<!DOCTYPE html> <!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]--> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>crypto — Generic cryptographic module — pyOpenSSL 16.1.0 documentation</title> <link rel="stylesheet" href="../_static/css/theme.css" type="text/css" /> <link rel="index" title="Index" href="../genindex.html"/> <link rel="search" title="Search" href="../search.html"/> <link rel="top" title="pyOpenSSL 16.1.0 documentation" href="../index.html"/> <link rel="up" title="OpenSSL — Python interface to OpenSSL" href="../api.html"/> <link rel="next" title="rand — An interface to the OpenSSL pseudo random number generator" href="rand.html"/> <link rel="prev" title="OpenSSL — Python interface to OpenSSL" href="../api.html"/> <script src="../_static/js/modernizr.min.js"></script> </head> <body class="wy-body-for-nav" role="document"> <div class="wy-grid-for-nav"> <nav data-toggle="wy-nav-shift" class="wy-nav-side"> <div class="wy-side-scroll"> <div class="wy-side-nav-search"> <a href="../index.html" class="icon icon-home"> pyOpenSSL </a> <div class="version"> 16.1.0 </div> <div role="search"> <form id="rtd-search-form" class="wy-form" action="../search.html" method="get"> <input type="text" name="q" placeholder="Search docs" /> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> </div> </div> <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation"> <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="../introduction.html">Introduction</a></li> <li class="toctree-l1"><a class="reference internal" href="../install.html">Installation</a></li> <li class="toctree-l1 current"><a class="reference internal" href="../api.html"><code class="docutils literal"><span class="pre">OpenSSL</span></code> — Python interface to OpenSSL</a><ul class="current"> <li class="toctree-l2 current"><a class="current reference internal" href="#"><code class="docutils literal"><span class="pre">crypto</span></code> — Generic cryptographic module</a><ul> <li class="toctree-l3"><a class="reference internal" href="#elliptic-curves">Elliptic curves</a></li> <li class="toctree-l3"><a class="reference internal" href="#serialization-and-deserialization">Serialization and deserialization</a><ul> <li class="toctree-l4"><a class="reference internal" href="#certificates">Certificates</a></li> <li class="toctree-l4"><a class="reference internal" href="#certificate-signing-requests">Certificate signing requests</a></li> <li class="toctree-l4"><a class="reference internal" href="#private-keys">Private keys</a></li> <li class="toctree-l4"><a class="reference internal" href="#public-keys">Public keys</a></li> <li class="toctree-l4"><a class="reference internal" href="#certificate-revocation-lists">Certificate revocation lists</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="#signing-and-verifying-signatures">Signing and verifying signatures</a></li> <li class="toctree-l3"><a class="reference internal" href="#x509-objects">X509 objects</a></li> <li class="toctree-l3"><a class="reference internal" href="#x509name-objects">X509Name objects</a></li> <li class="toctree-l3"><a class="reference internal" href="#x509req-objects">X509Req objects</a></li> <li class="toctree-l3"><a class="reference internal" href="#x509store-objects">X509Store objects</a></li> <li class="toctree-l3"><a class="reference internal" href="#x509storecontexterror-objects">X509StoreContextError objects</a></li> <li class="toctree-l3"><a class="reference internal" href="#x509storecontext-objects">X509StoreContext objects</a></li> <li class="toctree-l3"><a class="reference internal" href="#x509storeflags-constants">X509StoreFlags constants</a></li> <li class="toctree-l3"><a class="reference internal" href="#pkey-objects">PKey objects</a></li> <li class="toctree-l3"><a class="reference internal" href="#pkcs7-objects">PKCS7 objects</a></li> <li class="toctree-l3"><a class="reference internal" href="#pkcs12-objects">PKCS12 objects</a></li> <li class="toctree-l3"><a class="reference internal" href="#x509extension-objects">X509Extension objects</a></li> <li class="toctree-l3"><a class="reference internal" href="#netscapespki-objects">NetscapeSPKI objects</a></li> <li class="toctree-l3"><a class="reference internal" href="#crl-objects">CRL objects</a></li> <li class="toctree-l3"><a class="reference internal" href="#revoked-objects">Revoked objects</a></li> <li class="toctree-l3"><a class="reference internal" href="#exceptions">Exceptions</a></li> <li class="toctree-l3"><a class="reference internal" href="#digest-names">Digest names</a></li> <li class="toctree-l3"><a class="reference internal" href="#backwards-compatible-type-names">Backwards compatible type names</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="rand.html"><code class="docutils literal"><span class="pre">rand</span></code> — An interface to the OpenSSL pseudo random number generator</a></li> <li class="toctree-l2"><a class="reference internal" href="ssl.html"><code class="docutils literal"><span class="pre">SSL</span></code> — An interface to the SSL-specific parts of OpenSSL</a></li> </ul> </li> <li class="toctree-l1"><a class="reference internal" href="../internals.html">Internals</a></li> </ul> <ul> <li class="toctree-l1"><a class="reference internal" href="../backward-compatibility.html">Backward Compatibility</a></li> <li class="toctree-l1"><a class="reference internal" href="../changelog.html">Changelog</a></li> </ul> </div> </div> </nav> <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"> <nav class="wy-nav-top" role="navigation" aria-label="top navigation"> <i data-toggle="wy-nav-top" class="fa fa-bars"></i> <a href="../index.html">pyOpenSSL</a> </nav> <div class="wy-nav-content"> <div class="rst-content"> <div role="navigation" aria-label="breadcrumbs navigation"> <ul class="wy-breadcrumbs"> <li><a href="../index.html">Docs</a> »</li> <li><a href="../api.html"><code class="docutils literal"><span class="pre">OpenSSL</span></code> — Python interface to OpenSSL</a> »</li> <li><code class="docutils literal"><span class="pre">crypto</span></code> — Generic cryptographic module</li> <li class="wy-breadcrumbs-aside"> <a href="../_sources/api/crypto.txt" rel="nofollow"> View page source</a> </li> </ul> <hr/> </div> <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article"> <div itemprop="articleBody"> <div class="section" id="module-OpenSSL.crypto"> <span id="crypto-generic-cryptographic-module"></span><span id="openssl-crypto"></span><h1><code class="xref py py-mod docutils literal"><span class="pre">crypto</span></code> — Generic cryptographic module<a class="headerlink" href="#module-OpenSSL.crypto" title="Permalink to this headline">¶</a></h1> <div class="section" id="elliptic-curves"> <h2>Elliptic curves<a class="headerlink" href="#elliptic-curves" title="Permalink to this headline">¶</a></h2> <dl class="function"> <dt id="OpenSSL.crypto.get_elliptic_curves"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">get_elliptic_curves</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.get_elliptic_curves" title="Permalink to this definition">¶</a></dt> <dd><p>Return a set of objects representing the elliptic curves supported in the OpenSSL build in use.</p> <p>The curve objects have a <code class="xref py py-class docutils literal"><span class="pre">unicode</span></code> <code class="docutils literal"><span class="pre">name</span></code> attribute by which they identify themselves.</p> <p>The curve objects are useful as values for the argument accepted by <code class="xref py py-meth docutils literal"><span class="pre">Context.set_tmp_ecdh()</span></code> to specify which elliptical curve should be used for ECDHE key exchange.</p> </dd></dl> <dl class="function"> <dt id="OpenSSL.crypto.get_elliptic_curve"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">get_elliptic_curve</code><span class="sig-paren">(</span><em>name</em><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.get_elliptic_curve" title="Permalink to this definition">¶</a></dt> <dd><p>Return a single curve object selected by <em>name</em>.</p> <p>See <a class="reference internal" href="#OpenSSL.crypto.get_elliptic_curves" title="OpenSSL.crypto.get_elliptic_curves"><code class="xref py py-func docutils literal"><span class="pre">get_elliptic_curves()</span></code></a> for information about curve objects.</p> <p>If the named curve is not supported then <code class="xref py py-class docutils literal"><span class="pre">ValueError</span></code> is raised.</p> </dd></dl> </div> <div class="section" id="serialization-and-deserialization"> <h2>Serialization and deserialization<a class="headerlink" href="#serialization-and-deserialization" title="Permalink to this headline">¶</a></h2> <p>The following serialization functions take one of these constants to determine the format.</p> <dl class="data"> <dt id="OpenSSL.crypto.FILETYPE_PEM"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">FILETYPE_PEM</code><a class="headerlink" href="#OpenSSL.crypto.FILETYPE_PEM" title="Permalink to this definition">¶</a></dt> <dd></dd></dl> <p><a class="reference internal" href="#OpenSSL.crypto.FILETYPE_PEM" title="OpenSSL.crypto.FILETYPE_PEM"><code class="xref py py-data docutils literal"><span class="pre">FILETYPE_PEM</span></code></a> serializes data to a Base64-encoded encoded representation of the underlying ASN.1 data structure. This representation includes delimiters that define what data structure is contained within the Base64-encoded block: for example, for a certificate, the delimiters are <code class="docutils literal"><span class="pre">-----BEGIN</span> <span class="pre">CERTIFICATE-----</span></code> and <code class="docutils literal"><span class="pre">-----END</span> <span class="pre">CERTIFICATE-----</span></code>.</p> <dl class="data"> <dt id="OpenSSL.crypto.FILETYPE_ASN1"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">FILETYPE_ASN1</code><a class="headerlink" href="#OpenSSL.crypto.FILETYPE_ASN1" title="Permalink to this definition">¶</a></dt> <dd></dd></dl> <p><a class="reference internal" href="#OpenSSL.crypto.FILETYPE_ASN1" title="OpenSSL.crypto.FILETYPE_ASN1"><code class="xref py py-data docutils literal"><span class="pre">FILETYPE_ASN1</span></code></a> serializes data to the underlying ASN.1 data structure. The format used by <a class="reference internal" href="#OpenSSL.crypto.FILETYPE_ASN1" title="OpenSSL.crypto.FILETYPE_ASN1"><code class="xref py py-data docutils literal"><span class="pre">FILETYPE_ASN1</span></code></a> is also sometimes referred to as DER.</p> <div class="section" id="certificates"> <h3>Certificates<a class="headerlink" href="#certificates" title="Permalink to this headline">¶</a></h3> <dl class="function"> <dt id="OpenSSL.crypto.dump_certificate"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">dump_certificate</code><span class="sig-paren">(</span><em>type</em>, <em>cert</em><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.dump_certificate" title="Permalink to this definition">¶</a></dt> <dd><p>Dump the certificate <em>cert</em> into a buffer string encoded with the type <em>type</em>.</p> </dd></dl> <dl class="function"> <dt id="OpenSSL.crypto.load_certificate"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">load_certificate</code><span class="sig-paren">(</span><em>type</em>, <em>buffer</em><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.load_certificate" title="Permalink to this definition">¶</a></dt> <dd><p>Load a certificate (X509) from the string <em>buffer</em> encoded with the type <em>type</em>.</p> </dd></dl> </div> <div class="section" id="certificate-signing-requests"> <h3>Certificate signing requests<a class="headerlink" href="#certificate-signing-requests" title="Permalink to this headline">¶</a></h3> <dl class="function"> <dt id="OpenSSL.crypto.dump_certificate_request"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">dump_certificate_request</code><span class="sig-paren">(</span><em>type</em>, <em>req</em><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.dump_certificate_request" title="Permalink to this definition">¶</a></dt> <dd><p>Dump the certificate request <em>req</em> into a buffer string encoded with the type <em>type</em>.</p> </dd></dl> <dl class="function"> <dt id="OpenSSL.crypto.load_certificate_request"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">load_certificate_request</code><span class="sig-paren">(</span><em>type</em>, <em>buffer</em><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.load_certificate_request" title="Permalink to this definition">¶</a></dt> <dd><p>Load a certificate request (X509Req) from the string <em>buffer</em> encoded with the type <em>type</em>.</p> </dd></dl> </div> <div class="section" id="private-keys"> <h3>Private keys<a class="headerlink" href="#private-keys" title="Permalink to this headline">¶</a></h3> <dl class="function"> <dt id="OpenSSL.crypto.load_privatekey"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">load_privatekey</code><span class="sig-paren">(</span><em>type</em>, <em>buffer</em><span class="optional">[</span>, <em>passphrase</em><span class="optional">]</span><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.load_privatekey" title="Permalink to this definition">¶</a></dt> <dd><p>Load a private key (PKey) from the string <em>buffer</em> encoded with the type <em>type</em> (must be one of <a class="reference internal" href="#OpenSSL.crypto.FILETYPE_PEM" title="OpenSSL.crypto.FILETYPE_PEM"><code class="xref py py-const docutils literal"><span class="pre">FILETYPE_PEM</span></code></a> and <a class="reference internal" href="#OpenSSL.crypto.FILETYPE_ASN1" title="OpenSSL.crypto.FILETYPE_ASN1"><code class="xref py py-const docutils literal"><span class="pre">FILETYPE_ASN1</span></code></a>).</p> <p><em>passphrase</em> must be either a string or a callback for providing the pass phrase.</p> </dd></dl> </div> <div class="section" id="public-keys"> <h3>Public keys<a class="headerlink" href="#public-keys" title="Permalink to this headline">¶</a></h3> </div> <div class="section" id="certificate-revocation-lists"> <h3>Certificate revocation lists<a class="headerlink" href="#certificate-revocation-lists" title="Permalink to this headline">¶</a></h3> <dl class="function"> <dt id="OpenSSL.crypto.load_crl"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">load_crl</code><span class="sig-paren">(</span><em>type</em>, <em>buffer</em><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.load_crl" title="Permalink to this definition">¶</a></dt> <dd><p>Load Certificate Revocation List (CRL) data from a string <em>buffer</em>. <em>buffer</em> encoded with the type <em>type</em>. The type <em>type</em> must either <a class="reference internal" href="#OpenSSL.crypto.FILETYPE_PEM" title="OpenSSL.crypto.FILETYPE_PEM"><code class="xref py py-const docutils literal"><span class="pre">FILETYPE_PEM</span></code></a> or <a class="reference internal" href="#OpenSSL.crypto.FILETYPE_ASN1" title="OpenSSL.crypto.FILETYPE_ASN1"><code class="xref py py-const docutils literal"><span class="pre">FILETYPE_ASN1</span></code></a>).</p> </dd></dl> <dl class="function"> <dt id="OpenSSL.crypto.load_pkcs7_data"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">load_pkcs7_data</code><span class="sig-paren">(</span><em>type</em>, <em>buffer</em><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.load_pkcs7_data" title="Permalink to this definition">¶</a></dt> <dd><p>Load pkcs7 data from the string <em>buffer</em> encoded with the type <em>type</em>. The type <em>type</em> must either <a class="reference internal" href="#OpenSSL.crypto.FILETYPE_PEM" title="OpenSSL.crypto.FILETYPE_PEM"><code class="xref py py-const docutils literal"><span class="pre">FILETYPE_PEM</span></code></a> or <a class="reference internal" href="#OpenSSL.crypto.FILETYPE_ASN1" title="OpenSSL.crypto.FILETYPE_ASN1"><code class="xref py py-const docutils literal"><span class="pre">FILETYPE_ASN1</span></code></a>).</p> </dd></dl> <dl class="function"> <dt id="OpenSSL.crypto.load_pkcs12"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">load_pkcs12</code><span class="sig-paren">(</span><em>buffer</em><span class="optional">[</span>, <em>passphrase</em><span class="optional">]</span><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.load_pkcs12" title="Permalink to this definition">¶</a></dt> <dd><p>Load pkcs12 data from the string <em>buffer</em>. If the pkcs12 structure is encrypted, a <em>passphrase</em> must be included. The MAC is always checked and thus required.</p> <p>See also the man page for the C function <code class="xref py py-func docutils literal"><span class="pre">PKCS12_parse()</span></code>.</p> </dd></dl> </div> </div> <div class="section" id="signing-and-verifying-signatures"> <h2>Signing and verifying signatures<a class="headerlink" href="#signing-and-verifying-signatures" title="Permalink to this headline">¶</a></h2> <dl class="function"> <dt id="OpenSSL.crypto.sign"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">sign</code><span class="sig-paren">(</span><em>key</em>, <em>data</em>, <em>digest</em><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.sign" title="Permalink to this definition">¶</a></dt> <dd><p>Sign a data string using the given key and message digest.</p> <p><em>key</em> is a <code class="xref py py-class docutils literal"><span class="pre">PKey</span></code> instance. <em>data</em> is a <code class="docutils literal"><span class="pre">str</span></code> instance. <em>digest</em> is a <code class="docutils literal"><span class="pre">str</span></code> naming a supported message digest type, for example <code class="xref py py-const docutils literal"><span class="pre">sha1</span></code>.</p> <div class="versionadded"> <p><span class="versionmodified">New in version 0.11.</span></p> </div> </dd></dl> <dl class="function"> <dt id="OpenSSL.crypto.verify"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">verify</code><span class="sig-paren">(</span><em>certificate</em>, <em>signature</em>, <em>data</em>, <em>digest</em><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.verify" title="Permalink to this definition">¶</a></dt> <dd><p>Verify the signature for a data string.</p> <p><em>certificate</em> is a <code class="xref py py-class docutils literal"><span class="pre">X509</span></code> instance corresponding to the private key which generated the signature. <em>signature</em> is a <em>str</em> instance giving the signature itself. <em>data</em> is a <em>str</em> instance giving the data to which the signature applies. <em>digest</em> is a <em>str</em> instance naming the message digest type of the signature, for example <code class="xref py py-const docutils literal"><span class="pre">sha1</span></code>.</p> <div class="versionadded"> <p><span class="versionmodified">New in version 0.11.</span></p> </div> </dd></dl> </div> <div class="section" id="x509-objects"> <span id="openssl-x509"></span><h2>X509 objects<a class="headerlink" href="#x509-objects" title="Permalink to this headline">¶</a></h2> </div> <div class="section" id="x509name-objects"> <span id="openssl-x509name"></span><h2>X509Name objects<a class="headerlink" href="#x509name-objects" title="Permalink to this headline">¶</a></h2> </div> <div class="section" id="x509req-objects"> <span id="openssl-x509req"></span><h2>X509Req objects<a class="headerlink" href="#x509req-objects" title="Permalink to this headline">¶</a></h2> </div> <div class="section" id="x509store-objects"> <span id="openssl-x509store"></span><h2>X509Store objects<a class="headerlink" href="#x509store-objects" title="Permalink to this headline">¶</a></h2> </div> <div class="section" id="x509storecontexterror-objects"> <span id="openssl-x509storecontexterror"></span><h2>X509StoreContextError objects<a class="headerlink" href="#x509storecontexterror-objects" title="Permalink to this headline">¶</a></h2> </div> <div class="section" id="x509storecontext-objects"> <span id="openssl-x509storecontext"></span><h2>X509StoreContext objects<a class="headerlink" href="#x509storecontext-objects" title="Permalink to this headline">¶</a></h2> </div> <div class="section" id="x509storeflags-constants"> <span id="openssl-pkey"></span><h2>X509StoreFlags constants<a class="headerlink" href="#x509storeflags-constants" title="Permalink to this headline">¶</a></h2> </div> <div class="section" id="pkey-objects"> <span id="openssl-x509storeflags"></span><h2>PKey objects<a class="headerlink" href="#pkey-objects" title="Permalink to this headline">¶</a></h2> <span class="target" id="openssl-pkcs7"></span><dl class="data"> <dt id="OpenSSL.crypto.TYPE_RSA"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">TYPE_RSA</code><a class="headerlink" href="#OpenSSL.crypto.TYPE_RSA" title="Permalink to this definition">¶</a></dt> <dt id="OpenSSL.crypto.TYPE_DSA"> <code class="descclassname">OpenSSL.crypto.</code><code class="descname">TYPE_DSA</code><a class="headerlink" href="#OpenSSL.crypto.TYPE_DSA" title="Permalink to this definition">¶</a></dt> <dd><p>Key type constants.</p> </dd></dl> </div> <div class="section" id="pkcs7-objects"> <h2>PKCS7 objects<a class="headerlink" href="#pkcs7-objects" title="Permalink to this headline">¶</a></h2> <p>PKCS7 objects have the following methods:</p> <dl class="method"> <dt id="OpenSSL.crypto.PKCS7.type_is_signed"> <code class="descclassname">PKCS7.</code><code class="descname">type_is_signed</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.PKCS7.type_is_signed" title="Permalink to this definition">¶</a></dt> <dd><p>FIXME</p> </dd></dl> <dl class="method"> <dt id="OpenSSL.crypto.PKCS7.type_is_enveloped"> <code class="descclassname">PKCS7.</code><code class="descname">type_is_enveloped</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.PKCS7.type_is_enveloped" title="Permalink to this definition">¶</a></dt> <dd><p>FIXME</p> </dd></dl> <dl class="method"> <dt id="OpenSSL.crypto.PKCS7.type_is_signedAndEnveloped"> <code class="descclassname">PKCS7.</code><code class="descname">type_is_signedAndEnveloped</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.PKCS7.type_is_signedAndEnveloped" title="Permalink to this definition">¶</a></dt> <dd><p>FIXME</p> </dd></dl> <dl class="method"> <dt id="OpenSSL.crypto.PKCS7.type_is_data"> <code class="descclassname">PKCS7.</code><code class="descname">type_is_data</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.PKCS7.type_is_data" title="Permalink to this definition">¶</a></dt> <dd><p>FIXME</p> </dd></dl> <dl class="method"> <dt id="OpenSSL.crypto.PKCS7.get_type_name"> <code class="descclassname">PKCS7.</code><code class="descname">get_type_name</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="headerlink" href="#OpenSSL.crypto.PKCS7.get_type_name" title="Permalink to this definition">¶</a></dt> <dd><p>Get the type name of the PKCS7.</p> </dd></dl> </div> <div class="section" id="pkcs12-objects"> <span id="openssl-pkcs12"></span><h2>PKCS12 objects<a class="headerlink" href="#pkcs12-objects" title="Permalink to this headline">¶</a></h2> </div> <div class="section" id="x509extension-objects"> <span id="openssl-509ext"></span><h2>X509Extension objects<a class="headerlink" href="#x509extension-objects" title="Permalink to this headline">¶</a></h2> </div> <div class="section" id="netscapespki-objects"> <span id="openssl-netscape-spki"></span><h2>NetscapeSPKI objects<a class="headerlink" href="#netscapespki-objects" title="Permalink to this headline">¶</a></h2> </div> <div class="section" id="crl-objects"> <span id="crl"></span><h2>CRL objects<a class="headerlink" href="#crl-objects" title="Permalink to this headline">¶</a></h2> </div> <div class="section" id="revoked-objects"> <span id="revoked"></span><h2>Revoked objects<a class="headerlink" href="#revoked-objects" title="Permalink to this headline">¶</a></h2> </div> <div class="section" id="exceptions"> <h2>Exceptions<a class="headerlink" href="#exceptions" title="Permalink to this headline">¶</a></h2> <dl class="exception"> <dt id="OpenSSL.crypto.Error"> <em class="property">exception </em><code class="descclassname">OpenSSL.crypto.</code><code class="descname">Error</code><a class="headerlink" href="#OpenSSL.crypto.Error" title="Permalink to this definition">¶</a></dt> <dd><p>Generic exception used in the <a class="reference internal" href="#module-OpenSSL.crypto" title="OpenSSL.crypto: Generic cryptographic module"><code class="xref py py-mod docutils literal"><span class="pre">crypto</span></code></a> module.</p> </dd></dl> </div> <div class="section" id="digest-names"> <h2>Digest names<a class="headerlink" href="#digest-names" title="Permalink to this headline">¶</a></h2> <p>Several of the functions and methods in this module take a digest name. These must be strings describing a digest algorithm supported by OpenSSL (by <code class="docutils literal"><span class="pre">EVP_get_digestbyname</span></code>, specifically). For example, <code class="xref py py-const docutils literal"><span class="pre">b"md5"</span></code> or <code class="xref py py-const docutils literal"><span class="pre">b"sha1"</span></code>.</p> <p>More information and a list of these digest names can be found in the <code class="docutils literal"><span class="pre">EVP_DigestInit(3)</span></code> man page of your OpenSSL installation. This page can be found online for the latest version of OpenSSL: <a class="reference external" href="https://www.openssl.org/docs/manmaster/crypto/EVP_DigestInit.html">https://www.openssl.org/docs/manmaster/crypto/EVP_DigestInit.html</a></p> </div> <div class="section" id="backwards-compatible-type-names"> <h2>Backwards compatible type names<a class="headerlink" href="#backwards-compatible-type-names" title="Permalink to this headline">¶</a></h2> <p>When pyOpenSSL was originally written, the most current version of Python was 2.1. It made a distinction between classes and types. None of the versions of Python currently supported by pyOpenSSL still enforce that distinction: the type of an instance of an <code class="xref py py-class docutils literal"><span class="pre">X509</span></code> object is now simply <code class="xref py py-class docutils literal"><span class="pre">X509</span></code>. Originally, the type would have been <code class="xref py py-class docutils literal"><span class="pre">X509Type</span></code>. These days, <code class="xref py py-class docutils literal"><span class="pre">X509Type</span></code> and <code class="xref py py-class docutils literal"><span class="pre">X509</span></code> are literally the same object. pyOpenSSL maintains these old names for backwards compatibility.</p> <p>Here’s a table of these backwards-compatible names:</p> <table border="1" class="docutils"> <colgroup> <col width="46%" /> <col width="54%" /> </colgroup> <thead valign="bottom"> <tr class="row-odd"><th class="head">Type name</th> <th class="head">Backwards-compatible name</th> </tr> </thead> <tbody valign="top"> <tr class="row-even"><td><code class="xref py py-class docutils literal"><span class="pre">X509</span></code></td> <td><code class="xref py py-class docutils literal"><span class="pre">X509Type</span></code></td> </tr> <tr class="row-odd"><td><code class="xref py py-class docutils literal"><span class="pre">X509Name</span></code></td> <td><code class="xref py py-class docutils literal"><span class="pre">X509NameType</span></code></td> </tr> <tr class="row-even"><td><code class="xref py py-class docutils literal"><span class="pre">X509Req</span></code></td> <td><code class="xref py py-class docutils literal"><span class="pre">X509ReqType</span></code></td> </tr> <tr class="row-odd"><td><code class="xref py py-class docutils literal"><span class="pre">X509Store</span></code></td> <td><code class="xref py py-class docutils literal"><span class="pre">X509StoreType</span></code></td> </tr> <tr class="row-even"><td><code class="xref py py-class docutils literal"><span class="pre">X509Extension</span></code></td> <td><code class="xref py py-class docutils literal"><span class="pre">X509ExtensionType</span></code></td> </tr> <tr class="row-odd"><td><code class="xref py py-class docutils literal"><span class="pre">PKey</span></code></td> <td><code class="xref py py-class docutils literal"><span class="pre">PKeyType</span></code></td> </tr> <tr class="row-even"><td><code class="xref py py-class docutils literal"><span class="pre">PKCS7</span></code></td> <td><code class="xref py py-class docutils literal"><span class="pre">PKCS7Type</span></code></td> </tr> <tr class="row-odd"><td><code class="xref py py-class docutils literal"><span class="pre">PKCS12</span></code></td> <td><code class="xref py py-class docutils literal"><span class="pre">PKCS12Type</span></code></td> </tr> <tr class="row-even"><td><code class="xref py py-class docutils literal"><span class="pre">NetscapeSPKI</span></code></td> <td><code class="xref py py-class docutils literal"><span class="pre">NetscapeSPKIType</span></code></td> </tr> <tr class="row-odd"><td><code class="xref py py-class docutils literal"><span class="pre">CRL</span></code></td> <td><code class="xref py py-class docutils literal"><span class="pre">CRLType</span></code></td> </tr> </tbody> </table> <p>Some objects, such as <code class="xref py py-class docutils literal"><span class="pre">Revoked</span></code>, don’t have <code class="docutils literal"><span class="pre">Type</span></code> equivalents, because they were added after the restriction had been lifted.</p> </div> </div> </div> </div> <footer> <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation"> <a href="rand.html" class="btn btn-neutral float-right" title="rand — An interface to the OpenSSL pseudo random number generator" accesskey="n">Next <span class="fa fa-arrow-circle-right"></span></a> <a href="../api.html" class="btn btn-neutral" title="OpenSSL — Python interface to OpenSSL" accesskey="p"><span class="fa fa-arrow-circle-left"></span> Previous</a> </div> <hr/> <div role="contentinfo"> <p> © Copyright 2001-2017, The pyOpenSSL developers. </p> </div> Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>. </footer> </div> </div> </section> </div> <script type="text/javascript"> var DOCUMENTATION_OPTIONS = { URL_ROOT:'../', VERSION:'16.1.0', COLLAPSE_INDEX:false, FILE_SUFFIX:'.html', HAS_SOURCE: true }; </script> <script type="text/javascript" src="../_static/jquery.js"></script> <script type="text/javascript" src="../_static/underscore.js"></script> <script type="text/javascript" src="../_static/doctools.js"></script> <script type="text/javascript" src="../_static/js/theme.js"></script> <script type="text/javascript"> jQuery(function () { SphinxRtdTheme.StickyNav.enable(); }); </script> </body> </html>