pyx509_ph4

Release 0.2.2

Parse x509v3 certificates and PKCS7 signatures

Homepage PyPI Python

Keywords
certificates, cryptography, parser, python-library, x509, x509-parser
License
Other
Install
pip install pyx509_ph4==0.2.2

Documentation

pyx509: X.509 Certificate and PKCS7 Parser / Verifier for Python

This is a fork of the original project:

pyx509 - Python library for parsing X.509 Copyright (C) 2009-2012 CZ.NIC, z.s.p.o. (http://www.nic.cz)

Work in progress!

Description

This is probably the most complete parser of X.509 certificates in python.

Code is in alpha stage! Don't use for anything sensitive. I wrote it (based on previous work of colleagues) since there is no comprehensive python parser for X.509 certificates. Often python programmers had to parse openssl output.

Advantages

  • I find it less painful to use than parsing output of 'openssl x509' somewhat stricter in extension parsing compared to openssl

Disadvantages

  • It's slow compared to openssl (about 2.3x compared to RHEL's openssl-1.0-fips)
  • Currently not very strict in what string types in RDNs it accepts
  • API is still rather ugly and has no documentation yet; code is nasty at some places (and there's some old dangling code like pkcs7/verifier.py)

Dependencies

  • pyasn1 >= 0.1.7

Installation

Install with pip:

pip install pyx509_ph4

License

LGPL v2 or later.

See LICENSE.txt.

Known bugs and quirks

  • Subject alternative name doesn't show all subtypes, but 'DNS', 'dirName' and 'email' are supported.
  • Name constraints don't distinguish among various GeneralName subtypes
  • Some extensions are not shown very nicely when put in string format
  • Not all extensions are supported
  • String types accepted for various RDN subelements are rather too permissive
  • RDN string conversion does not conform to RFC 4514
  • Badly formed extensions are ignored if not marked critical
    • easy to switch to more strict behavior
    • other clients do this as well; RFC 5280 specifies behavior for unknown elements in extensions in appendix B.1, but does not cover all cases (e.g. element exists, but with string type different from spec)

TODO

Stats

Dependencies
0
Dependent packages
0
Dependent repositories
0
Total releases
7
Latest release
First release
Stars
1
Forks
1
Watchers
1
Contributors
0
Repository size
127 KB
SourceRank
7

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.2.2
0.2.1
0.2.0
0.1.9
0.1.8
0.1.7
0.1.6

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-02-20 21:34:57 UTC

Login to resync this project