Skip to main content

Self-signed certificate builder for Swarmauri

Project description

Swarmauri Logo

PyPI - Downloads Hits PyPI - Python Version PyPI - License PyPI - swarmauri_certs_self_signed


Swarmauri Self-Signed Certificate Builder

Standalone plugin providing utilities to issue self-signed X.509 certificates using the SelfSignedCertificate builder.

Features

  • Issue PEM (default) or DER encoded self-signed certificates from existing private keys.
  • Populate subjects, subject alternative names, name constraints, and key usage extensions via simple dictionaries.
  • Convenience constructors for common TLS server and mTLS client certificates.
  • Automatically reuse a passphrase stored in KeyRef.tags["passphrase"] when loading encrypted keys.

Installation

Choose the tool that matches your workflow:

# pip
pip install swarmauri_certs_self_signed

# Poetry
poetry add swarmauri_certs_self_signed

# uv
uv add swarmauri_certs_self_signed

Quickstart

SelfSignedCertificate operates on a KeyRef whose material holds the PEM encoded private key. The example below generates an Ed25519 key, issues a TLS server certificate with DNS subject alternative names, and prints the PEM header of the resulting certificate.

from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import ed25519

from swarmauri_core.crypto.types import (
    ExportPolicy,
    KeyRef,
    KeyType,
    KeyUse,
)
from swarmauri_certs_self_signed import SelfSignedCertificate

private_key = ed25519.Ed25519PrivateKey.generate()
private_bytes = private_key.private_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PrivateFormat.PKCS8,
    encryption_algorithm=serialization.NoEncryption(),
)

key_ref = KeyRef(
    kid="example-ed25519",
    version=1,
    type=KeyType.ED25519,
    uses=(KeyUse.SIGN,),
    export_policy=ExportPolicy.SECRET_WHEN_ALLOWED,
    material=private_bytes,
)

builder = SelfSignedCertificate.tls_server(
    common_name="example.local",
    dns_names=["example.local", "api.example.local"],
)

certificate_pem = builder.issue(key_ref)
print(certificate_pem.decode().splitlines()[0])

The builder automatically mirrors the TLS server defaults: the subject common name is set from common_name, all DNS names are added to the SAN extension, and the certificate is valid for 397 days unless overridden. Set output_der=True on the builder to receive DER encoded bytes instead of PEM.

Entry Point

This package registers SelfSignedCertificate under both the swarmauri.cert_services and peagen.plugins.cert_services entry points.

Want to help?

If you want to contribute to swarmauri-sdk, read up on our guidelines for contributing that will help you get started.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

swarmauri_certs_self_signed-0.3.0.dev3.tar.gz (10.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

File details

Details for the file swarmauri_certs_self_signed-0.3.0.dev3.tar.gz.

File metadata

  • Download URL: swarmauri_certs_self_signed-0.3.0.dev3.tar.gz
  • Upload date:
  • Size: 10.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.12 {"installer":{"name":"uv","version":"0.10.12","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_certs_self_signed-0.3.0.dev3.tar.gz
Algorithm Hash digest
SHA256 cd13177b4a9977ea70a80babcb1167afd5c83da3c469c5bae6780f3a18cb2cb5
MD5 7770391ebe565cc5313bd1f9729b38f3
BLAKE2b-256 7bad094033c8e65ee6a9882931caaea4549a283c6117006292b2efea1c6fa434

See more details on using hashes here.

File details

Details for the file swarmauri_certs_self_signed-0.3.0.dev3-py3-none-any.whl.

File metadata

  • Download URL: swarmauri_certs_self_signed-0.3.0.dev3-py3-none-any.whl
  • Upload date:
  • Size: 11.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.12 {"installer":{"name":"uv","version":"0.10.12","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_certs_self_signed-0.3.0.dev3-py3-none-any.whl
Algorithm Hash digest
SHA256 4f9e1557306caa4daba8e0169f7e2a9856d658c253fede218bac12b524599442
MD5 d6aec50f20de54400da888c371a6aeba
BLAKE2b-256 443786d456e67453135e1991b4b8c7e32887c75e06de7720309f2b22eb2780ba

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page