pyndn.security.certificate package

Submodules

pyndn.security.certificate.certificate module

class pyndn.security.certificate.certificate.Certificate(other=None)[source]

Bases: pyndn.data.Data

addExtension(ext)[source]

Add an extension field to the certificate. :param ext: Th CertificateExtension object to add

addSubjectDescription(descr)[source]

Add a subject description field to the certificate. :param descr: The CertificateSubjectDescription object to add

decode()[source]

Populates the fields by decoding DER data from the Content.

encode()[source]

Encode the contents of the certificate in DER format and set the Content and MetaInfo fields.

epochStart = datetime.datetime(1970, 1, 1, 0, 0)
getExtensionList()[source]
Returns:The extension fields of the certificate.
Return type:list of CertificateExtension
getExtensions()[source]
Deprecated:Use getExtensionList.
getNotAfter()[source]

Returns the latest date the certificate is valid at. :return: Timestamp as milliseconds since 1970. :rtype: float

getNotBefore()[source]

Returns the earliest date the certificate is valid at. :return: Timestamp as milliseconds since 1970. :rtype: float

getPublicKeyDer()[source]

Get the public key DER encoding. :return: The DER encoding Blob. :rtype: Blob :throws: RuntimeError if the public key is not set.

getPublicKeyInfo()[source]
Returns:The PublicKey object stored in the certificate.
Return type:PublicKey
getSubjectDescriptions()[source]
Returns:The subject description fields of the certificate.
Return type:list of CertificateSubjectDescription
isInValidityPeriod(time)[source]
isTooEarly()[source]

Check if the certificate start date is in the future :return: True if the certificate cannot be used yet :rtype: boolean

isTooLate()[source]

Check if the certificate end date is in the past :return: True if the certificate has expired :rtype: boolean

setNotAfter(notAfter)[source]
setNotBefore(notBefore)[source]
setPublicKeyInfo(publicKey)[source]

Assign a new public key to the certificate. :param publicKey: The new public key :type publicKey: PublicKey

toDer()[source]

Encode the certificate fields in DER format. :return: The DER encoded contents of the certificate. :rtype: DerNode

wireDecode(buf, wireFormat=None)[source]

Make sure the fields are populated after decoding

class pyndn.security.certificate.certificate.CertificateExtension(oid, isCritical, value)[source]
getIsCritical()[source]
Returns:Whether the extension is critical to the certificate
Return type:boolean
getOid()[source]
Returns:The object identifier of the subject description field.
Return type:OID
getValue()[source]
Returns:The value of the extension field
Return type:Blob
isCritical()[source]
Deprecated:Use getIsCritical.
toDer()[source]

Encode this field as a DerNode. :return: Encoded certificate extension :rtype: DerSequence

class pyndn.security.certificate.certificate.CertificateSubjectDescription(oid, value)[source]
getOid()[source]
Returns:The object identifier of the subject description field.
Return type:OID
getValue()[source]
Returns:The value of the subject description field.
Return type:Blob
toDer()[source]

Encode this field as a DerNode. :return: Encoded subject description :rtype: DerSequence

pyndn.security.certificate.identity_certificate module

class pyndn.security.certificate.identity_certificate.IdentityCertificate(data=None)[source]

Bases: pyndn.security.certificate.certificate.Certificate

static certificateNameToPublicKeyName(certificateName)[source]

Extract the name of a public key from the name of an identity certificate. :param Name certificateName: The certificate name.

getPublicKeyName()[source]
Returns:The name of the public key associated with this certificate
Return type:Name
setName(name)[source]

Overrides Data.setName() to ensure that the new name is a valid identity certificate name. :param name: The new name for this IdentityCertificate :type name: Name

wireDecode(buf, wireFormat=None)[source]

Data.wireDecode does not call setName, so we must make sure to update our public key name

pyndn.security.certificate.public_key module

This module defines the PublicKey class which holds an encoded public key for use by the security library.

class pyndn.security.certificate.public_key.PublicKey(keyDer=None)[source]

Bases: object

Create a new PublicKey by decoding the keyDer. Set the key type from the decoding.

Parameters:keyDer (Blob) – The blob of the PublicKeyInfo in terms of DER.
Raises:UnrecognizedKeyFormatException if can’t decode the key DER.
EC_ENCRYPTION_OID = '1.2.840.10045.2.1'
RSA_ENCRYPTION_OID = '1.2.840.113549.1.1.1'
encrypt(plainData, algorithmType)[source]

Encrypt the plainData using the keyBits according the encrypt algorithm type.

Parameters:
  • plainData (Blob or an object which is the same as the bytes() operator) – The data to encrypt.
  • algorithmType (int) – The algorithm type from EncryptAlgorithmType. This encrypts according to the algorithm type, e.g., RsaOaep.
Returns:

The encrypted data.
Return type:

Blob
getDigest(digestAlgorithm=1)[source]

Get the digest of the public key.

Parameters:digestAlgorithm (int from DigestAlgorithm) – (optional) The digest algorithm. If omitted, use DigestAlgorithm.SHA256 .
Returns:The digest value
Return type:Blob
getKeyDer()[source]

Get the raw bytes of the public key in DER format.

Returns:The public key DER
Return type:Blob
getKeyType()[source]

Get the key type.

Returns:The key type
Return type:an int from KeyType
toDer()[source]

Encode the public key into DER.

Returns:The encoded DER syntax tree.
Return type:DerNode

Module contents