Service identity verification for pyOpenSSL & cryptography.
Project description
Service Identity Verification for pyOpenSSL & cryptography
Use this package if:
- you want to verify that a PyCA cryptography certificate is valid for a certain hostname or IP address,
- or if you use pyOpenSSL and don’t want to be MITMed,
- or if you want to inspect certificates from either for service IDs.
service-identity aspires to give you all the tools you need for verifying whether a certificate is valid for the intended purposes. In the simplest case, this means host name verification. However, service-identity implements RFC 6125 fully.
Project Information
service-identity is released under the MIT license, its documentation lives at Read the Docs, the code on GitHub, and the latest release on PyPI.
Credits
service-identity is written and maintained by Hynek Schlawack.
The development is kindly supported by my employer Variomedia AG, service-identity's Tidelift subscribers, and all my amazing GitHub Sponsors.
service-identity for Enterprise
Available as part of the Tidelift Subscription.
The maintainers of service-identity and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open-source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. Learn more.
Release Information
Removed
- All Python versions up to and including 3.7 have been dropped.
- Support for
commonNamein certificates has been dropped. It has been deprecated since 2017 and isn't supported by any major browser. - The oldest supported pyOpenSSL version (when using the
pyopensslbackend) is now 17.0.0. When using such an old pyOpenSSL version, you have to pin cryptography yourself to ensure compatibility between them. Please check outcontraints/oldest-pyopenssl.txtto verify what we are testing against.
Deprecated
- If you've used
service_identity.(cryptography|pyopenssl).extract_ids(), please switch to the new namesextract_patterns(). #56
Added
service_identity.(cryptography|pyopenssl).extract_patterns()are now public APIs (FKAextract_ids()). You can use them to extract the patterns from a certificate without verifying anything. #55- service-identity is now fully typed. #57
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file service_identity-23.1.0.tar.gz.
File metadata
- Download URL: service_identity-23.1.0.tar.gz
- Upload date:
- Size: 39.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/4.0.1 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ecb33cd96307755041e978ab14f8b14e13b40f1fbd525a4dc78f46d2b986431d |
|
| MD5 | 14a751406024544784459474d93d1ea5 |
|
| BLAKE2b-256 | 3b982a46c7414ffc1d06ba67d2c2dd62a207a70cb351028a8cd8c85b3dbd1cf7 |
File details
Details for the file service_identity-23.1.0-py3-none-any.whl.
File metadata
- Download URL: service_identity-23.1.0-py3-none-any.whl
- Upload date:
- Size: 12.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/4.0.1 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 87415a691d52fcad954a500cb81f424d0273f8e7e3ee7d766128f4575080f383 |
|
| MD5 | 59606ce95ee2f7e5a9f0e9251ac12a09 |
|
| BLAKE2b-256 | 0c42bf07f277b45da6e350df3314804aa2b5411e0938d3b78b4f17da2e1302c2 |
