Skip to main content

Utilities for creation of SSL/TLS security contexts for servers and clients

Project description

Secure Context

Utilities for creation of SSL/TLS security contexts for servers and clients

The purpose of this module is to expose, simple to use, secure definitions that follow current, community agreed, standards. As of now it offers methods for creation of client and server secure contexts.

It is STRONGLY RECOMMENDED that you READ the CODE BEFORE considering USING this library. I am NOT RESPONSIBLE if your product is hacked or cats become humans overlords due to usage of this code.

Documentation

Currently, only two functions are exported:

def create_server_ssl_context(
    cert_file: Union[Path, str],
    key_file: Union[Path, str],
    *,
    ca_file: Optional[Union[Path, str]] = None,
    ca_path: Optional[Union[Path, str]] = None,
    ca_data: Optional[Union[bytes, str]] = None,
    crl_file: Optional[Union[Path, str]] = None,
    protocols: Optional[List[str]] = None,
    ca_load_default: bool = False,
) -> ssl.SSLContext:
    """Create SSL context for TLS servers

    Args:
        cert_file: Path to SSL certificate file
        key_file: Path to private key file
        ca_file: Path to a file of concatenated CA certificates in PEM format
        ca_path: Path to a directory containing CA certificates in PEM format, following an OpenSSL specific layout
        ca_data: ASCII string of one or more PEM-encoded certificates or a bytes-like object of DER-encoded certificates
        crl_file: Path to a certificate revocation list file
        protocols: ALPN and NPN protocols accepted
        ca_load_default: Whether to load system defaults (default: {False})

    Note:
        If any of `ca_file`, `ca_path`, `ca_data` are defined client authentication will be enabled, which requires all
        clients to provide a accepted certificate to connect to the server.

    Raises:
        SSLError: Occurs if SSLContext creation fails
        FileNotFoundError: Occurs if a file path is invalid

    Returns:
        SSL context

    """
    ...
def create_client_authentication_ssl_context(
    cert_file: Union[Path, str],
    key_file: Union[Path, str],
    *,
    ca_file: Optional[Union[Path, str]] = None,
    ca_path: Optional[Union[Path, str]] = None,
    ca_data: Optional[Union[bytes, str]] = None,
    crl_file: Optional[Union[Path, str]] = None,
    protocols: Optional[List[str]] = None,
    check_hostname: bool = True,
) -> ssl.SSLContext:
    """Create SSL context for clients that require TLS client authentication

    WARNING:
        For clients that DO NOT require client authentication,
        ssl.create_default_context should be used instead

    Args:
        cert_file: Path to SSL certificate file
        key_file: Path to private key file
        ca_file: Path to a file of concatenated CA certificates in PEM format
        ca_path: Path to a directory containing CA certificates in PEM format, following an OpenSSL specific layout
        ca_data: ASCII string of one or more PEM-encoded certificates or a bytes-like object of DER-encoded certificates
        crl_file: Path to a certificate revocation list file
        protocols: ALPN and NPN protocols accepted
        check_hostname: Server hostname match (default: {False})

    Raises:
        SSLError: Occurs if SSLContext creation fails
        FileNotFoundError: Occurs if a file path is invalid

    Returns:
        SSL context

    """
    ...

License

Copyright © 2019-2021 Vítor Vasconcellos

BSD-3-Clause

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

secure_context-2.0.0.tar.gz (11.7 kB view details)

Uploaded Source

Built Distributions

secure_context-2.0.0-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (1.0 MB view details)

Uploaded CPython 3.6+ manylinux: glibc 2.17+ x86-64

secure_context-2.0.0-cp36-abi3-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl (1.2 MB view details)

Uploaded CPython 3.6+ manylinux: glibc 2.17+ ppc64le

secure_context-2.0.0-cp36-abi3-manylinux_2_17_i686.manylinux2014_i686.whl (1.1 MB view details)

Uploaded CPython 3.6+ manylinux: glibc 2.17+ i686

secure_context-2.0.0-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (1.0 MB view details)

Uploaded CPython 3.6+ manylinux: glibc 2.17+ ARM64

secure_context-2.0.0-cp36-abi3-manylinux_2_12_x86_64.manylinux2010_x86_64.whl (1.0 MB view details)

Uploaded CPython 3.6+ manylinux: glibc 2.12+ x86-64

secure_context-2.0.0-cp36-abi3-manylinux_2_12_i686.manylinux2010_i686.whl (1.1 MB view details)

Uploaded CPython 3.6+ manylinux: glibc 2.12+ i686

File details

Details for the file secure_context-2.0.0.tar.gz.

File metadata

  • Download URL: secure_context-2.0.0.tar.gz
  • Upload date:
  • Size: 11.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.1.11 CPython/3.9.7 Linux/5.15.2-zen1-1-zen

File hashes

Hashes for secure_context-2.0.0.tar.gz
Algorithm Hash digest
SHA256 6bb3ac31f616e657f042365ec0afa7faf4ad8f9d72fa5a28e8a0e531d8a4c773
MD5 bf4c1c3739f10efc39e792fdd7500b6e
BLAKE2b-256 146e8d6b67e095f778ec60d46de8c40fcbc5604e9a33e9d25272d9b296e76a93

See more details on using hashes here.

File details

Details for the file secure_context-2.0.0-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for secure_context-2.0.0-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 2f48e606dd070f075aeeb6a9c2c332c240c6cf142d185f08770d4c47466cbb7e
MD5 948dfb6c27b2e39936569b4b792386fa
BLAKE2b-256 7616d1750322e00d6074a6355b036f876f4f5a83f81144025852e4efa5a449e1

See more details on using hashes here.

File details

Details for the file secure_context-2.0.0-cp36-abi3-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl.

File metadata

File hashes

Hashes for secure_context-2.0.0-cp36-abi3-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl
Algorithm Hash digest
SHA256 62306361f12ba7bef72847f62052433682ad632cb32b2f8477149baf636f7705
MD5 19f1c778947749c214bcd542690e2302
BLAKE2b-256 8ec547813379e1f83f3b0d0a4617c3e2b6bba9344a117d7c745db40ea40256b4

See more details on using hashes here.

File details

Details for the file secure_context-2.0.0-cp36-abi3-manylinux_2_17_i686.manylinux2014_i686.whl.

File metadata

File hashes

Hashes for secure_context-2.0.0-cp36-abi3-manylinux_2_17_i686.manylinux2014_i686.whl
Algorithm Hash digest
SHA256 8bdd98f14a3203ace5bb970432c4f0d1ab0348bde754412248edfb77ce52917e
MD5 bf7a08c07949ac2f2cdcf31aeeafad0d
BLAKE2b-256 9c4ad0d0448ae31eba3eb4c9ba7dac9f78459fbb4eaec0bcee7940c37c429371

See more details on using hashes here.

File details

Details for the file secure_context-2.0.0-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl.

File metadata

File hashes

Hashes for secure_context-2.0.0-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
Algorithm Hash digest
SHA256 8ce45519154355565efdda3c85449a6536e1331bd59bdc555f34adeb36324859
MD5 d56b2d601fc2281d1e570dcec5f470a1
BLAKE2b-256 2e32b662e237489d7ade0c884d9ed4549659d263b0c3375b9e6e3c63340af2ac

See more details on using hashes here.

File details

Details for the file secure_context-2.0.0-cp36-abi3-manylinux_2_12_x86_64.manylinux2010_x86_64.whl.

File metadata

File hashes

Hashes for secure_context-2.0.0-cp36-abi3-manylinux_2_12_x86_64.manylinux2010_x86_64.whl
Algorithm Hash digest
SHA256 0ca8a9f80003fda806a2e1d7bbba5c06baf1648bbb6d17a458dda60373d61722
MD5 d715113d676676246f8a56b38ab222ee
BLAKE2b-256 fdefc2cf505bb366613619d294058e928028b17fe372b879bf4d3b8f5e1591eb

See more details on using hashes here.

File details

Details for the file secure_context-2.0.0-cp36-abi3-manylinux_2_12_i686.manylinux2010_i686.whl.

File metadata

File hashes

Hashes for secure_context-2.0.0-cp36-abi3-manylinux_2_12_i686.manylinux2010_i686.whl
Algorithm Hash digest
SHA256 9ddadc0a896e12ade9935160df3421e1c07f3cb7116b4674cfc1eed403d68321
MD5 e1ddafc154368a87825f1718d9ffea4f
BLAKE2b-256 7757215071ee5b91c3b1da70a3d06ecfbe1361a26c58b3c5781c14d7625d0277

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page