PKI tools for e.g. checking certificate CRL/OCSP revocation
Project description
PKI tools exposes a high level cryptography
API for e.g.:
- checking revocation of certificates:
- using CRL defined in the x509 CRL distribution points extension (https://datatracker.ietf.org/doc/html/rfc5280.html#section-4.2.1.13)
- using OCSP defined in the x509 Authority Information Access extension (https://datatracker.ietf.org/doc/html/rfc5280.html#section-4.2.2.1)
- loading certificates from PEM format
- saving certificates to files
- reading certificates from files
Docs
Documentation is available at: https://pki-tools.fulder.dev
Quickstart
Install
pip install pki-tools
Usage
Checking OCSP and CRL revocation
from pki_tools import is_revoked
from pki_tools.types import PemCert, Chain
cert_pem = """
-----BEGIN CERTIFICATE-----
<CERT_PEM_BYTES>
-----END CERTIFICATE-----
"""
issuer_cert_pem = """
-----BEGIN CERTIFICATE-----
<ISSUER_CERT_PEM_BYTES>
-----END CERTIFICATE-----
"""
chain = Chain.from_pem([PemCert(issuer_cert_pem)])
if is_revoked(PemCert(cert_pem), chain):
print("Certificate Revoked!")
For more functions see: Pki Tools
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
pki_tools-0.0.20.tar.gz
(10.4 kB
view hashes)
Built Distribution
pki_tools-0.0.20-py3-none-any.whl
(12.3 kB
view hashes)
Close
Hashes for pki_tools-0.0.20-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3aab6b00e31ccf7119d920a944e9cc9b32c4e93f3eaf1945687691cb3bef5452 |
|
MD5 | e1546f0013b30bba537ef1d0b138abee |
|
BLAKE2b-256 | 50505960d845f353761f47b89b914a00f0b61041cdcf38137fd8f6f1d46a8b83 |