Package tlslite :: Module x509certchain
[hide private]
[frames] | no frames]

Source Code for Module tlslite.x509certchain

 1  # Author: Trevor Perrin 
 2  # See the LICENSE file for legal information regarding use of this file. 
 3   
 4  """Class representing an X.509 certificate chain.""" 
 5   
 6  from .utils import cryptomath 
 7  from .utils.tackwrapper import * 
 8   
9 -class X509CertChain:
10 """This class represents a chain of X.509 certificates. 11 12 @type x509List: list 13 @ivar x509List: A list of L{tlslite.x509.X509} instances, 14 starting with the end-entity certificate and with every 15 subsequent certificate certifying the previous. 16 """ 17
18 - def __init__(self, x509List=None):
19 """Create a new X509CertChain. 20 21 @type x509List: list 22 @param x509List: A list of L{tlslite.x509.X509} instances, 23 starting with the end-entity certificate and with every 24 subsequent certificate certifying the previous. 25 """ 26 if x509List: 27 self.x509List = x509List 28 else: 29 self.x509List = []
30
31 - def getNumCerts(self):
32 """Get the number of certificates in this chain. 33 34 @rtype: int 35 """ 36 return len(self.x509List)
37
38 - def getEndEntityPublicKey(self):
39 """Get the public key from the end-entity certificate. 40 41 @rtype: L{tlslite.utils.rsakey.RSAKey} 42 """ 43 if self.getNumCerts() == 0: 44 raise AssertionError() 45 return self.x509List[0].publicKey
46
47 - def getFingerprint(self):
48 """Get the hex-encoded fingerprint of the end-entity certificate. 49 50 @rtype: str 51 @return: A hex-encoded fingerprint. 52 """ 53 if self.getNumCerts() == 0: 54 raise AssertionError() 55 return self.x509List[0].getFingerprint()
56
57 - def checkTack(self, tack):
58 for x509 in self.x509List: 59 ssl = TACKpy.SSL_Cert() 60 ssl.parse(x509.bytes) 61 if ssl.matches(tack): 62 return True 63 return False
64
65 - def getTackExt(self):
66 """Get the TACK and/or Break Sigs from a TACK Cert in the chain.""" 67 tackExt = None 68 # Search list in backwards order 69 for x509 in self.x509List[::-1]: 70 ssl = TACKpy.SSL_Cert() 71 ssl.parse(x509.bytes) 72 if ssl.tackExt: 73 if tackExt: 74 raise SyntaxError("Multiple TACK Extensions") 75 else: 76 tackExt = ssl.tackExt 77 return tackExt
78