============
wincertstore
============
.. warning::
The package is deprecated. Since Python 2.7.9
``ssl.create_default_context()`` automatically loads certificates from
Windows' cert store.
wincertstore provides an interface to access Windows' CA and CRL certificates.
It uses ctypes and Windows's sytem cert store API through crypt32.dll.
Example
=======
::
import wincertstore
for storename in ("CA", "ROOT"):
with wincertstore.CertSystemStore(storename) as store:
for cert in store.itercerts(usage=wincertstore.SERVER_AUTH):
print(cert.get_pem().decode("ascii"))
print(cert.get_name())
print(cert.enhanced_keyusage_names())
``SERVER_AUTH`` is the default enhanced key usage. In order to get all
certificates for any usage, use ``None``. The module offers more OIDs like
``CLIENT_AUTH``, too.
For Python versions without the with statement::
for storename in ("CA", "ROOT"):
store = wincertstore.CertSystemStore(storename)
try:
for cert in store.itercerts():
print(cert.get_pem().decode("ascii")
finally:
store.close()
See `CertOpenSystemStore`_
CertFile helper::
import wincertstore
import atexit
import ssl
certfile = wincertstore.CertFile()
certfile.addstore("CA")
certfile.addstore("ROOT")
atexit.register(certfile.close) # cleanup and remove files on shutdown)
ssl_sock = ssl.wrap_socket(sock,
ca_certs=certfile.name,
cert_reqs=ssl.CERT_REQUIRED)
Requirements
============
- Python 2.3 to 3.3
- Windows XP, Windows Server 2003 or newer
- ctypes 1.0.2 (Python 2.3 and 2.4)
from http://sourceforge.net/projects/ctypes/
License
=======
Copyright (c) 2013, 2014 by Christian Heimes <christian@python.org>
Licensed to PSF under a Contributor Agreement.
See http://www.python.org/psf/license for licensing details.
Acknowledgements
================
http://fixunix.com/openssl/254866-re-can-openssl-use-windows-certificate-store.html
http://bugs.python.org/issue17134
References
==========
.. _CertOpenSystemStore: http://msdn.microsoft.com/en-us/library/windows/desktop/aa376560%28v=vs.85%29.aspx
ChangeLog
=========
wincertstore 0.2
----------------
*Release date: 26-Feb-2013*
- By default CertSystemStore.itercerts() is now limited to return only
certs that are suitable for SERVER_AUTH -- that is to validate a TLS/SSL's
server cert from the perspective of a client.
- Add CERT_CONTEXT.get_name() to get a human readable name of a certificate.
- Add CERT_CONTEXT.enhanced_keyusage() to get enhanced key usage and trust
settings from registry. The method returns either ``True`` or a frozenset
of OIDs. True means that the certificate is valid for any purpose.
- CERT_CONTEXT.enhanced_keyusage_names() maps OIDs to human readable names.
- Add commin OIDs for enhanced key usages like SERVER_AUTH and CLIENT_AUTH.
- Add support for universal wheels.
- Add tox for testing Python 2.6 to 3.3. Python 2.4 and 2.5 are tested
manually.
- Use pypi.python.org:443 for TLS tests.
wincertstore 0.1
----------------
*Release date: 22-Mar-2013*
- Initial release
Raw data
{
"_id": null,
"home_page": "https://github.com/tiran/wincertstore",
"name": "wincertstore",
"maintainer": "Christian Heimes",
"docs_url": null,
"requires_python": ">=2.7,!=3.0.*,!=3.1.*,<3.4.*",
"maintainer_email": "christian@python.org",
"keywords": "windows cert ssl ca crl",
"author": "Christian Heimes",
"author_email": "christian@python.org",
"download_url": "https://files.pythonhosted.org/packages/90/71/7b01b7e37a73200bf52a81a2a9ea71b2d0492a5137258dd6034975c808e1/wincertstore-0.2.1.zip",
"platform": "Windows",
"description": "============\nwincertstore\n============\n\n.. warning::\n\n The package is deprecated. Since Python 2.7.9\n ``ssl.create_default_context()`` automatically loads certificates from\n Windows' cert store.\n\nwincertstore provides an interface to access Windows' CA and CRL certificates.\nIt uses ctypes and Windows's sytem cert store API through crypt32.dll.\n\n\nExample\n=======\n\n::\n\n import wincertstore\n for storename in (\"CA\", \"ROOT\"):\n with wincertstore.CertSystemStore(storename) as store:\n for cert in store.itercerts(usage=wincertstore.SERVER_AUTH):\n print(cert.get_pem().decode(\"ascii\"))\n print(cert.get_name())\n print(cert.enhanced_keyusage_names())\n\n``SERVER_AUTH`` is the default enhanced key usage. In order to get all\ncertificates for any usage, use ``None``. The module offers more OIDs like\n``CLIENT_AUTH``, too.\n\nFor Python versions without the with statement::\n\n for storename in (\"CA\", \"ROOT\"):\n store = wincertstore.CertSystemStore(storename)\n try:\n for cert in store.itercerts():\n print(cert.get_pem().decode(\"ascii\")\n finally:\n store.close()\n\nSee `CertOpenSystemStore`_\n\nCertFile helper::\n\n import wincertstore\n import atexit\n import ssl\n\n certfile = wincertstore.CertFile()\n certfile.addstore(\"CA\")\n certfile.addstore(\"ROOT\")\n atexit.register(certfile.close) # cleanup and remove files on shutdown)\n\n ssl_sock = ssl.wrap_socket(sock,\n ca_certs=certfile.name,\n cert_reqs=ssl.CERT_REQUIRED)\n\n\nRequirements\n============\n\n- Python 2.3 to 3.3\n\n- Windows XP, Windows Server 2003 or newer\n\n- ctypes 1.0.2 (Python 2.3 and 2.4)\n from http://sourceforge.net/projects/ctypes/\n\n\nLicense\n=======\n\nCopyright (c) 2013, 2014 by Christian Heimes <christian@python.org>\n\nLicensed to PSF under a Contributor Agreement.\n\nSee http://www.python.org/psf/license for licensing details.\n\n\nAcknowledgements\n================\n\nhttp://fixunix.com/openssl/254866-re-can-openssl-use-windows-certificate-store.html\n\nhttp://bugs.python.org/issue17134\n\n\nReferences\n==========\n\n.. _CertOpenSystemStore: http://msdn.microsoft.com/en-us/library/windows/desktop/aa376560%28v=vs.85%29.aspx\n\nChangeLog\n=========\n\nwincertstore 0.2\n----------------\n\n*Release date: 26-Feb-2013*\n\n- By default CertSystemStore.itercerts() is now limited to return only\n certs that are suitable for SERVER_AUTH -- that is to validate a TLS/SSL's\n server cert from the perspective of a client.\n\n- Add CERT_CONTEXT.get_name() to get a human readable name of a certificate.\n\n- Add CERT_CONTEXT.enhanced_keyusage() to get enhanced key usage and trust\n settings from registry. The method returns either ``True`` or a frozenset\n of OIDs. True means that the certificate is valid for any purpose.\n\n- CERT_CONTEXT.enhanced_keyusage_names() maps OIDs to human readable names.\n\n- Add commin OIDs for enhanced key usages like SERVER_AUTH and CLIENT_AUTH.\n\n- Add support for universal wheels.\n\n- Add tox for testing Python 2.6 to 3.3. Python 2.4 and 2.5 are tested\n manually.\n\n- Use pypi.python.org:443 for TLS tests.\n\n\nwincertstore 0.1\n----------------\n\n*Release date: 22-Mar-2013*\n\n- Initial release\n\n\n",
"bugtrack_url": null,
"license": "PSFL",
"summary": "Python module to extract CA and CRL certs from Windows' cert store (ctypes based).",
"version": "0.2.1",
"split_keywords": [
"windows",
"cert",
"ssl",
"ca",
"crl"
],
"urls": [
{
"comment_text": "",
"digests": {
"md5": "2b02e576da55ec6f961386e6c0fac038",
"sha256": "cfedf0047855c3fd2668a4750e951329f68ecf6118b5814026c18f23f127dd93"
},
"downloads": -1,
"filename": "wincertstore-0.2.1-py2.py3-none-any.whl",
"has_sig": true,
"md5_digest": "2b02e576da55ec6f961386e6c0fac038",
"packagetype": "bdist_wheel",
"python_version": "py2.py3",
"requires_python": ">=2.7,!=3.0.*,!=3.1.*,<3.4.*",
"size": 7825,
"upload_time": "2021-06-08T11:20:50",
"upload_time_iso_8601": "2021-06-08T11:20:50.597964Z",
"url": "https://files.pythonhosted.org/packages/3d/82/d50da806a22161c74059e59319240c02422d92cede1cbf6c36d5035f9337/wincertstore-0.2.1-py2.py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"md5": "d8353ce258a15f2b234736e53b1757dc",
"sha256": "ebd681f45f4e156493b4fa54f134b9a171d9c0a8de40ae1a0bc96c3092cb8b12"
},
"downloads": -1,
"filename": "wincertstore-0.2.1.zip",
"has_sig": true,
"md5_digest": "d8353ce258a15f2b234736e53b1757dc",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=2.7,!=3.0.*,!=3.1.*,<3.4.*",
"size": 16650,
"upload_time": "2021-06-08T11:20:52",
"upload_time_iso_8601": "2021-06-08T11:20:52.101847Z",
"url": "https://files.pythonhosted.org/packages/90/71/7b01b7e37a73200bf52a81a2a9ea71b2d0492a5137258dd6034975c808e1/wincertstore-0.2.1.zip",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2021-06-08 11:20:52",
"github": true,
"gitlab": false,
"bitbucket": false,
"github_user": "tiran",
"github_project": "wincertstore",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"tox": true,
"lcname": "wincertstore"
}