# esteid-certificates
[](https://coveralls.io/github/thorgate/esteid-certificates?branch=main)
This library contains certificates for Estonian electronic identity services and a couple of functions
that facilitate usage.
The library covers the following use cases:
* embedding the root certificate of the Estonian Certification centre into an XML signature structure prior to signing;
* obtaining OCSP confirmation of the signer's certificate after signing: the OCSP request
must contain an issuer certificate that corresponds to the issuer's common name
as included in the signer's certificate.
## API
Get a certificate by issuer's common name:
```python
from esteid_certificates import get_certificate_file_name, get_certificate
# path to PEM certificate file
assert get_certificate_file_name("EID-SK 2016").endswith(".pem")
# the certificate as bytes
assert get_certificate("EID-SK 2016").startswith(b"-----BEGIN CERTIFICATE-----")
```
Get the root certificate:
```python
from esteid_certificates import get_root_ca_file_name, get_root_certificate
# path to PEM certificate file
assert get_root_ca_file_name().endswith(".pem")
# the certificate as bytes
assert get_root_certificate().startswith(b"-----BEGIN CERTIFICATE-----")
```
Get the TEST root certificate:
```python
from esteid_certificates import get_root_ca_file_name, get_root_certificate
# path to PEM certificate file
assert get_root_ca_file_name(test=True).endswith(".pem")
# the certificate as bytes
assert get_root_certificate(test=True).startswith(b"-----BEGIN CERTIFICATE-----")
```
The certificates can be loaded using e.g. the `oscrypto` library:
```python
from oscrypto.asymmetric import load_certificate
cert = load_certificate(get_certificate("EID-SK 2016"))
assert cert.asn1.native['tbs_certificate']['subject']['common_name'] == 'EID-SK 2016'
```
## Certificates
The certificates were downloaded from [the certificate page](https://www.skidsolutions.eu/repositoorium/sk-sertifikaadid/).
The included certificates are copyright to their issuing parties:
* [SK ID Solutions AS](https://www.skidsolutions.eu/repositoorium/)
and are redistributed for the sole purpose of convenience of use.
## Updating
See the [update script](autoupdate/README.md) for how to update the certificates.
Raw data
{
"_id": null,
"home_page": "https://github.com/thorgate/esteid-certificates",
"name": "esteid-certificates",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": "esteid asice xades smartid smart-id mobiilid mobileid mobile-id idcard",
"author": "Thorgate",
"author_email": "info@thorgate.eu",
"download_url": "https://files.pythonhosted.org/packages/df/46/38cb87594dfac524201455149f333ae58f01a09388bbf506ffe4e64f9dcd/esteid_certificates-1.0.2.tar.gz",
"platform": null,
"description": "# esteid-certificates\n\n[](https://coveralls.io/github/thorgate/esteid-certificates?branch=main)\n\nThis library contains certificates for Estonian electronic identity services and a couple of functions\nthat facilitate usage.\n\nThe library covers the following use cases:\n* embedding the root certificate of the Estonian Certification centre into an XML signature structure prior to signing; \n* obtaining OCSP confirmation of the signer's certificate after signing: the OCSP request\n must contain an issuer certificate that corresponds to the issuer's common name\n as included in the signer's certificate.\n\n## API\n\nGet a certificate by issuer's common name:\n```python\nfrom esteid_certificates import get_certificate_file_name, get_certificate\n# path to PEM certificate file\nassert get_certificate_file_name(\"EID-SK 2016\").endswith(\".pem\")\n# the certificate as bytes\nassert get_certificate(\"EID-SK 2016\").startswith(b\"-----BEGIN CERTIFICATE-----\")\n```\n\nGet the root certificate:\n```python\nfrom esteid_certificates import get_root_ca_file_name, get_root_certificate\n# path to PEM certificate file\nassert get_root_ca_file_name().endswith(\".pem\")\n# the certificate as bytes\nassert get_root_certificate().startswith(b\"-----BEGIN CERTIFICATE-----\")\n```\n\nGet the TEST root certificate:\n```python\nfrom esteid_certificates import get_root_ca_file_name, get_root_certificate\n# path to PEM certificate file\nassert get_root_ca_file_name(test=True).endswith(\".pem\")\n# the certificate as bytes\nassert get_root_certificate(test=True).startswith(b\"-----BEGIN CERTIFICATE-----\")\n```\n\nThe certificates can be loaded using e.g. the `oscrypto` library:\n```python\nfrom oscrypto.asymmetric import load_certificate\ncert = load_certificate(get_certificate(\"EID-SK 2016\"))\nassert cert.asn1.native['tbs_certificate']['subject']['common_name'] == 'EID-SK 2016'\n```\n\n## Certificates\n\nThe certificates were downloaded from [the certificate page](https://www.skidsolutions.eu/repositoorium/sk-sertifikaadid/).\n\nThe included certificates are copyright to their issuing parties: \n\n* [SK ID Solutions AS](https://www.skidsolutions.eu/repositoorium/)\n\nand are redistributed for the sole purpose of convenience of use.\n\n## Updating\n\nSee the [update script](autoupdate/README.md) for how to update the certificates.\n",
"bugtrack_url": null,
"license": "ISC",
"summary": "Certificates for Estonian e-identity services",
"version": "1.0.2",
"project_urls": {
"Homepage": "https://github.com/thorgate/esteid-certificates"
},
"split_keywords": [
"esteid",
"asice",
"xades",
"smartid",
"smart-id",
"mobiilid",
"mobileid",
"mobile-id",
"idcard"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "5b29398762f1ec84480b46496a07ee47c3871d6e45fb11463ad9caa126abde93",
"md5": "a878c1deb370a57e775eaffaa77e2f6f",
"sha256": "ab15fd07f43fc455800457d24d2daaa84a1d9eb94d61f9f9b61c9544a140a06a"
},
"downloads": -1,
"filename": "esteid_certificates-1.0.2-py2.py3-none-any.whl",
"has_sig": false,
"md5_digest": "a878c1deb370a57e775eaffaa77e2f6f",
"packagetype": "bdist_wheel",
"python_version": "py2.py3",
"requires_python": null,
"size": 75132,
"upload_time": "2024-10-17T07:38:24",
"upload_time_iso_8601": "2024-10-17T07:38:24.466064Z",
"url": "https://files.pythonhosted.org/packages/5b/29/398762f1ec84480b46496a07ee47c3871d6e45fb11463ad9caa126abde93/esteid_certificates-1.0.2-py2.py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "df4638cb87594dfac524201455149f333ae58f01a09388bbf506ffe4e64f9dcd",
"md5": "c9facdec4a7f3b790b5eb756072681aa",
"sha256": "abdd88ffc5d2c5b52ac7a51e1b94b17a0572f9edd42613a3b8b47ceb30b239a2"
},
"downloads": -1,
"filename": "esteid_certificates-1.0.2.tar.gz",
"has_sig": false,
"md5_digest": "c9facdec4a7f3b790b5eb756072681aa",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 51219,
"upload_time": "2024-10-17T07:38:26",
"upload_time_iso_8601": "2024-10-17T07:38:26.236172Z",
"url": "https://files.pythonhosted.org/packages/df/46/38cb87594dfac524201455149f333ae58f01a09388bbf506ffe4e64f9dcd/esteid_certificates-1.0.2.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-10-17 07:38:26",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "thorgate",
"github_project": "esteid-certificates",
"travis_ci": true,
"coveralls": false,
"github_actions": false,
"lcname": "esteid-certificates"
}
JSON
