1ba19a24ed16b1ed8c4445d729ad231f504a1 |