ownca package¶
Submodules¶
ownca.exceptions module¶
Copyright (c) 2018, 2019 Kairo de Araujo
-
exception
ownca.exceptions.
OnwCAInvalidDataStructure
[source]¶ Bases:
Exception
Invalid Ownca Data Structure.
-
exception
ownca.exceptions.
OwnCAFatalError
[source]¶ Bases:
Exception
No controlled Error, fatal error
ownca.ownca module¶
Copyright (c) 2018-2020 Kairo de Araujo
-
class
ownca.ownca.
CertificateAuthority
(ca_storage=None, common_name=None, maximum_days=825, **kwargs)[source]¶ Bases:
object
The primary Python OWNCA class.
This class initializes the Certificate Authority (CA).
- Parameters
ca_storage (str, required when there is no CA) – path where CA files and hosts files are stored. Default is the current directory (
os.getcwd()
)common_name (str, required when there is no CA) – Common Name for CA
dns_names (list of strings, optional) – List of DNS names
oids (dict, optional, all keys are optional) – CA Object Identifiers (OIDs). The are typically seen in X.509 names. Allowed keys/values:
'country_name': str (two letters)
,'locality_name': str
,'state_or_province': str
,'street_address': str
,'organization_name': str
,'organization_unit_name': str
,'email_address': str
,public_exponent (int, default: 65537) – Public Exponent
key_size (int, default: 2048) – Key size
-
property
cert
¶ Get CA certificate
- Returns
certificate class
- Return type
class,
cryptography.hazmat.backends.openssl.x509.Certificate
-
property
cert_bytes
¶ Get CA certificate in bytes
- Returns
certificate
- Return type
bytes,
-
property
common_name
¶ Get CA common name
- Returns
CA common name
- Return type
str
-
property
hash_name
¶ Get the CA hash name
- Returns
CA hash name
- Return type
str
-
initialize
(common_name=None, dns_names=None, maximum_days=825, public_exponent=65537, key_size=2048)[source]¶ Initialize the Certificate Authority (CA)
- Parameters
common_name (str, required) – CA Common Name (CN)
dns_names (list of strings, optional) – List of DNS names
maximum_days (int, default: 825) – Certificate maximum days duration
public_exponent (int, default: 65537) – Public Exponent
key_size (int, default: 2048) – Key size
- Returns
tuple with CA certificate, CA Key and CA Public key
- Return type
tuple (
cryptography.x509.Certificate
,cryptography.hazmat.backends.openssl.rsa
, string public key )
-
issue_certificate
(hostname, maximum_days=825, common_name=None, dns_names=None, oids=None, public_exponent=65537, key_size=2048)[source]¶ - Parameters
hostname (str, required) – Hostname
maximum_days (int, default: 825) – Certificate maximum days duration
common_name (str, optional) – Common Name (CN) when loading existent certificate
dns_names (list of strings, optional) – List of DNS names
oids (dict, optional, all keys are optional) – CA Object Identifiers (OIDs). The are typically seen in X.509 names. Allowed keys/values:
'country_name': str (two letters)
,'locality_name': str
,'state_or_province': str
,'street_address': str
,'organization_name': str
,'organization_unit_name': str
,'email_address': str
,public_exponent (int, default: 65537) – Public Exponent
key_size (int, default: 2048) – Key size
hostname –
- Returns
host object
- Return type
ownca.ownca.HostCertificate
-
property
key
¶ Get CA RSA Private key
- Returns
RSA Private Key class
- Return type
class,
cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey
-
property
key_bytes
¶ Get CA RSA Private key in bytes
- Returns
RSA Private Key
- Return type
bytes
-
property
public_key
¶ Get CA RSA Public key
- Returns
RSA Public Key class
- Return type
class,
cryptography.hazmat.backends.openssl.rsa._RSAPublicKey
-
property
public_key_bytes
¶ Get CA RSA Public key in bytes
- Returns
RSA Public Key class
- Return type
bytes
-
property
status
¶ This method give the CA storage status
- Returns
dict
ownca.utils.ownca_directory
{ "certificate": bool, "key": bool, "public_key": bool, "ca_home": None or str, }
-
class
ownca.ownca.
HostCertificate
(common_name, files, cert_data)[source]¶ Bases:
object
This class provide the host certificate methods.
- Parameters
common_name (str, required) – Host CN (Common Name), FQDN standard is required.
files (dict, required) –
files path (certificate, key and public key) from host
{ "certificate": str, "key": str, "public_key": str, }
cert_data (object, required) – certificate data
ownca.OwncaCertData
-
property
cert
¶ Get certificate
- Returns
certificate object
- Return type
object,
cryptography.hazmat.backends.openssl.x509.Certificate
-
property
cert_bytes
¶ Get certificate in bytes
- Returns
certificate
- Return type
bytes,
-
property
common_name
¶ Get common name
- Returns
common name
- Return type
str
-
property
key
¶ Get RSA Private key
- Returns
RSA Private Key class
- Return type
object,
cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey
-
property
key_bytes
¶ Get RSA Private key in bytes
- Returns
RSA Private Key
- Return type
bytes
-
property
public_key
¶ Get RSA Public key
- Returns
RSA Public Key class
- Return type
object,
cryptography.hazmat.backends.openssl.rsa._RSAPublicKey
-
property
public_key_bytes
¶ Get RSA Public key in bytes
- Returns
RSA Public Key class
- Return type
bytes
-
class
ownca.ownca.
OwncaCertData
(data)[source]¶ Bases:
object
Generates Ownca Certificate Data Structure
- Parameters
data (dict) –
Certificate Data
{ "cert": cryptography.x509.Certificate, "cert_bytes": bytes, "key": cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey, "key_bytes": bytes, "public_key": cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey, "public_key_bytes": bytes, }
- Returns
OwncaCertData
- Return type
ownca.ownca.OwncaCertData
- Raises
OnwCAInvalidDataStructure
-
property
cert
¶ Method to get the certificate
- Returns
certificate
- Return type
cryptography.x509.Certificate
-
property
cert_bytes
¶ Method to get the certificate in
bytes
- Returns
certificate
- Return type
bytes
-
property
key
¶ Method to get the key
- Returns
key
- Return type
cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey
-
property
key_bytes
¶ Method to get the key in
bytes
- Returns
key
- Return type
bytes
-
property
public_key
¶ Method to get the public key
- Returns
key
- Return type
cryptography.hazmat.backends.openssl.rsa._RSAPublicKey
-
property
public_key_bytes
¶ Method to get the public key in
bytes
- Returns
public key
- Return type
bytes
-
ownca.ownca.
format_oids
(oids_parameters)[source]¶ Format dictionary OIDs to
cryptography.x509.oid.NameOID
object list- Parameters
oids_parameters (dict, required) – CA Object Identifiers (OIDs). The are typically seen in X.509 names. Allowed keys/values:
'country_name': str (two letters)
,'locality_name': str
,'state_or_province': str
,'street_address': str
,'organization_name': str
,'organization_unit_name': str
,'email_address': str
,- Returns
cryptography.x509.oid.NameOID
object list- Return type
object
cryptography.x509.oid.NameOID
object list
ownca.utils module¶
Copyright (c) 2018-2020 Kairo de Araujo
-
ownca.utils.
file_data_status
(ca_status)[source]¶ Verify the CA status based in the existent files.
- Parameters
ca_status (dict, required) – current
ca_status
file dictionary:ownca.utils.ownca_directory
- Returns
True, False or None
- Return type
bool/None
-
ownca.utils.
ownca_directory
(ca_storage)[source]¶ Validates and manage CA storage directory and subfolders structure files.
- Parameters
ca_storage (string, required) – CA storage
- Returns
dict with state of ownca storage files
- Return type
dict
{ 'certificate': bool, "key": bool, "public_key": bool, "ca_home": None or str, }
-
ownca.utils.
store_file
(file_data, file_path, permission=None)[source]¶ Stores (write) files in the storage
- Parameters
file_data (str, required) – the file data
file_path (str, required) – the file absolute path
permission (int, optional) – operating-system mode bitfield
- Returns
bool
- Return type
boolean
Module contents¶
Copyright (c) 2018, 2019 Kairo de Araujo