openssh_key.key_params.cert.Cert_ECDSA_NISTP521_PublicKeyParams¶

class openssh_key.key_params.cert.Cert_ECDSA_NISTP521_PublicKeyParams(params)¶

Bases: openssh_key.key_params.cert.CertPublicKeyParams, openssh_key.key_params.ecdsa.ECDSA_NISTP521_PublicKeyParams

The parameters comprising a certificate for an ECDSA key on the nistp521 curve.

__init__(params)¶

Methods

`__init__`(params)
`check_params_are_valid`()	Checks whether the values within this parameters object conform to the format instructions, whether the curve identifier encoded in the public key corresponds to the key type, and whether the point lies on the elliptic curve indicated by the identifier.
`clear`()
`conversion_functions`()	Conversion functions for key objects of the following types:
`convert_from`(key_object)	Constructs and initializes a parameters object for this key type from attributes contained in the given object.
`convert_to`(destination_class)	Creates and initializes an object of the given type containing the values of this parameters object.
`copy`()
`fromkeys`(iterable[, value])
`get`(k[,d])
`get_cert_base_public_key_class`()	The type of the public key parameters that this certificate contains.
`get_critical_option`(option)	Returns the value of the specified critical option, or `None` if it does not exist.
`get_curve_identifier`()	The value `'nistp521'`.
`get_curve_name`()	The value `'secp521r1'`.
`get_curve_oid`()	The value `'1.3.132.0.35'`.
`get_extension_value`(option)	Returns the value of the specified extension, or `None` if it does not exist.
`get_format_instructions_dict`()	The Pascal-style byte stream format instructions for the parameters of a key of this type.
`get_signature_key`()	Returns the public key of the certificate authority.
`get_type`()	Returns the type of the principals that can authenticate using this certificate.
`get_valid_after`()	Returns the timestamp before which the certificate is invalid.
`get_valid_before`()	Returns the timestamp after which the certificate is invalid.
`get_valid_principals`()	Returns the list of principals that can authenticate using this certificate.
`items`()
`keys`()
`pack_list`(l, format_instruction)	Packs a `list` of items into a byte stream as per `format_instruction`.
`pack_options`(d, format_instruction)	Packs a `dict` of items into a byte stream, with the keys packed as `str` and the values as per the provided `format_instruction`.
`pack_signed_bytes`()	Packs into a byte string the parameters of this certificate that would be signed by the certificate authority key to form the signature.
`pop`(k[,d])	If key is not found, d is returned if given, otherwise KeyError is raised.
`popitem`()	as a 2-tuple; but raise KeyError if D is empty.
`set_critical_option`(option, value)	Sets the value of the specified critical option.
`set_extension_value`(option, value)	Sets the value of the specified extension.
`set_signature_key`(signature_key)	Sets the public key of the certificate authority to that specified.
`set_type`(t)	Sets the type of the principals that can authenticate using this certificate.
`set_valid_after`(t)	Sets the timestamp before which the certificate is invalid.
`set_valid_before`(t)	Sets the timestamp after which the certificate is invalid.
`set_valid_principals`(principals)	Sets the list of principals that can authenticate using this certificate.
`setdefault`(k[,d])
`update`([E, ]**F)	If E present and has a .keys() method, does: for k in E: D[k] = E[k] If E present and lacks .keys() method, does: for (k, v) in E: D[k] = v In either case, this is followed by: for k, v in F.items(): D[k] = v
`values`()

Attributes

`CURVE_IDENTIFIER`	The identifier, as specified in RFC 5656, of a set of elliptic curve domain parameters.
`CURVE_NAME`	The name of the elliptic curve domain parameters that corresponds to `CURVE_IDENTIFIER`.
`CURVE_OID`	The X.509 object identifier of the elliptic curve domain parameters that corresponds to `CURVE_IDENTIFIER`.
`FORMAT_INSTRUCTIONS_DICT`	The Pascal-style byte stream format instructions for the parameters of a key of this type.

check_params_are_valid()¶

Checks whether the values within this parameters object conform to the format instructions, whether the curve identifier encoded in the public key corresponds to the key type, and whether the point lies on the elliptic curve indicated by the identifier.

Raises: UserWarning – A parameter value is missing or does not have a type that matches the format instructions for this key type, the curve identifier encoded in the public key corresponds to the key type, or the point does not lie on the elliptic curve indicated by the identifier.
Return type: None

clear() → None. Remove all items from D.¶

classmethod conversion_functions()¶

Conversion functions for key objects of the following types:

cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey

Return type: Mapping[Type[Any], ConversionFunctions]
Returns: A typing.Mapping from the above types of key objects to functions that take key objects of these types and return parameter values.

classmethod convert_from(key_object)¶

Constructs and initializes a parameters object for this key type from attributes contained in the given object.

This classmethod searches conversion_functions for a class that is a superclass of key_object. If one is found, it returns the parameters object from the typing.Mapping returned by the corresponding object_to_mapping function. Otherwise, it searches its subclasses’ conversion_functions, traversing pre-order.

Parameters: key_object (Any) – An object containing key parameter values.
Raises: NotImplementedError – key_object is not of a supported type, or it does not contain the attributes necessary to construct a parameters object of this class.
Return type: PublicKeyParams

convert_to(destination_class)¶

Creates and initializes an object of the given type containing the values of this parameters object.

This method searches conversion_functions for a class that is a subclass of key_object. If one is found, it passes this parameters object to the corresponding mapping_to_object. Otherwise, it searches its superclasses’ conversion_functions in the same way, in method resolution order, up to and including PublicKeyParams.

Parameters

destination_class (Type[Any]) – The type of the object to which the values of this parameters object are to be converted.

Raises

ValueError – destination_class is not a class.
ImportError – destination_class cannot be imported.
NotImplementedError – Converting this parameters object to an object of type destination_class is not supported.

Return type

Any

get(k[, d]) → D[k] if k in D, else d. d defaults to None.¶

static get_cert_base_public_key_class()¶

The type of the public key parameters that this certificate contains.

Return type: Type[PublicKeyParams]

get_critical_option(option)¶

Returns the value of the specified critical option, or None if it does not exist.

Parameters: option (Union[CertCriticalOption, str]) – The critical option the value of which to return.
Raises: ValueError – A CertCriticalOption is provided, but is not valid for the principal types of this certificate.
Return type: Optional[bytes]

static get_curve_identifier()¶

The value 'nistp521'.

Return type: str

static get_curve_name()¶

The value 'secp521r1'.

Return type: str

static get_curve_oid()¶

The value '1.3.132.0.35'.

Return type: str

get_extension_value(option)¶

Returns the value of the specified extension, or None if it does not exist.

Parameters: option (Union[CertExtension, str]) – The extension the value of which to return.
Raises: ValueError – A CertExtension is provided, but is not valid for the principal types of this certificate.
Return type: Optional[bytes]

classmethod get_format_instructions_dict()¶

The Pascal-style byte stream format instructions for the parameters of a key of this type.

Return type: Mapping[str, Union[str, PascalStyleFormatInstruction, PascalStyleFormatInstructionStringLengthSize]]

get_signature_key()¶

Returns the public key of the certificate authority.

Raises: UserWarning – The certificate authority is a certificate; this is not supported by OpenSSH.
Return type: key.PublicKey

get_type()¶

Returns the type of the principals that can authenticate using this certificate.

Return type: CertPrincipalType

get_valid_after()¶

Returns the timestamp before which the certificate is invalid.

Return type: datetime

get_valid_before()¶

Returns the timestamp after which the certificate is invalid.

Return type: datetime

get_valid_principals()¶

Returns the list of principals that can authenticate using this certificate.

Return type: List[str]

items() → a set-like object providing a view on D's items¶

keys() → a set-like object providing a view on D's keys¶

static pack_list(l, format_instruction)¶

Packs a list of items into a byte stream as per format_instruction.

Parameters

l (List[Any]) – The items to pack.
format_instruction (PascalStyleFormatInstruction) – The format instruction.

Return type

bytes

static pack_options(d, format_instruction)¶

Packs a dict of items into a byte stream, with the keys packed as str and the values as per the provided format_instruction.

Parameters

d (Mapping[str, bytes]) – The mapping of items to pack.
format_instruction (PascalStyleFormatInstruction) – The format instruction using which to pack the values.

Return type

bytes

pack_signed_bytes()¶

Packs into a byte string the parameters of this certificate that would be signed by the certificate authority key to form the signature.

Return type: bytes
Returns: A byte string containing the parameters of this certificate that would be signed by the certificate authority key to form the signature.

pop(k[, d]) → v, remove specified key and return the corresponding value.¶: If key is not found, d is returned if given, otherwise KeyError is raised.

popitem() → (k, v), remove and return some (key, value) pair¶: as a 2-tuple; but raise KeyError if D is empty.

set_critical_option(option, value)¶

Sets the value of the specified critical option.

Parameters

option (Union[CertCriticalOption, str]) – The critical option the value of which to set.
value (bytes) – The value to set the critical option to.

Raises

ValueError – A CertCriticalOption is provided, but is not valid for the principal types of this certificate.

Return type

None

set_extension_value(option, value)¶

Sets the value of the specified extension.

Parameters

option (Union[CertExtension, str]) – The extension the value of which to set.
value (bytes) – The value to set the extension to.

Raises

ValueError – A CertExtension is provided, but is not valid for the principal types of this certificate.

Return type

None

set_signature_key(signature_key)¶

Sets the public key of the certificate authority to that specified.

Parameters: public_key – The public key of the certificate authority.
Raises: ValueError – The certificate authority is a certificate; this is not supported by OpenSSH.
Return type: None

set_type(t)¶

Sets the type of the principals that can authenticate using this certificate.

Return type: None

set_valid_after(t)¶

Sets the timestamp before which the certificate is invalid.

Return type: None

set_valid_before(t)¶

Sets the timestamp after which the certificate is invalid.

Return type: None

set_valid_principals(principals)¶

Sets the list of principals that can authenticate using this certificate.

Return type: None

setdefault(k[, d]) → D.get(k,d), also set D[k]=d if k not in D¶

update([E, ]**F) → None. Update D from mapping/iterable E and F.¶: If E present and has a .keys() method, does: for k in E: D[k] = E[k] If E present and lacks .keys() method, does: for (k, v) in E: D[k] = v In either case, this is followed by: for k, v in F.items(): D[k] = v

values() → an object providing a view on D's values¶

openssh_key.key_params.cert.Cert_ECDSA_NISTP521_PublicKeyParams¶

openssh_key_parser

Navigation

Related Topics