# esteid-certificates
[](https://coveralls.io/github/thorgate/esteid-certificates?branch=main)
This library contains certificates for Estonian electronic identity services and a couple of functions
that facilitate usage.
The library covers the following use cases:
* embedding the root certificate of the Estonian Certification centre into an XML signature structure prior to signing;
* obtaining OCSP confirmation of the signer's certificate after signing: the OCSP request
must contain an issuer certificate that corresponds to the issuer's common name
as included in the signer's certificate.
## API
Get a certificate by issuer's common name:
```python
from esteid_certificates import get_certificate_file_name, get_certificate
# path to PEM certificate file
assert get_certificate_file_name("EID-SK 2016").endswith(".pem")
# the certificate as bytes
assert get_certificate("EID-SK 2016").startswith(b"-----BEGIN CERTIFICATE-----")
```
Get the root certificate:
```python
from esteid_certificates import get_root_ca_file_name, get_root_certificate
# path to PEM certificate file
assert get_root_ca_file_name().endswith(".pem")
# the certificate as bytes
assert get_root_certificate().startswith(b"-----BEGIN CERTIFICATE-----")
```
Get the TEST root certificate:
```python
from esteid_certificates import get_root_ca_file_name, get_root_certificate
# path to PEM certificate file
assert get_root_ca_file_name(test=True).endswith(".pem")
# the certificate as bytes
assert get_root_certificate(test=True).startswith(b"-----BEGIN CERTIFICATE-----")
```
The certificates can be loaded using e.g. the `oscrypto` library:
```python
from oscrypto.asymmetric import load_certificate
cert = load_certificate(get_certificate("EID-SK 2016"))
assert cert.asn1.native['tbs_certificate']['subject']['common_name'] == 'EID-SK 2016'
```
## Certificates
The certificates were downloaded from [the certificate page](https://www.skidsolutions.eu/repositoorium/sk-sertifikaadid/).
The included certificates are copyright to their issuing parties:
* [SK ID Solutions AS](https://www.skidsolutions.eu/repositoorium/)
and are redistributed for the sole purpose of convenience of use.
## Updating
See the [update script](autoupdate/README.md) for how to update the certificates.
Raw data
{
"_id": null,
"home_page": "https://github.com/thorgate/esteid-certificates",
"name": "esteid-certificates",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": "esteid asice xades smartid smart-id mobiilid mobileid mobile-id idcard",
"author": "Thorgate",
"author_email": "info@thorgate.eu",
"download_url": "https://files.pythonhosted.org/packages/38/68/05106fbb357720e17e2a58ea19514660d376f1bb2b170ff2703df9f8d877/esteid_certificates-1.0.3.tar.gz",
"platform": null,
"description": "# esteid-certificates\n\n[](https://coveralls.io/github/thorgate/esteid-certificates?branch=main)\n\nThis library contains certificates for Estonian electronic identity services and a couple of functions\nthat facilitate usage.\n\nThe library covers the following use cases:\n* embedding the root certificate of the Estonian Certification centre into an XML signature structure prior to signing; \n* obtaining OCSP confirmation of the signer's certificate after signing: the OCSP request\n must contain an issuer certificate that corresponds to the issuer's common name\n as included in the signer's certificate.\n\n## API\n\nGet a certificate by issuer's common name:\n```python\nfrom esteid_certificates import get_certificate_file_name, get_certificate\n# path to PEM certificate file\nassert get_certificate_file_name(\"EID-SK 2016\").endswith(\".pem\")\n# the certificate as bytes\nassert get_certificate(\"EID-SK 2016\").startswith(b\"-----BEGIN CERTIFICATE-----\")\n```\n\nGet the root certificate:\n```python\nfrom esteid_certificates import get_root_ca_file_name, get_root_certificate\n# path to PEM certificate file\nassert get_root_ca_file_name().endswith(\".pem\")\n# the certificate as bytes\nassert get_root_certificate().startswith(b\"-----BEGIN CERTIFICATE-----\")\n```\n\nGet the TEST root certificate:\n```python\nfrom esteid_certificates import get_root_ca_file_name, get_root_certificate\n# path to PEM certificate file\nassert get_root_ca_file_name(test=True).endswith(\".pem\")\n# the certificate as bytes\nassert get_root_certificate(test=True).startswith(b\"-----BEGIN CERTIFICATE-----\")\n```\n\nThe certificates can be loaded using e.g. the `oscrypto` library:\n```python\nfrom oscrypto.asymmetric import load_certificate\ncert = load_certificate(get_certificate(\"EID-SK 2016\"))\nassert cert.asn1.native['tbs_certificate']['subject']['common_name'] == 'EID-SK 2016'\n```\n\n## Certificates\n\nThe certificates were downloaded from [the certificate page](https://www.skidsolutions.eu/repositoorium/sk-sertifikaadid/).\n\nThe included certificates are copyright to their issuing parties: \n\n* [SK ID Solutions AS](https://www.skidsolutions.eu/repositoorium/)\n\nand are redistributed for the sole purpose of convenience of use.\n\n## Updating\n\nSee the [update script](autoupdate/README.md) for how to update the certificates.\n",
"bugtrack_url": null,
"license": "ISC",
"summary": "Certificates for Estonian e-identity services",
"version": "1.0.3",
"project_urls": {
"Homepage": "https://github.com/thorgate/esteid-certificates"
},
"split_keywords": [
"esteid",
"asice",
"xades",
"smartid",
"smart-id",
"mobiilid",
"mobileid",
"mobile-id",
"idcard"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "386805106fbb357720e17e2a58ea19514660d376f1bb2b170ff2703df9f8d877",
"md5": "507abacd2d46e0f1231f5cc8b5bd202f",
"sha256": "54d6407c48534cea1c55c4f6d3fd9014cc699198f8d62dcf54bf49bd2f316253"
},
"downloads": -1,
"filename": "esteid_certificates-1.0.3.tar.gz",
"has_sig": false,
"md5_digest": "507abacd2d46e0f1231f5cc8b5bd202f",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 52218,
"upload_time": "2025-03-18T11:36:40",
"upload_time_iso_8601": "2025-03-18T11:36:40.409693Z",
"url": "https://files.pythonhosted.org/packages/38/68/05106fbb357720e17e2a58ea19514660d376f1bb2b170ff2703df9f8d877/esteid_certificates-1.0.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-03-18 11:36:40",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "thorgate",
"github_project": "esteid-certificates",
"travis_ci": true,
"coveralls": false,
"github_actions": false,
"lcname": "esteid-certificates"
}
JSON
