tlslite.x509certchain module

Class representing an X.509 certificate chain.

class tlslite.x509certchain.X509CertChain(x509List=None)[source]

Bases: object

This class represents a chain of X.509 certificates.

Variables:

x509List (list) – A list of tlslite.x509.X509 instances, starting with the end-entity certificate and with every subsequent certificate certifying the previous.

__init__(x509List=None)[source]

Create a new X509CertChain.

Parameters:

x509List (list) – A list of tlslite.x509.X509 instances, starting with the end-entity certificate and with every subsequent certificate certifying the previous.

checkTack(tack)[source]
getEndEntityPublicKey()[source]

Get the public key from the end-entity certificate.

Return type:

RSAKey`

getFingerprint()[source]

Get the hex-encoded fingerprint of the end-entity certificate.

Return type:

str

Returns:

A hex-encoded fingerprint.

getNumCerts()[source]

Get the number of certificates in this chain.

Return type:

int

getTackExt()[source]

Get the TACK and/or Break Sigs from a TACK Cert in the chain.

parsePemList(s)[source]

Parse a string containing a sequence of PEM certs.

Raise a SyntaxError if input is malformed.

tlslite.x509certchain.bytes_to_int(bytes, byteorder='big', *, signed=False)

Return the integer represented by the given array of bytes.

bytes

Holds the array of bytes to convert. The argument must either support the buffer protocol or be an iterable object producing bytes. Bytes and bytearray are examples of built-in objects that support the buffer protocol.

byteorder

The byte order used to represent the integer. If byteorder is ‘big’, the most significant byte is at the beginning of the byte array. If byteorder is ‘little’, the most significant byte is at the end of the byte array. To request the native byte order of the host system, use `sys.byteorder’ as the byte order value. Default is to use ‘big’.

signed

Indicates whether two’s complement is used to represent the integer.