pki.util.cert_req_converter¶

Adapter to convert from CertificateSigningRequest to JSON certificate request dict.

Attributes¶

logger

Classes¶

`JSONCertRequestConverter`	Adapter to convert from CertificateSigningRequest to JSON certificate request dict.
`JSONCertRequestCommandExtractor`	Adapter to extract defaults and values from a profile for use in OpenSSL commands (help pages).

Module Contents¶

pki.util.cert_req_converter.logger[source]¶

class pki.util.cert_req_converter.JSONCertRequestConverter[source]¶

Adapter to convert from CertificateSigningRequest to JSON certificate request dict.

static _san_value_to_json(san)[source]¶

Parameters:: san (cryptography.x509.SubjectAlternativeName)
Return type:: dict[str, Any]

static _ku_value_to_json(ku)[source]¶

Parameters:: ku (cryptography.x509.KeyUsage)
Return type:: dict[str, Any]

static _extensions_to_json(extensions)[source]¶

Parameters:: extensions (list[cryptography.x509.Extension[Any]])
Return type:: dict[str, Any]

static to_json(csr)[source]¶

Convert a CSR to a JSON request dict.

Parameters:: csr (cryptography.x509.CertificateSigningRequest | cryptography.x509.CertificateBuilder | None)
Return type:: dict[str, Any]

static _subject_from_json(json, builder)[source]¶

Constructs and sets the subject name of an X.509 certificate builder from a JSON dictionary.

Parameters:

json (dict[str, Any])
builder (cryptography.x509.CertificateBuilder)

Return type:

cryptography.x509.CertificateBuilder

static _general_name_from_json(ext_value)[source]¶

Converts SAN values from JSON to a list of x509.GeneralName objects.

Parameters:: ext_value (dict[str, Any])
Return type:: list[cryptography.x509.GeneralName]

static _ku_from_json(ext_value)[source]¶

Converts Key Usage values from JSON to an x509.KeyUsage object.

Parameters:: ext_value (dict[str, Any])
Return type:: cryptography.x509.KeyUsage

static _ext_from_json(json, builder)[source]¶

Processes JSON data to add X.509 certificate extensions to a CertificateBuilder.

Parameters:

json (dict[str, Any])
builder (cryptography.x509.CertificateBuilder)

Return type:

cryptography.x509.CertificateBuilder

static validity_period_from_json(validity)[source]¶

Parses validity period from JSON.

Parameters:: validity (dict[str, Any])
Return type:: datetime.timedelta

static _validity_from_json(json, builder)[source]¶

Parses validity from JSON and applies it to the builder.

For relative periods, this sets not_before to now - 1 hour and not_after to now + period. Therefore, it should be called just before signing the certificate.

Parameters:

json (dict[str, Any])
builder (cryptography.x509.CertificateBuilder)

Return type:

cryptography.x509.CertificateBuilder

static from_json(json)[source]¶

Convert a JSON request dict to a CertificateBuilder.

Parameters:: json (dict[str, Any])
Return type:: cryptography.x509.CertificateBuilder

class pki.util.cert_req_converter.JSONCertRequestCommandExtractor[source]¶

Adapter to extract defaults and values from a profile for use in OpenSSL commands (help pages).

static sample_request_to_openssl_subj(sample_req)[source]¶

Convert profile subject to OpenSSL command line subject string.

Parameters:: sample_req (dict[str, Any])
Return type:: str

static sample_request_to_openssl_cmp_sans(sample_req)[source]¶

Convert profile SANs to OpenSSL CMP command line -sans string.

Parameters:: sample_req (dict[str, Any])
Return type:: str

static sample_request_to_openssl_req_sans(sample_req)[source]¶

Convert profile SANs to OpenSSL req command line -addext string.

Parameters:: sample_req (dict[str, Any])
Return type:: str

static sample_request_to_openssl_days(sample_req)[source]¶

Extract validity days from profile for OpenSSL CMP command line -days option.

Parameters:: sample_req (dict[str, Any])
Return type:: int