Skip to main content

PKI tools for e.g. checking certificate CRL/OCSP revocation

Project description

Python Badge

PKI tools exposes a high level cryptography API for e.g.:

  • Loading certificates from PEM strings/files/cryptography object into a pydantic model including all x509 v3 extensions
  • Checking revocation of certificates using OCSP with CRL fallback

Docs

Documentation is available at: https://pki-tools.fulder.dev

Quickstart

Install

pip install pki-tools

Usage

Loading certificate

from pki_tools import Certificate

cert_pem = """
-----BEGIN CERTIFICATE-----
<CERT_PEM_BYTES>
-----END CERTIFICATE-----
"""

cert = Certificate.from_pem_string(cert_pem)

Loading chain

from pki_tools import Chain

issuer_cert_pem = """
-----BEGIN CERTIFICATE-----
<ISSUER_CERT_PEM_BYTES>
-----END CERTIFICATE-----
"""

chain = Chain.from_pem_string(issuer_cert_pem)

Checking revocation using OCSP with CRL fallback

The following example is using the cert and chain from the examples above

from pki_tools import is_revoked

if is_revoked(cert, chain):
    print("Certificate Revoked!")

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pki_tools-0.0.29.tar.gz (16.2 kB view hashes)

Uploaded Source

Built Distribution

pki_tools-0.0.29-py3-none-any.whl (21.2 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page