ownca package¶
Submodules¶
ownca.exceptions module¶
Copyright (c) 2018, 2019 Kairo de Araujo
-
exception
ownca.exceptions.OnwCAInvalidDataStructure[source]¶ Bases:
ExceptionInvalid Ownca Data Structure.
-
exception
ownca.exceptions.OwnCAFatalError[source]¶ Bases:
ExceptionNo controlled Error, fatal error
ownca.ownca module¶
Copyright (c) 2018-2020 Kairo de Araujo
-
class
ownca.ownca.CertificateAuthority(ca_storage=None, common_name=None, maximum_days=825, **kwargs)[source]¶ Bases:
objectThe primary Python OWNCA class.
This class initializes the Certificate Authority (CA).
- Parameters
ca_storage (str, required when there is no CA) – path where CA files and hosts files are stored. Default is the current directory (
os.getcwd())common_name (str, required when there is no CA) – Common Name for CA
dns_names (list of strings, optional) – List of DNS names
oids (dict, optional, all keys are optional) – CA Object Identifiers (OIDs). The are typically seen in X.509 names. Allowed keys/values:
'country_name': str (two letters),'locality_name': str,'state_or_province': str,'street_address': str,'organization_name': str,'organization_unit_name': str,'email_address': str,public_exponent (int, default: 65537) – Public Exponent
key_size (int, default: 2048) – Key size
-
property
cert¶ Get CA certificate
- Returns
certificate class
- Return type
class,
cryptography.hazmat.backends.openssl.x509.Certificate
-
property
cert_bytes¶ Get CA certificate in bytes
- Returns
certificate
- Return type
bytes,
-
property
common_name¶ Get CA common name
- Returns
CA common name
- Return type
str
-
property
hash_name¶ Get the CA hash name
- Returns
CA hash name
- Return type
str
-
initialize(common_name=None, dns_names=None, maximum_days=825, public_exponent=65537, key_size=2048)[source]¶ Initialize the Certificate Authority (CA)
- Parameters
common_name (str, required) – CA Common Name (CN)
dns_names (list of strings, optional) – List of DNS names
maximum_days (int, default: 825) – Certificate maximum days duration
public_exponent (int, default: 65537) – Public Exponent
key_size (int, default: 2048) – Key size
- Returns
tuple with CA certificate, CA Key and CA Public key
- Return type
tuple (
cryptography.x509.Certificate,cryptography.hazmat.backends.openssl.rsa, string public key )
-
issue_certificate(hostname, maximum_days=825, common_name=None, dns_names=None, oids=None, public_exponent=65537, key_size=2048)[source]¶ - Parameters
hostname (str, required) – Hostname
maximum_days (int, default: 825) – Certificate maximum days duration
common_name (str, optional) – Common Name (CN) when loading existent certificate
dns_names (list of strings, optional) – List of DNS names
oids (dict, optional, all keys are optional) – CA Object Identifiers (OIDs). The are typically seen in X.509 names. Allowed keys/values:
'country_name': str (two letters),'locality_name': str,'state_or_province': str,'street_address': str,'organization_name': str,'organization_unit_name': str,'email_address': str,public_exponent (int, default: 65537) – Public Exponent
key_size (int, default: 2048) – Key size
hostname –
- Returns
host object
- Return type
ownca.ownca.HostCertificate
-
property
key¶ Get CA RSA Private key
- Returns
RSA Private Key class
- Return type
class,
cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey
-
property
key_bytes¶ Get CA RSA Private key in bytes
- Returns
RSA Private Key
- Return type
bytes
-
property
public_key¶ Get CA RSA Public key
- Returns
RSA Public Key class
- Return type
class,
cryptography.hazmat.backends.openssl.rsa._RSAPublicKey
-
property
public_key_bytes¶ Get CA RSA Public key in bytes
- Returns
RSA Public Key class
- Return type
bytes
-
property
status¶ This method give the CA storage status
- Returns
dict
ownca.utils.ownca_directory
{ "certificate": bool, "key": bool, "public_key": bool, "ca_home": None or str, }
-
class
ownca.ownca.HostCertificate(common_name, files, cert_data)[source]¶ Bases:
objectThis class provide the host certificate methods.
- Parameters
common_name (str, required) – Host CN (Common Name), FQDN standard is required.
files (dict, required) –
files path (certificate, key and public key) from host
{ "certificate": str, "key": str, "public_key": str, }
cert_data (object, required) – certificate data
ownca.OwncaCertData
-
property
cert¶ Get certificate
- Returns
certificate object
- Return type
object,
cryptography.hazmat.backends.openssl.x509.Certificate
-
property
cert_bytes¶ Get certificate in bytes
- Returns
certificate
- Return type
bytes,
-
property
common_name¶ Get common name
- Returns
common name
- Return type
str
-
property
key¶ Get RSA Private key
- Returns
RSA Private Key class
- Return type
object,
cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey
-
property
key_bytes¶ Get RSA Private key in bytes
- Returns
RSA Private Key
- Return type
bytes
-
property
public_key¶ Get RSA Public key
- Returns
RSA Public Key class
- Return type
object,
cryptography.hazmat.backends.openssl.rsa._RSAPublicKey
-
property
public_key_bytes¶ Get RSA Public key in bytes
- Returns
RSA Public Key class
- Return type
bytes
-
class
ownca.ownca.OwncaCertData(data)[source]¶ Bases:
objectGenerates Ownca Certificate Data Structure
- Parameters
data (dict) –
Certificate Data
{ "cert": cryptography.x509.Certificate, "cert_bytes": bytes, "key": cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey, "key_bytes": bytes, "public_key": cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey, "public_key_bytes": bytes, }
- Returns
OwncaCertData
- Return type
ownca.ownca.OwncaCertData- Raises
OnwCAInvalidDataStructure
-
property
cert¶ Method to get the certificate
- Returns
certificate
- Return type
cryptography.x509.Certificate
-
property
cert_bytes¶ Method to get the certificate in
bytes- Returns
certificate
- Return type
bytes
-
property
key¶ Method to get the key
- Returns
key
- Return type
cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey
-
property
key_bytes¶ Method to get the key in
bytes- Returns
key
- Return type
bytes
-
property
public_key¶ Method to get the public key
- Returns
key
- Return type
cryptography.hazmat.backends.openssl.rsa._RSAPublicKey
-
property
public_key_bytes¶ Method to get the public key in
bytes- Returns
public key
- Return type
bytes
-
ownca.ownca.format_oids(oids_parameters)[source]¶ Format dictionary OIDs to
cryptography.x509.oid.NameOIDobject list- Parameters
oids_parameters (dict, required) – CA Object Identifiers (OIDs). The are typically seen in X.509 names. Allowed keys/values:
'country_name': str (two letters),'locality_name': str,'state_or_province': str,'street_address': str,'organization_name': str,'organization_unit_name': str,'email_address': str,- Returns
cryptography.x509.oid.NameOIDobject list- Return type
object
cryptography.x509.oid.NameOIDobject list
ownca.utils module¶
Copyright (c) 2018-2020 Kairo de Araujo
-
ownca.utils.file_data_status(ca_status)[source]¶ Verify the CA status based in the existent files.
- Parameters
ca_status (dict, required) – current
ca_statusfile dictionary:ownca.utils.ownca_directory- Returns
True, False or None
- Return type
bool/None
-
ownca.utils.ownca_directory(ca_storage)[source]¶ Validates and manage CA storage directory and subfolders structure files.
- Parameters
ca_storage (string, required) – CA storage
- Returns
dict with state of ownca storage files
- Return type
dict
{ 'certificate': bool, "key": bool, "public_key": bool, "ca_home": None or str, }
-
ownca.utils.store_file(file_data, file_path, permission=None)[source]¶ Stores (write) files in the storage
- Parameters
file_data (str, required) – the file data
file_path (str, required) – the file absolute path
permission (int, optional) – operating-system mode bitfield
- Returns
bool
- Return type
boolean
Module contents¶
Copyright (c) 2018, 2019 Kairo de Araujo