M2Crypto Package
M2Crypto
Package
ASN1
Module
- class M2Crypto.ASN1.ASN1_Integer(asn1int: ASN1_Integer, _pyfree: int = 0)[source]
Bases:
object
- m2_asn1_integer_free()
- class M2Crypto.ASN1.ASN1_Object(asn1obj: ASN1_Object, _pyfree: int = 0)[source]
Bases:
object
- m2_asn1_object_free()
- class M2Crypto.ASN1.ASN1_String(asn1str: ASN1_String, _pyfree: int = 0)[source]
Bases:
object
- as_text(flags: int = 0) str [source]
Output an ASN1_STRING structure according to the set flags.
- Parameters:
flags – determine the format of the output by using predetermined constants, see ASN1_STRING_print_ex(3) manpage for their meaning.
- Returns:
output an ASN1_STRING structure.
- m2_asn1_string_free()
- class M2Crypto.ASN1.ASN1_TIME(asn1_time: ASN1_TIME | None = None, _pyfree: int | None = 0, asn1_utctime: ASN1_TIME | None = None)[source]
Bases:
object
- get_datetime() datetime [source]
Get time as datetime.datetime object
- Returns:
always return datetime object
- Raises:
ValueError if anything wrong happens
- m2_asn1_time_free()
- set_datetime(date: datetime) ASN1_TIME [source]
Set time from datetime.datetime object.
- Returns:
pointer to a time structure or NULL if an error occurred
AuthCookie
Module
- class M2Crypto.AuthCookie.AuthCookie(expiry: float, data: str, dough: str, mac: str)[source]
Bases:
object
- class M2Crypto.AuthCookie.AuthCookieJar[source]
Bases:
object
- isGoodCookie(cookie: AuthCookie) bool | int [source]
- makeCookie(expiry: float, data: str) AuthCookie [source]
Make a cookie
- Parameters:
expiry – expiration time (float in seconds)
data – cookie content
- Returns:
AuthCookie object
- M2Crypto.AuthCookie.mix(expiry: float, data: AnyStr, format: str = 'exp=%f&data=%s&digest=') AnyStr [source]
BIO
Module
- class M2Crypto.BIO.BIO(bio: BIO | None = None, _pyfree: int = 0, _close_cb: Callable | None = None)[source]
Bases:
object
Abstract object interface to the BIO API.
- bio_ptr()
- m2_bio_free()
- reset() int [source]
Set the bio to its initial state.
- Returns:
1 for success, and 0 or -1 for failure
- class M2Crypto.BIO.CipherStream(obio: BIO)[source]
Bases:
BIO
Object interface to BIO_f_cipher.
- SALT_LEN = 8
- m2_bio_free()
- m2_bio_pop()
- class M2Crypto.BIO.File(pyfile: BytesIO | AnyStr, close_pyfile: int = 1, mode: AnyStr = 'rb')[source]
Bases:
BIO
Object interface to BIO_s_pyfd.
This class interfaces Python to OpenSSL functions that expect BIO. For general file manipulation in Python, use Python’s builtin file object.
- class M2Crypto.BIO.IOBuffer(under_bio: BIO, mode: str = 'rwb', _pyfree: int = 1)[source]
Bases:
BIO
Object interface to BIO_f_buffer.
Its principal function is to be BIO_push()’ed on top of a BIO_f_ssl, so that makefile() of said underlying SSL socket works.
- m2_bio_free()
- m2_bio_pop()
- class M2Crypto.BIO.MemoryBuffer(data: bytes | None = None)[source]
Bases:
BIO
Object interface to BIO_s_mem.
Empirical testing suggests that this class performs less well than cStringIO, because cStringIO is implemented in C, whereas this class is implemented in Python. Thus, the recommended practice is to use cStringIO for regular work and convert said cStringIO object to a MemoryBuffer object only when necessary.
- close() None
- getvalue(size: int = 0) bytes
- read_all(size: int = 0) bytes
BN
Module
- M2Crypto.BN.rand(bits: int, top: int = -1, bottom: int = 0) int | None [source]
Generate cryptographically strong random number.
- Parameters:
bits – Length of random number in bits.
top – If -1, the most significant bit can be 0. If 0, the most significant bit is 1, and if 1, the two most significant bits will be 1.
bottom – If bottom is true, the number will be odd.
DH
Module
- class M2Crypto.DH.DH(dh: bytes, _pyfree: int = 0)[source]
Bases:
object
Object interface to the Diffie-Hellman key exchange protocol.
- m2_dh_free()
DSA
Module
- class M2Crypto.DSA.DSA(dsa: bytes, _pyfree: int = 0)[source]
Bases:
object
This class is a context supporting DSA key and parameter values, signing and verifying.
Simple example:
from M2Crypto import EVP, DSA, util message = 'Kilroy was here!' md = EVP.MessageDigest('sha1') md.update(message) digest = md.final() dsa = DSA.gen_params(1024) dsa.gen_key() r, s = dsa.sign(digest) good = dsa.verify(digest, r, s) if good: print(' ** success **') else: print(' ** verification failed **')
- check_key()[source]
Check to be sure the DSA object has a valid private key.
- Returns:
1 (true) if a valid private key
- m2_dsa_free()
- save_key(filename: AnyStr, cipher: str = 'aes_128_cbc', callback: ~typing.Callable = <function passphrase_callback>) int [source]
Save the DSA key pair to a file.
- Parameters:
filename – Save the DSA key pair to this file.
cipher – name of symmetric key algorithm and mode to encrypt the private key.
- Returns:
1 (true) if successful
- save_key_bio(bio: ~M2Crypto.BIO.BIO, cipher: str = 'aes_128_cbc', callback: ~typing.Callable = <function passphrase_callback>) int [source]
Save DSA key pair to a BIO object.
- Parameters:
bio – Save DSA parameters to this object.
cipher – name of symmetric key algorithm and mode to encrypt the private key.
- Returns:
1 (true) if successful
- save_params(filename: AnyStr) int [source]
Save the DSA parameters to a file.
- Parameters:
filename – Save the DSA parameters to this file.
- Returns:
1 (true) if successful
- save_params_bio(bio: BIO) int [source]
Save DSA parameters to a BIO object.
- Parameters:
bio – Save DSA parameters to this object.
- Returns:
1 (true) if successful
- save_pub_key(filename: AnyStr) int [source]
Save the DSA public key (with parameters) to a file.
- Parameters:
filename – Save DSA public key (with parameters) to this file.
- Returns:
1 (true) if successful
- save_pub_key_bio(bio: BIO) int [source]
Save DSA public key (with parameters) to a BIO object.
- Parameters:
bio – Save DSA public key (with parameters) to this object.
- Returns:
1 (true) if successful
- set_params(p: bytes, q: bytes, g: bytes) None [source]
Set new parameters.
- Parameters:
p – MPI binary representation … format that consists of the number’s length in bytes represented as a 4-byte big-endian number, and the number itself in big-endian format, where the most significant bit signals a negative number (the representation of numbers with the MSB set is prefixed with null byte).
q – ditto
g – ditto
- @warning: This does not change the private key, so it may be
unsafe to use this method. It is better to use gen_params function to create a new DSA object.
- sign(digest: bytes) Tuple[bytes, bytes] [source]
Sign the digest.
- Parameters:
digest – SHA-1 hash of message (same as output from MessageDigest, a “byte string”)
- Returns:
DSA signature, a tuple of two values, r and s, both “byte strings”.
- verify(digest: bytes, r: bytes, s: bytes) int [source]
Verify a newly calculated digest against the signature values r and s.
- Parameters:
digest – SHA-1 hash of message (same as output from MessageDigest, a “byte string”)
r – r value of the signature, a “byte string”
s – s value of the signature, a “byte string”
- Returns:
1 (true) if verify succeeded, 0 if failed
- class M2Crypto.DSA.DSA_pub(dsa: bytes, _pyfree: int = 0)[source]
Bases:
DSA
This class is a DSA context that only supports a public key and verification. It does NOT support a private key or signing.
- save_key(filename: AnyStr) int
Save the DSA public key (with parameters) to a file.
- Parameters:
filename – Save DSA public key (with parameters) to this file.
- Returns:
1 (true) if successful
- save_key_bio(bio: BIO) int
Save DSA public key (with parameters) to a BIO object.
- Parameters:
bio – Save DSA public key (with parameters) to this object.
- Returns:
1 (true) if successful
- sign(*argv: Any) None [source]
Sign the digest.
- Parameters:
digest – SHA-1 hash of message (same as output from MessageDigest, a “byte string”)
- Returns:
DSA signature, a tuple of two values, r and s, both “byte strings”.
- sign_asn1(*argv: Any) None
Sign the digest.
- Parameters:
digest – SHA-1 hash of message (same as output from MessageDigest, a “byte string”)
- Returns:
DSA signature, a tuple of two values, r and s, both “byte strings”.
- M2Crypto.DSA.gen_params(bits: int, callback: ~typing.Callable = <function genparam_callback>) DSA [source]
Factory function that generates DSA parameters and instantiates a DSA object from the output.
- Parameters:
bits – The length of the prime to be generated. If ‘bits’ < 512, it is set to 512.
callback – A Python callback object that will be invoked during parameter generation; it usual purpose is to provide visual feedback.
- Returns:
instance of DSA.
- M2Crypto.DSA.load_key(file: AnyStr, callback: ~typing.Callable = <function passphrase_callback>) DSA [source]
Factory function that instantiates a DSA object from a PEM encoded DSA key pair.
- Parameters:
file – Names the file (a path) that contains the PEM representation of the DSA key pair.
callback – A Python callback object that will be invoked if the DSA key pair is passphrase-protected.
- Returns:
instance of DSA.
- M2Crypto.DSA.load_key_bio(bio: ~M2Crypto.BIO.BIO, callback: ~typing.Callable = <function passphrase_callback>) DSA [source]
Factory function that instantiates a DSA object from a PEM encoded DSA key pair.
- Parameters:
bio – Contains the PEM representation of the DSA key pair.
callback – A Python callback object that will be invoked if the DSA key pair is passphrase-protected.
- Returns:
instance of DSA.
- M2Crypto.DSA.load_params(file: AnyStr, callback: ~typing.Callable = <function passphrase_callback>) DSA [source]
Factory function that instantiates a DSA object with DSA parameters from a file.
- Parameters:
file – Names the file (a path) that contains the PEM representation of the DSA parameters.
callback – A Python callback object that will be invoked if the DSA parameters file is passphrase-protected.
- Returns:
instance of DSA.
- M2Crypto.DSA.load_params_bio(bio: ~M2Crypto.BIO.BIO, callback: ~typing.Callable = <function passphrase_callback>) DSA [source]
Factory function that instantiates a DSA object with DSA parameters from a M2Crypto.BIO object.
- Parameters:
bio – Contains the PEM representation of the DSA parameters.
callback – A Python callback object that will be invoked if the DSA parameters file is passphrase-protected.
- Returns:
instance of DSA.
- M2Crypto.DSA.load_pub_key(file: AnyStr, callback: ~typing.Callable = <function passphrase_callback>) DSA_pub [source]
Factory function that instantiates a DSA_pub object using a DSA public key contained in PEM file. The PEM file must contain the parameters in addition to the public key.
- Parameters:
file – Names the file (a path) that contains the PEM representation of the DSA public key.
callback – A Python callback object that will be invoked should the DSA public key be passphrase-protected.
- Returns:
instance of DSA_pub.
- M2Crypto.DSA.load_pub_key_bio(bio: ~M2Crypto.BIO.BIO, callback: ~typing.Callable = <function passphrase_callback>) DSA_pub [source]
Factory function that instantiates a DSA_pub object using a DSA public key contained in PEM format. The PEM must contain the parameters in addition to the public key.
- Parameters:
bio – Contains the PEM representation of the DSA public key (with params).
callback – A Python callback object that will be invoked should the DSA public key be passphrase-protected.
- Returns:
instance of DSA_pub.
- M2Crypto.DSA.pub_key_from_params(p: bytes, q: bytes, g: bytes, pub: bytes) DSA_pub [source]
Factory function that instantiates a DSA_pub object using the parameters and public key specified.
- Parameters:
p – value of p
q – value of q
g – value of g
pub – value of the public key
- Returns:
instance of DSA_pub.
EC
Module
- class M2Crypto.EC.EC(ec: EC, _pyfree: int = 0)[source]
Bases:
object
Object interface to a EC key pair.
- as_pem(cipher='aes_128_cbc', callback=<function passphrase_callback>)[source]
Returns the key(pair) as a string in PEM format. If no password is passed and the cipher is set it exits with error
- compute_dh_key(pub_key: EC) bytes | None [source]
Compute the ECDH shared key of this key pair and the given public key object. They must both use the same curve. Returns the shared key in binary as a buffer object. No Key Derivation Function is applied.
- gen_key() int [source]
Generates the key pair from its parameters. Use:
keypair = EC.gen_params(curve) keypair.gen_key()
to create an EC key pair.
- m2_ec_key_free()
- save_key(file: AnyStr, cipher: str | None = 'aes_128_cbc', callback: ~typing.Callable = <function passphrase_callback>) int [source]
Save the key pair to a file in PEM format.
- Parameters:
file – Name of filename to save key to.
cipher – Symmetric cipher to protect the key. The default cipher is ‘aes_128_cbc’. If cipher is None, then the key is saved in the clear.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
- save_key_bio(bio: ~M2Crypto.BIO.BIO, cipher: str | None = 'aes_128_cbc', callback: ~typing.Callable = <function passphrase_callback>) int [source]
Save the key pair to an M2Crypto.BIO.BIO object in PEM format.
- Parameters:
bio – M2Crypto.BIO.BIO object to save key to.
cipher – Symmetric cipher to protect the key. The default cipher is ‘aes_128_cbc’. If cipher is None, then the key is saved in the clear.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
- save_pub_key(file: AnyStr) int [source]
Save the public key to a filename in PEM format.
- Parameters:
file – Name of filename to save key to.
- save_pub_key_bio(bio: BIO) int [source]
Save the public key to an M2Crypto.BIO.BIO object in PEM format.
- Parameters:
bio – M2Crypto.BIO.BIO object to save key to.
- sign_dsa(digest: bytes) Tuple[bytes, bytes] [source]
Sign the given digest using ECDSA. Returns a tuple (r,s), the two ECDSA signature parameters.
- class M2Crypto.EC.EC_pub(ec: EC, _pyfree: int = 0)[source]
Bases:
EC
Object interface to an EC public key. ((don’t like this implementation inheritance))
- as_pem()[source]
Returns the key(pair) as a string in PEM format. If no password is passed and the cipher is set it exits with error
- save_key(file: AnyStr) int
Save the public key to a filename in PEM format.
- Parameters:
file – Name of filename to save key to.
- M2Crypto.EC.gen_params(curve: int) EC [source]
Factory function that generates EC parameters and instantiates a EC object from the output.
- Parameters:
curve – This is the OpenSSL nid of the curve to use.
- M2Crypto.EC.load_key(file: AnyStr, callback: ~typing.Callable = <function passphrase_callback>) EC [source]
Factory function that instantiates a EC object.
- Parameters:
file – Names the filename that contains the PEM representation of the EC key pair.
callback – Python callback object that will be invoked if the EC key pair is passphrase-protected.
- M2Crypto.EC.load_key_bio(bio: ~M2Crypto.BIO.BIO, callback: ~typing.Callable = <function passphrase_callback>) EC [source]
Factory function that instantiates a EC object.
- Parameters:
bio – M2Crypto.BIO object that contains the PEM representation of the EC key pair.
callback – Python callback object that will be invoked if the EC key pair is passphrase-protected.
- M2Crypto.EC.load_key_string(string: str, callback: ~typing.Callable = <function passphrase_callback>) EC [source]
Load an EC key pair from a string.
- Parameters:
string – String containing EC key pair in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to unlock the key. The default is util.passphrase_callback.
- Returns:
M2Crypto.EC.EC object.
- M2Crypto.EC.load_key_string_pubkey(string: str, callback: Callable = <function passphrase_callback>) EC.PKey [source]
Load an M2Crypto.EC.PKey from a public key as a string.
- Parameters:
string – String containing the key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key.
- Returns:
M2Crypto.EC.PKey object.
- M2Crypto.EC.load_pub_key(file: AnyStr) EC_pub [source]
Load an EC public key from filename.
- Parameters:
file – Name of filename containing EC public key in PEM format.
- Returns:
M2Crypto.EC.EC_pub object.
EVP
Module
- class M2Crypto.EVP.Cipher(alg: str, key: bytes, iv: bytes, op: object, key_as_bytes: int = 0, d: str = 'md5', salt: bytes = b'12345678', i: int = 1, padding: int = 1)[source]
Bases:
object
- m2_cipher_ctx_free()
- class M2Crypto.EVP.HMAC(key: bytes, algo: str = 'sha1')[source]
Bases:
object
- digest() bytes
- m2_hmac_ctx_free()
- class M2Crypto.EVP.MessageDigest(algo: str)[source]
Bases:
object
Message Digest
- digest()
- m2_md_ctx_free()
- class M2Crypto.EVP.PKey(pkey: bytes | None = None, _pyfree: int = 0, md: str = 'sha1')[source]
Bases:
object
Object to hold diverse types of asymmetric keys (also known as “key pairs”).
- as_pem(cipher: str | None = 'aes_128_cbc', callback: ~typing.Callable = <function passphrase_callback>) bytes [source]
Return key in PEM format in a string.
- Parameters:
cipher – Symmetric cipher to protect the key. The default cipher is
'aes_128_cbc'
. If cipher is None, then the key is saved in the clear.callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
- assign_ec(ec: EC, capture: int = 1) int [source]
Assign the EC key pair to self.
- Parameters:
ec – M2Crypto.EC.EC object to be assigned to self.
capture – If true (default), this PKey object will own the EC object, meaning that once the PKey object gets deleted it is no longer safe to use the EC object.
- Returns:
Return 1 for success and 0 for failure.
- assign_rsa(rsa: RSA, capture: int = 1) int [source]
Assign the RSA key pair to self.
- Parameters:
rsa – M2Crypto.RSA.RSA object to be assigned to self.
capture – If true (default), this PKey object will own the RSA object, meaning that once the PKey object gets deleted it is no longer safe to use the RSA object.
- Returns:
Return 1 for success and 0 for failure.
- digest_sign_update(data: bytes) None [source]
Feed data to digest signing operation.
- Parameters:
data – Data to be signed.
- digest_verify()[source]
Return result of verification.
- Parameters:
sign – Signature to use for verification
data – Data to be verified.
- Returns:
Result of verification: 1 for success, 0 for failure, -1 on other error.
- digest_verify_final(sign: bytes) int [source]
Feed data to digest verification operation.
- Parameters:
sign – Signature to use for verification
- Returns:
Result of verification: 1 for success, 0 for failure, -1 on other error.
- digest_verify_update(data: bytes) int [source]
Feed data to verification operation.
- Parameters:
data – Data to be verified.
- Returns:
-1 on Python error, 1 for success, 0 for OpenSSL error
- final() bytes
Return signature.
- Returns:
The signature.
- get_rsa() RSA_pub [source]
Return the underlying RSA key if that is what the EVP instance is holding.
- m2_md_ctx_free()
- m2_pkey_free()
- reset_context(md: str = 'sha1') None [source]
Reset internal message digest context.
- Parameters:
md – The message digest algorithm.
- save_key(file: AnyStr, cipher: str | None = 'aes_128_cbc', callback: ~typing.Callable = <function passphrase_callback>) int [source]
Save the key pair to a file in PEM format.
- Parameters:
file – Name of file to save key to.
cipher – Symmetric cipher to protect the key. The default cipher is ‘aes_128_cbc’. If cipher is None, then the key is saved in the clear.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
- save_key_bio(bio: ~M2Crypto.BIO.BIO, cipher: str | None = 'aes_128_cbc', callback: ~typing.Callable = <function passphrase_callback>) int [source]
Save the key pair to the M2Crypto.BIO object ‘bio’ in PEM format.
- Parameters:
bio – M2Crypto.BIO object to save key to.
cipher – Symmetric cipher to protect the key. The default cipher is ‘aes_128_cbc’. If cipher is None, then the key is saved in the clear.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
- sign_update(data: bytes) None [source]
Feed data to signing operation.
- Parameters:
data – Data to be signed.
- update(data: bytes) None
Feed data to signing operation.
- Parameters:
data – Data to be signed.
- M2Crypto.EVP.load_key(file: AnyStr, callback: ~typing.Callable = <function passphrase_callback>) PKey [source]
Load an M2Crypto.EVP.PKey from file.
- Parameters:
file – Name of file containing the key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key.
- Returns:
M2Crypto.EVP.PKey object.
- M2Crypto.EVP.load_key_bio(bio: ~M2Crypto.BIO.BIO, callback: ~typing.Callable = <function passphrase_callback>) PKey [source]
Load an M2Crypto.EVP.PKey from an M2Crypto.BIO object.
- Parameters:
bio – M2Crypto.BIO object containing the key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key.
- Returns:
M2Crypto.EVP.PKey object.
- M2Crypto.EVP.load_key_bio_pubkey(bio: ~M2Crypto.BIO.BIO, callback: ~typing.Callable = <function passphrase_callback>) PKey [source]
Load an M2Crypto.EVP.PKey from a public key as a M2Crypto.BIO object.
- Parameters:
bio – M2Crypto.BIO object containing the key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key.
- Returns:
M2Crypto.EVP.PKey object.
- M2Crypto.EVP.load_key_pubkey(file: AnyStr, callback: ~typing.Callable = <function passphrase_callback>) PKey [source]
Load an M2Crypto.EVP.PKey from a public key as a file.
- Parameters:
file – Name of file containing the key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key.
- Returns:
M2Crypto.EVP.PKey object.
- M2Crypto.EVP.load_key_string(string: AnyStr, callback: ~typing.Callable = <function passphrase_callback>) PKey [source]
Load an M2Crypto.EVP.PKey from a string.
- Parameters:
string – String containing the key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key.
- Returns:
M2Crypto.EVP.PKey object.
- M2Crypto.EVP.load_key_string_pubkey(string: AnyStr, callback: ~typing.Callable = <function passphrase_callback>) PKey [source]
Load an M2Crypto.EVP.PKey from a public key as a string.
- Parameters:
string – String containing the key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key.
- Returns:
M2Crypto.EVP.PKey object.
- M2Crypto.EVP.pbkdf2(password: bytes, salt: bytes, iter: int, keylen: int) bytes [source]
Derive a key from password using PBKDF2 algorithm specified in RFC 2898.
- Parameters:
password – Derive the key from this password.
salt – Salt.
iter – Number of iterations to perform.
keylen – Length of key to produce.
- Returns:
Key.
Engine
Module
- class M2Crypto.Engine.Engine(id: bytes | None = None, _ptr: bytes | None = None, _pyfree: int = 1)[source]
Bases:
object
Wrapper for ENGINE object.
- ctrl_cmd_string(cmd: AnyStr, arg: AnyStr | None, optional: int = 0) None [source]
Call ENGINE_ctrl_cmd_string
- init() int [source]
Obtain a functional reference to the engine.
- Returns:
0 on error, non-zero on success.
- load_certificate(name: bytes) X509 [source]
Load certificate from engine (e.g from smartcard). NOTE: This function may be not implemented by engine!
- load_private_key(name: bytes, pin: bytes | None = None) X509 [source]
Load private key with engine methods (e.g from smartcard). If pin is not set it will be asked
- load_public_key(name: bytes, pin: bytes | None = None) PKey [source]
Load public key with engine methods (e.g from smartcard).
- m2_engine_free()
- M2Crypto.Engine.cleanup() None [source]
If you load any engines, you need to clean up after your application is finished with the engines.
Err
Module
RC4
Module
RSA
Module
- class M2Crypto.RSA.RSA(rsa: bytes, _pyfree: int = 0)[source]
Bases:
object
RSA Key Pair.
- as_pem(cipher: str | None = 'aes_128_cbc', callback: ~typing.Callable = <function passphrase_callback>) bytes [source]
Returns the key(pair) as a string in PEM format.
- check_key() int [source]
Validate RSA keys.
It checks that p and q are in fact prime, and that n = p*q.
- Returns:
returns 1 if rsa is a valid RSA key, and 0 otherwise. -1 is returned if an error occurs while checking the key. If the key is invalid or an error occurred, the reason code can be obtained using ERR_get_error(3).
- m2_rsa_free()
- save_key(file: AnyStr, cipher: str | None = 'aes_128_cbc', callback: ~typing.Callable = <function passphrase_callback>) int [source]
Save the key pair to a file in PEM format.
- Parameters:
file – Name of file to save key to.
cipher – Symmetric cipher to protect the key. The default cipher is ‘aes_128_cbc’. If cipher is None, then the key is saved in the clear.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
- save_key_bio(bio: ~M2Crypto.BIO.BIO, cipher: str | None = 'aes_128_cbc', callback: ~typing.Callable = <function passphrase_callback>) int [source]
Save the key pair to an M2Crypto.BIO.BIO object in PEM format.
- Parameters:
bio – M2Crypto.BIO.BIO object to save key to.
cipher – Symmetric cipher to protect the key. The default cipher is ‘aes_128_cbc’. If cipher is None, then the key is saved in the clear.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
- save_key_der(file: AnyStr) int [source]
Save the key pair to a file in DER format.
- Parameters:
file – Filename to save key to
- save_key_der_bio(bio: BIO) int [source]
Save the key pair to an M2Crypto.BIO.BIO object in DER format.
- Parameters:
bio – M2Crypto.BIO.BIO object to save key to.
- save_pem(file: AnyStr, cipher: str | None = 'aes_128_cbc', callback: ~typing.Callable = <function passphrase_callback>) int
Save the key pair to a file in PEM format.
- Parameters:
file – Name of file to save key to.
cipher – Symmetric cipher to protect the key. The default cipher is ‘aes_128_cbc’. If cipher is None, then the key is saved in the clear.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
- save_pub_key(file: AnyStr) int [source]
Save the public key to a file in PEM format.
- Parameters:
file – Name of file to save key to.
- save_pub_key_bio(bio: BIO) int [source]
Save the public key to an M2Crypto.BIO.BIO object in PEM format.
- Parameters:
bio – M2Crypto.BIO.BIO object to save key to.
- sign(digest: bytes, algo: str = 'sha1') bytes [source]
Signs a digest with the private key
- Parameters:
digest – A digest created by using the digest method
algo – The method that created the digest. Legal values like ‘sha1’,’sha224’, ‘sha256’, ‘ripemd160’, and ‘md5’.
- Returns:
a string which is the signature
- sign_rsassa_pss(digest: bytes, algo: str = 'sha1', salt_length: int = 20) bytes [source]
Signs a digest with the private key using RSASSA-PSS
- Parameters:
digest – A digest created by using the digest method
salt_length – The length of the salt to use
algo – The hash algorithm to use Legal values like ‘sha1’,’sha224’, ‘sha256’, ‘ripemd160’, and ‘md5’.
- Returns:
a string which is the signature
- verify(data: bytes, signature: bytes, algo: str = 'sha1') int [source]
Verifies the signature with the public key
- Parameters:
data – Data that has been signed
signature – The signature signed with the private key
algo – The method use to create digest from the data before it was signed. Legal values like ‘sha1’,’sha224’, ‘sha256’, ‘ripemd160’, and ‘md5’.
- Returns:
1 or 0, depending on whether the signature was verified or not.
- verify_rsassa_pss(data: bytes, signature: bytes, algo: str = 'sha1', salt_length: int = 20) int [source]
Verifies the signature RSASSA-PSS
- Parameters:
data – Data that has been signed
signature – The signature signed with RSASSA-PSS
salt_length – The length of the salt that was used
algo – The hash algorithm to use Legal values are for example ‘sha1’,’sha224’, ‘sha256’, ‘ripemd160’, and ‘md5’.
- Returns:
1 or 0, depending on whether the signature was verified or not.
- class M2Crypto.RSA.RSA_pub(rsa: bytes, _pyfree: int = 0)[source]
Bases:
RSA
Object interface to an RSA public key.
- check_key() int [source]
Validate RSA keys.
It checks that p and q are in fact prime, and that n = p*q.
- Returns:
returns 1 if rsa is a valid RSA key, and 0 otherwise. -1 is returned if an error occurs while checking the key. If the key is invalid or an error occurred, the reason code can be obtained using ERR_get_error(3).
- M2Crypto.RSA.gen_key(bits: int, e: int, callback: ~typing.Callable = <function keygen_callback>) RSA [source]
Generate an RSA key pair.
- Parameters:
bits – Key length, in bits.
e – The RSA public exponent.
callback – A Python callable object that is invoked during key generation; its usual purpose is to provide visual feedback. The default callback is keygen_callback.
- Returns:
M2Crypto.RSA.RSA object.
- M2Crypto.RSA.keygen_callback(p: int, n: ~typing.Any, out: ~typing.IO[str] = <_io.TextIOWrapper name='<stdout>' mode='w' encoding='utf-8'>) None [source]
Default callback for gen_key().
- M2Crypto.RSA.load_key(file: AnyStr, callback: ~typing.Callable = <function passphrase_callback>) RSA [source]
Load an RSA key pair from file.
- Parameters:
file – Name of file containing RSA public key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to unlock the key. The default is util.passphrase_callback.
- Returns:
M2Crypto.RSA.RSA object.
- M2Crypto.RSA.load_key_bio(bio: ~M2Crypto.BIO.BIO, callback: ~typing.Callable = <function passphrase_callback>) RSA [source]
Load an RSA key pair from an M2Crypto.BIO.BIO object.
- Parameters:
bio – M2Crypto.BIO.BIO object containing RSA key pair in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to unlock the key. The default is util.passphrase_callback.
- Returns:
M2Crypto.RSA.RSA object.
- M2Crypto.RSA.load_key_string(string: AnyStr, callback: ~typing.Callable = <function passphrase_callback>) RSA [source]
Load an RSA key pair from a string.
- Parameters:
string – String containing RSA key pair in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to unlock the key. The default is util.passphrase_callback.
- Returns:
M2Crypto.RSA.RSA object.
- M2Crypto.RSA.load_pub_key(file: AnyStr) RSA_pub [source]
Load an RSA public key from file.
- Parameters:
file – Name of file containing RSA public key in PEM format.
- Returns:
M2Crypto.RSA.RSA_pub object.
- M2Crypto.RSA.load_pub_key_bio(bio: BIO) RSA_pub [source]
Load an RSA public key from an M2Crypto.BIO.BIO object.
- Parameters:
bio – M2Crypto.BIO.BIO object containing RSA public key in PEM format.
- Returns:
M2Crypto.RSA.RSA_pub object.
- M2Crypto.RSA.new_pub_key(e_n: Tuple[bytes, bytes]) RSA_pub [source]
Instantiate an RSA_pub object from an (e, n) tuple.
- Parameters:
e – The RSA public exponent; it is a string in OpenSSL’s MPINT format - 4-byte big-endian bit-count followed by the appropriate number of bits.
n – The RSA composite of primes; it is a string in OpenSSL’s MPINT format - 4-byte big-endian bit-count followed by the appropriate number of bits.
- Returns:
M2Crypto.RSA.RSA_pub object.
Rand
Module
M2Crypto wrapper for OpenSSL PRNG. Requires OpenSSL 0.9.5 and above.
Copyright (c) 1999-2003 Ng Pheng Siong. All rights reserved. Copyright (c) 2014-2017 Matej Cepl. All rights reserved.
See LICENCE for the license information.
- M2Crypto.Rand.load_file(filename: AnyStr, max_bytes: int) int [source]
Read a number of bytes from file filename and adds them to the PRNG.
If max_bytes is non-negative, up to to max_bytes are read; starting with OpenSSL 0.9.5, if max_bytes is -1, the complete file is read.
- Parameters:
filename –
max_bytes –
- Returns:
the number of bytes read.
- M2Crypto.Rand.rand_add(blob: bytes, entropy: float) None [source]
Mixes blob into the PRNG state.
- Parameters:
blob – added data
entropy – (the lower bound of) an estimate of how much randomness is contained in blob, measured in bytes.
Thus, if the data at buf are unpredictable to an adversary, this increases the uncertainty about the state and makes the PRNG output less predictable. Suitable input comes from user interaction (random key presses, mouse movements) and certain hardware events.
Details about sources of randomness and how to estimate their entropy can be found in the literature, e.g. RFC 1750.
- M2Crypto.Rand.rand_bytes(num: int) bytes [source]
Return n cryptographically strong pseudo-random bytes.
An error occurs if the PRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.
- Parameters:
num – number of bytes to be returned
- Returns:
random bytes
- M2Crypto.Rand.rand_file_name() str [source]
Generate a default path for the random seed file.
- Returns:
string with the filename. The seed file is $RANDFILE if that environment variable is set, $HOME/.rnd otherwise. If $HOME is not set either, an error occurs.
- M2Crypto.Rand.rand_pseudo_bytes(num: int) Tuple[bytes, int] [source]
Return num pseudo-random bytes into buf.
Pseudo-random byte sequences generated by this method will be unique if they are of sufficient length, but are not necessarily unpredictable. They can be used for non-cryptographic purposes and for certain purposes in cryptographic protocols, but usually not for key generation etc.
Output of the function is mixed into the entropy pool before retrieving the new pseudo-random bytes unless disabled at compile time (see FAQ).
- Parameters:
num – number of bytes to be returned
- Returns:
random bytes
- M2Crypto.Rand.rand_seed(seed: bytes) None [source]
Equivalent to rand_add() when len(seed) == entropy.
- Parameters:
seed – added data (see description at rand_add)
- M2Crypto.Rand.rand_status() int [source]
Check whether there is enough entropy in PRNG.
- Returns:
1 if the PRNG has been seeded with enough data, 0 otherwise.
- M2Crypto.Rand.save_file(filename: AnyStr) int [source]
Write a number of random bytes (currently 1024) to file.
The file then can be used to initialize the PRNG by calling load_file() in a later session.
- Parameters:
filename –
- Returns:
returns the number of bytes written, and -1 if the bytes written were generated without appropriate seed.
SMIME
Module
- class M2Crypto.SMIME.Cipher(algo: str)[source]
Bases:
object
Object interface to EVP_CIPHER without all the frills of M2Crypto.EVP.Cipher.
- class M2Crypto.SMIME.PKCS7(pkcs7: bytes | None = None, _pyfree: int = 0)[source]
Bases:
object
- get0_signers(certs: X509_Stack, flags: int = 0) X509_Stack [source]
- m2_pkcs7_free()
- class M2Crypto.SMIME.SMIME[source]
Bases:
object
- load_key(keyfile: AnyStr, certfile: AnyStr | None = None, callback: ~typing.Callable = <function passphrase_callback>) None [source]
- load_key_bio(keybio: ~M2Crypto.BIO.BIO, certbio: ~M2Crypto.BIO.BIO | None = None, callback: ~typing.Callable = <function passphrase_callback>) None [source]
- set_x509_stack(stack: X509_Stack) None [source]
- set_x509_store(store: X509_Store) None [source]
X509
Module
- class M2Crypto.X509.CRL(crl: bytes | None = None, _pyfree: int = 0)[source]
Bases:
object
X509 Certificate Revocation List
- as_text() str [source]
Return CRL in PEM format in a string.
- Returns:
String containing the CRL in PEM format.
- m2_x509_crl_free()
- class M2Crypto.X509.Request(req: int | None = None, _pyfree: int = 0)[source]
Bases:
object
X509 Certificate Request.
- add_extensions(ext_stack: X509_Extension_Stack) int [source]
Add X509 extensions to this request.
- Parameters:
ext_stack – Stack of extensions to add.
- Returns:
1 for success and 0 for failure
- get_pubkey() PKey [source]
Get the public key for the request.
- Returns:
Public key from the request.
- m2_x509_req_free()
- save(filename: AnyStr, format: int = 1) int [source]
Saves X.509 certificate request to a file. Default output format is PEM.
- Parameters:
filename – Name of the file the request will be saved to.
format – Controls what output format is used to save the request. Either FORMAT_PEM or FORMAT_DER to save in PEM or DER format. Raises ValueError if an unknown format is used.
- Returns:
1 for success, 0 for failure. The error code can be obtained by ERR_get_error.
- set_pubkey(pkey: PKey) int [source]
Set the public key for the request.
- Parameters:
pkey – Public key
- Returns:
Return 1 for success and 0 for failure.
- set_subject(name: X509_Name) int
Set subject name.
- Parameters:
name – subjectName field.
- Returns:
1 for success and 0 for failure
- set_subject_name(name: X509_Name) int [source]
Set subject name.
- Parameters:
name – subjectName field.
- Returns:
1 for success and 0 for failure
- set_version(version: int) int [source]
Set version.
- Parameters:
version – Version number.
- Returns:
Returns 0 on failure.
- class M2Crypto.X509.X509(x509: bytes | None = None, _pyfree: int = 0)[source]
Bases:
object
X.509 Certificate
- add_ext(ext: X509_Extension) int [source]
Add X509 extension to this certificate.
- Parameters:
ext – Extension
:return 1 for success and 0 for failure
- check_ca() int [source]
Check if the certificate is a Certificate Authority (CA) certificate.
- Returns:
0 if the certificate is not CA, nonzero otherwise.
- Requires:
OpenSSL 0.9.8 or newer
- check_purpose(id: int, ca: int) int [source]
Check if the certificate’s purpose matches the asked purpose.
- Parameters:
id – Purpose id. See X509_PURPOSE_* constants.
ca – 1 if the certificate should be CA, 0 otherwise.
- Returns:
0 if the certificate purpose does not match, nonzero otherwise.
- get_ext(name: str) X509_Extension [source]
Get X509 extension by name.
- Parameters:
name – Name of the extension
- Returns:
X509_Extension
- get_ext_at(index: int) X509_Extension [source]
Get X509 extension by index.
- Parameters:
index – Name of the extension
- Returns:
X509_Extension
- get_fingerprint(md: str = 'md5') str [source]
Get the fingerprint of the certificate.
- Parameters:
md – Message digest algorithm to use.
- Returns:
String containing the fingerprint in hex format.
- get_serial_number() ASN1_Integer [source]
- m2_x509_free()
- save(filename: AnyStr, format: int = 1) int [source]
Saves X.509 certificate to a file. Default output format is PEM.
- Parameters:
filename – Name of the file the cert will be saved to.
format – Controls what output format is used to save the cert. Either FORMAT_PEM or FORMAT_DER to save in PEM or DER format. Raises a ValueError if an unknow format is used.
- Returns:
1 for success or 0 for failure
- save_pem(filename: AnyStr) int [source]
- Parameters:
filename – name of the file to be loaded
- Returns:
1 for success or 0 for failure
- set_issuer(name: X509_Name) int [source]
Set issuer name.
- Parameters:
name – subjectName field.
:return 1 for success and 0 for failure
- set_pubkey(pkey: PKey) int [source]
Set the public key for the certificate
- Parameters:
pkey – Public key
:return 1 for success and 0 for failure
- set_serial_number(serial: ASN1_Integer) int [source]
Set serial number.
- Parameters:
serial – Serial number.
:return 1 for success and 0 for failure.
- set_subject(name: X509_Name) int [source]
Set subject name.
- Parameters:
name – subjectName field.
:return 1 for success and 0 for failure
- set_version(version: int) int [source]
Set version of the certificate.
- Parameters:
version – Version number.
- Returns:
Returns 0 on failure.
- class M2Crypto.X509.X509_Extension(x509_ext_ptr: bytes | None = None, _pyfree: int = 1)[source]
Bases:
object
X509 Extension
- get_critical() int [source]
Return whether or not this is a critical extension.
- Returns:
Nonzero if this is a critical extension.
- get_value(flag: int = 0, indent: int = 0) str [source]
Get the extension value, for example ‘DNS:www.example.com’.
- Parameters:
flag – Flag to control what and how to print.
indent – How many spaces to print before actual value.
- m2_x509_extension_free()
- set_critical(critical: int = 1) int [source]
Mark this extension critical or noncritical. By default an extension is not critical.
- Parameters:
critical – Nonzero sets this extension as critical. Calling this method without arguments will set this extension to critical.
- Returns:
1 for success, 0 for failure
- class M2Crypto.X509.X509_Extension_Stack(stack: bytes | None = None, _pyfree: int = 0)[source]
Bases:
object
X509 Extension Stack
- Warning:
Do not modify the underlying OpenSSL stack except through this interface, or use any OpenSSL functions that do so indirectly. Doing so will get the OpenSSL stack and the internal pystack of this class out of sync, leading to python memory leaks, exceptions or even python crashes!
- m2_sk_x509_extension_free()
- pop() X509_Extension [source]
Pop X509_Extension object from the stack.
- Returns:
X509_Extension popped
- push(x509_ext: X509_Extension) int [source]
Push X509_Extension object onto the stack.
- Parameters:
x509_ext – X509_Extension object to be pushed onto the stack.
- Returns:
The number of extensions on the stack.
- class M2Crypto.X509.X509_Name(x509_name: bytes = None, _pyfree: int = 0)[source]
Bases:
object
X509 Name
- add_entry_by_txt(field, type, entry, len, loc, set)[source]
Add X509_Name field whose name is identified by its name.
- Parameters:
field – name of the entry
type – use MBSTRING_ASC or MBSTRING_UTF8 (or standard ASN1 type like V_ASN1_IA5STRING)
entry – value
len – buf_len of the entry (-1 and the length is computed automagically)
The
loc
andset
parameters determine where a new entry should be added. For almost all applications loc can be set to -1 and set to 0. This adds a new entry to the end of name as a single valued RelativeDistinguishedName (RDN).- Parameters:
loc – determines the index where the new entry is inserted: if it is -1 it is appended.
set – determines how the new type is added. If it is zero a new RDN is created. If set is -1 or 1 it is added to the previous or next RDN structure respectively. This will then be a multivalued RDN: since multivalues RDNs are very seldom used set is almost always set to zero.
- Returns:
1 for success of 0 if an error occurred.
- as_text(indent: int = 0, flags: int = 0) str [source]
as_text returns the name as a string.
- Parameters:
indent – Each line in multiline format is indented by this many spaces.
flags – Flags that control how the output should be formatted.
- get_entries_by_nid(nid: int) List[X509_Name_Entry] [source]
Retrieve the next index matching nid.
- Parameters:
nid – name of the entry (as m2.NID* constants)
- Returns:
list of X509_Name_Entry items
- m2_x509_name_free()
- nid = {'C': 14, 'CN': 13, 'Email': 48, 'GN': 99, 'L': 15, 'O': 17, 'OU': 18, 'SN': 100, 'SP': 16, 'ST': 16, 'commonName': 13, 'emailAddress': 48, 'givenName': 99, 'localityName': 15, 'organizationName': 17, 'organizationUnitName': 18, 'serialNumber': 105, 'stateOrProvinceName': 16, 'surname': 100}
- class M2Crypto.X509.X509_Name_Entry(x509_name_entry: bytes, _pyfree: int = 0)[source]
Bases:
object
X509 Name Entry
- get_data() ASN1_String [source]
- get_object() ASN1_Object [source]
- m2_x509_name_entry_free()
- set_data(data: bytes, type: int = 4097) int [source]
Sets the field name to asn1obj
- Parameters:
data – data in a binary form to be set
- Returns:
0 on failure, 1 on success
- set_object(asn1obj: ASN1_Object) int [source]
Sets the field name to asn1obj
- Parameters:
asn1obj –
- Returns:
0 on failure, 1 on success
- class M2Crypto.X509.X509_Stack(stack: bytes = None, _pyfree: int = 0, _pyfree_x509: int = 0)[source]
Bases:
object
X509 Stack
- Warning:
Do not modify the underlying OpenSSL stack except through this interface, or use any OpenSSL functions that do so indirectly. Doing so will get the OpenSSL stack and the internal pystack of this class out of sync, leading to python memory leaks, exceptions or even python crashes!
- m2_sk_x509_free()
- class M2Crypto.X509.X509_Store(store: bytes | None = None, _pyfree: int = 0)[source]
Bases:
object
X509 Store
- load_info(file: AnyStr) int [source]
- Parameters:
file – filename
- Returns:
1 on success, 0 on failure
- load_locations(file: AnyStr) int
- Parameters:
file – filename
- Returns:
1 on success, 0 on failure
- m2_x509_store_free()
- set_flags(flags: int) int [source]
Set the verification flags for the X509Store Wrapper over OpenSSL X509_STORE_set_flags()
- Parameters:
flags – VERIFICATION FLAGS section of the X509_VERIFY_PARAM_set_flags man page has a complete description of values the flags parameter can take. Their M2Crypto equivalent is transformed following the pattern: “X509_V_FLAG_XYZ” -> lowercase(“VERIFY_XYZ”)
- set_verify_cb(callback: callable | None = None) None [source]
Set callback which will be called when the store is verified. Wrapper over OpenSSL X509_STORE_set_verify_cb().
- Parameters:
callback – Callable to specify verification options. Type of the callable must be: (int, X509_Store_Context) -> int. If None: set the standard options.
- Note:
compile-time or run-time errors in the callback would result in mysterious errors during verification, which could be hard to trace.
- Note:
Python exceptions raised in callbacks do not propagate to verify() call.
- Returns:
None
- class M2Crypto.X509.X509_Store_Context(x509_store_ctx: bytes, _pyfree: int = 0)[source]
Bases:
object
X509 Store Context
- get1_chain() X509_Stack [source]
Get certificate chain.
- Returns:
Reference counted (i.e. safe to use even after the store context goes away) stack of certificates in the chain.
- get_current_cert() X509 [source]
Get current X.509 certificate.
- Warning:
The returned certificate is NOT refcounted, so you can not rely on it being valid once the store context goes away or is modified.
- m2_x509_store_ctx_free()
- M2Crypto.X509.load_cert(file: AnyStr, format: int = 1) X509 [source]
Load certificate from file.
- Parameters:
file – Name of file containing certificate in either DER or PEM format.
format – Describes the format of the file to be loaded, either PEM or DER.
- Returns:
M2Crypto.X509.X509 object.
- M2Crypto.X509.load_cert_bio(bio: BIO, format: int = 1) X509 [source]
Load certificate from a bio.
- Parameters:
bio – BIO pointing at a certificate in either DER or PEM format.
format – Describes the format of the cert to be loaded, either PEM or DER (via constants FORMAT_PEM and FORMAT_FORMAT_DER)
- Returns:
M2Crypto.X509.X509 object.
- M2Crypto.X509.load_cert_der_string(cert_str: AnyStr) X509 [source]
Load certificate from a cert_str.
- Parameters:
cert_str – String containing a certificate in DER format.
- Returns:
M2Crypto.X509.X509 object.
- M2Crypto.X509.load_cert_string(cert_str: AnyStr, format: int = 1) X509 [source]
Load certificate from a cert_str.
- Parameters:
cert_str – String containing a certificate in either DER or PEM format.
format – Describes the format of the cert to be loaded, either PEM or DER (via constants FORMAT_PEM and FORMAT_FORMAT_DER)
- Returns:
M2Crypto.X509.X509 object.
- M2Crypto.X509.load_crl(file: AnyStr) CRL [source]
Load CRL from file.
- Parameters:
file – Name of file containing CRL in PEM format.
- Returns:
M2Crypto.X509.CRL object.
- M2Crypto.X509.load_request(file: AnyStr, format: int = 1) Request [source]
Load certificate request from file.
- Parameters:
file – Name of file containing certificate request in either PEM or DER format.
format – Describes the format of the file to be loaded, either PEM or DER. (using constants FORMAT_PEM and FORMAT_DER)
- Returns:
Request object.
- M2Crypto.X509.load_request_bio(bio: BIO, format: int = 1) Request [source]
Load certificate request from a bio.
- Parameters:
bio – BIO pointing at a certificate request in either DER or PEM format.
format – Describes the format of the request to be loaded, either PEM or DER. (using constants FORMAT_PEM and FORMAT_DER)
- Returns:
M2Crypto.X509.Request object.
- M2Crypto.X509.load_request_der_string(cert_str: AnyStr) Request [source]
Load certificate request from a cert_str.
- Parameters:
cert_str – String containing a certificate request in DER format.
- Returns:
M2Crypto.X509.Request object.
- M2Crypto.X509.load_request_string(cert_str: AnyStr, format: int = 1) Request [source]
Load certificate request from a cert_str.
- Parameters:
cert_str – String containing a certificate request in either DER or PEM format.
format – Describes the format of the request to be loaded, either PEM or DER. (using constants FORMAT_PEM and FORMAT_DER)
- Returns:
M2Crypto.X509.Request object.
- M2Crypto.X509.new_extension(name: str, value: bytes, critical: int = 0, _pyfree: int = 1) X509_Extension [source]
Create new X509_Extension instance.
- M2Crypto.X509.new_stack_from_der(der_string: bytes) X509_Stack [source]
Create a new X509_Stack from DER string.
- Returns:
X509_Stack
- M2Crypto.X509.x509_store_default_cb(ok: int, ctx: X509_Store_Context) int [source]
callback
Module
ftpslib
Module
httpslib
Module
- class M2Crypto.httpslib.HTTPSConnection(host: str, port: int | None = None, strict: bool | None = None, **ssl: Any)[source]
Bases:
HTTPConnection
This class allows communication via SSL using M2Crypto.
- default_port = 443
- class M2Crypto.httpslib.ProxyHTTPSConnection(host: str, port: int | None = None, strict: bool | None = None, username: AnyStr | None = None, password: AnyStr | None = None, **ssl: Any)[source]
Bases:
HTTPSConnection
An HTTPS Connection that uses a proxy and the CONNECT request.
When the connection is initiated, CONNECT is first sent to the proxy (along with authorization headers, if supplied). If successful, an SSL connection will be established over the socket through the proxy and to the target host.
Finally, the actual request is sent over the SSL connection tunneling through the proxy.
- endheaders(*args: Any, **kwargs: Any) None [source]
Indicate that the last header line has been sent to the server.
This method sends the request to the server. The optional message_body argument can be used to pass a message body associated with the request.
m2
Module
m2crypto
Module
m2urllib
Module
m2urllib2
Module
- class M2Crypto.m2urllib2.HTTPSHandler(ssl_context: Context = None)[source]
Bases:
AbstractHTTPHandler
- https_open(req: Request) addinfourl [source]
Return an addinfourl object for the request, using http_class.
http_class must implement the HTTPConnection API from httplib. The addinfourl return value is a file-like object. It also has methods and attributes including:
info(): return a mimetools.Message object for the headers
geturl(): return the original request URL
code: HTTP status code
- https_request(request)
- M2Crypto.m2urllib2.build_opener(ssl_context: Context | None = None, *handlers: object) OpenerDirector [source]
Create an opener object from a list of handlers.
The opener will use several default handlers, including support for HTTP and FTP.
If any of the handlers passed as arguments are subclasses of the default handlers, the default handlers will not be used.
m2xmlrpclib
Module
threading
Module
util
Module
- M2Crypto.util.expectedFailureIf(condition)[source]
The test is marked as an expectedFailure if the condition is satisfied.
- M2Crypto.util.genparam_callback(p: int, n: ~typing.Any, out: ~typing.TextIO = <_io.TextIOWrapper name='<stdout>' mode='w' encoding='utf-8'>) None [source]
Subpackages
- SSL Package
SSL
PackageChecker
ModuleCipher
ModuleConnection
ModuleConnection
Connection.accept()
Connection.accept_ssl()
Connection.bind()
Connection.clear()
Connection.close()
Connection.connect()
Connection.connect_ssl()
Connection.fileno()
Connection.get_cipher()
Connection.get_cipher_list()
Connection.get_ciphers()
Connection.get_context()
Connection.get_default_session_timeout()
Connection.get_peer_cert()
Connection.get_peer_cert_chain()
Connection.get_session()
Connection.get_shutdown()
Connection.get_socket_read_timeout()
Connection.get_socket_write_timeout()
Connection.get_state()
Connection.get_verify_depth()
Connection.get_verify_mode()
Connection.get_verify_result()
Connection.get_version()
Connection.getpeername()
Connection.getsockname()
Connection.getsockopt()
Connection.listen()
Connection.m2_bio_free()
Connection.m2_bio_noclose
Connection.m2_ssl_free()
Connection.makefile()
Connection.pending()
Connection.read()
Connection.recv()
Connection.recv_into()
Connection.renegotiate()
Connection.send()
Connection.sendall()
Connection.serverPostConnectionCheck()
Connection.set1_host()
Connection.set_accept_state()
Connection.set_bio()
Connection.set_cipher_list()
Connection.set_client_CA_list_from_context()
Connection.set_client_CA_list_from_file()
Connection.set_connect_state()
Connection.set_post_connection_check_callback()
Connection.set_session()
Connection.set_session_id_ctx()
Connection.set_shutdown()
Connection.set_socket_read_timeout()
Connection.set_socket_write_timeout()
Connection.set_ssl_close_flag()
Connection.set_tlsext_host_name()
Connection.setblocking()
Connection.setsockopt()
Connection.settimeout()
Connection.setup_addr()
Connection.setup_ssl()
Connection.shutdown()
Connection.ssl_get_error()
Connection.verify_ok()
Connection.write()
Context
ModuleContext
Context.add_session()
Context.close()
Context.get_allow_unknown_ca()
Context.get_cert_store()
Context.get_session_cache_mode()
Context.get_session_timeout()
Context.get_verify_depth()
Context.get_verify_mode()
Context.load_cert()
Context.load_cert_chain()
Context.load_client_CA()
Context.load_client_ca()
Context.load_verify_info()
Context.load_verify_locations()
Context.m2_ssl_ctx_free()
Context.remove_session()
Context.set_allow_unknown_ca()
Context.set_cipher_list()
Context.set_client_CA_list_from_file()
Context.set_default_verify_paths()
Context.set_info_callback()
Context.set_options()
Context.set_session_cache_mode()
Context.set_session_id_ctx()
Context.set_session_timeout()
Context.set_tmp_dh()
Context.set_tmp_dh_callback()
Context.set_tmp_rsa()
Context.set_tmp_rsa_callback()
Context.set_verify()
ctxmap()
map()
SSLServer
ModuleSession
ModuleTwistedProtocolWrapper
Modulecb
Moduletimeout
Module