konnect.curl.certificates.encodings module

Classes for various DER encoded objects, with ASCII armoring and file storage for them

class AsciiArmored

Bases: bytes

Base 64 encoding with fences for binary cryptographic data, commonly known as PEM

This class assumes that the encoded data contains at most one certificate and one private key, the first occurrence of each being returned by the AsciiArmored.certificate() and AsciiArmored.private_key() methods respectively.

format: ClassVar = 'PEM'

classmethod new(certificate: konnect.curl.certificates.encodings.Certificate | None = None, private_key: konnect.curl.certificates.encodings.PrivateKey | None = None) → Self

Return an instance with the encoded form of the given certificate and/or private key

classmethod from_bytes(source: bytes, /) → Self

Return a new instance from an in-memory bytes string

to_bytes() → Self

Return a bytes string representation of an instance (itself, as it subclasses bytes)

certificate() → konnect.curl.certificates.encodings.Certificate | None

Return the first certificate found in the encoded data, or None

private_key() → konnect.curl.certificates.encodings.PrivateKey | None

Return the first private key found in the encoded data

find_first(kind: type[konnect.curl.certificates.encodings.Certificate], /) → konnect.curl.certificates.encodings.Certificate

find_first(kind: type[PrivateKeyT], /) → PrivateKeyT

Return the first item with a label matching one of the provided types

class Certificate

Bases: bytes

X.509 certificates

format: ClassVar = 'DER'

label: ClassVar = 'CERTIFICATE'

classmethod from_bytes(source: bytes, /) → Self

Return a new instance from an in-memory bytes string

to_bytes() → Self

Return a bytes string representation of an instance (itself, as it subclasses bytes)

fingerprint() → str

Return the SHA1 hash of the certificate as a hexadecimal string

certificate() → Self

Return the certificate, itself

private_key() → None

Return None, this is a no-op for certificates

class ECPrivateKey(source: bytes, /)

Bases: konnect.curl.certificates.encodings.PrivateKey

ECDSA private key

format: ClassVar[str] = 'DER'

label: ClassVar[str] = 'EC PRIVATE KEY'

class Pkcs8EncryptedPrivateKey(source: bytes, /)

Bases: konnect.curl.certificates.encodings.PrivateKey

PKCS#8 encrypted private key

format: ClassVar[str] = 'DER'

label: ClassVar[str] = 'ENCRYPTED PRIVATE KEY'

class Pkcs8PrivateKey(source: bytes, /)

Bases: konnect.curl.certificates.encodings.PrivateKey

PKCS#8 unencrypted private key

format: ClassVar[str] = 'DER'

label: ClassVar[str] = 'PRIVATE KEY'

class Pkcs12

Bases: bytes

An ASN.1 container format for cryptographic data

format: ClassVar = 'P12'

classmethod new(certificate: konnect.curl.certificates.encodings.Certificate | None = None, private_key: konnect.curl.certificates.encodings.PrivateKey | None = None) → Self

Return an instance with the encoded form of the given certificate and/or private key

classmethod from_bytes(source: bytes, /) → Self

Return a new instance from an in-memory bytes string

to_bytes() → Self

Return a bytes string representation of an instance (itself, as it subclasses bytes)

certificate() → konnect.curl.certificates.encodings.Certificate | None

Return the first certificate found in the encoded data

private_key() → konnect.curl.certificates.encodings.PrivateKey | None

Return the first private key found in the encoded data

class PrivateKey(source: bytes, /)

Bases: bytes

Base class for private key containers

format: ClassVar[str]

label: ClassVar[str]

classmethod from_bytes(source: bytes, /) → Self

Return a new instance from an in-memory bytes string

to_bytes() → Self

Return a bytes string representation of an instance (itself, as it subclasses bytes)

certificate() → None

Return None, this is a no-op for private keys

private_key() → Self

Return the private key, itself

class RSAPrivateKey(source: bytes, /)

Bases: konnect.curl.certificates.encodings.PrivateKey

PKCS#1 private key

format: ClassVar[str] = 'DER'

label: ClassVar[str] = 'RSA PRIVATE KEY'