django_ca.typehints - Type aliases

Various type aliases used in throughout django-ca.

django_ca.typehints.AccessMethods

Serialized access method for AccessDescription instances.

alias of Literal[‘ocsp’, ‘ca_issuers’, ‘ca_repository’]

django_ca.typehints.AllowedHashTypes

Hash algorithms that can be used for signing certificates. NOTE: This is a duplicate of the protected cryptography.x509.base._AllowedHashTypes.

alias of SHA224 | SHA256 | SHA384 | SHA512 | SHA3_224 | SHA3_256 | SHA3_384 | SHA3_512

class django_ca.typehints.BasicConstraintsBase[source]

Base for BasicConstraints extension.

ca: bool
django_ca.typehints.CertificateExtensionKeys

Extension keys for extensions that may occur in any certificate.

This literal includes keys from EndEntityCertificateExtensionKeys and adds the keys for extensions only occur in certificate authorities.

alias of Literal[‘admissions’, ‘authority_information_access’, ‘certificate_policies’, ‘crl_distribution_points’, ‘extended_key_usage’, ‘freshest_crl’, ‘issuer_alternative_name’, ‘key_usage’, ‘ms_certificate_template’, ‘ocsp_no_check’, ‘precert_poison’, ‘subject_alternative_name’, ‘tls_feature’] | Literal[‘authority_key_identifier’, ‘basic_constraints’, ‘precertificate_signed_certificate_timestamps’, ‘signed_certificate_timestamps’, ‘subject_information_access’, ‘subject_key_identifier’] | Literal[‘inhibit_any_policy’, ‘name_constraints’, ‘policy_constraints’, ‘unknown’]

django_ca.typehints.CertificateExtensionType

ExtensionType classes that may appear in any certificate.

This union is based on EndEntityCertificateExtensionType and adds extension types that may appear in certificate authorities.

alias of AuthorityInformationAccess | CertificatePolicies | CRLDistributionPoints | ExtendedKeyUsage | FreshestCRL | IssuerAlternativeName | KeyUsage | MSCertificateTemplate | OCSPNoCheck | PrecertPoison | SubjectAlternativeName | TLSFeature | Admissions | AuthorityKeyIdentifier | BasicConstraints | PrecertificateSignedCertificateTimestamps | SignedCertificateTimestamps | SubjectInformationAccess | SubjectKeyIdentifier | InhibitAnyPolicy | NameConstraints | PolicyConstraints | UnrecognizedExtension

django_ca.typehints.ConfigurableExtensionKeys

Extension keys for extensions that may be configured by the user when issuing certificates.

alias of Literal[‘admissions’, ‘authority_information_access’, ‘certificate_policies’, ‘crl_distribution_points’, ‘extended_key_usage’, ‘freshest_crl’, ‘issuer_alternative_name’, ‘key_usage’, ‘ms_certificate_template’, ‘ocsp_no_check’, ‘precert_poison’, ‘subject_alternative_name’, ‘tls_feature’]

django_ca.typehints.ConfigurableExtensionType

ExtensionType classes that can be configured by the user.

alias of AuthorityInformationAccess | CertificatePolicies | CRLDistributionPoints | ExtendedKeyUsage | FreshestCRL | IssuerAlternativeName | KeyUsage | MSCertificateTemplate | OCSPNoCheck | PrecertPoison | SubjectAlternativeName | TLSFeature | Admissions

django_ca.typehints.EndEntityCertificateExtensionKeys

Extension keys for extensions that may occur in an end entity certificate.

This literal includes keys from ConfigurableExtensionKeys and adds the keys for extensions that are either derived from the issuer or the certificates public key or that must not be configured by a user.

alias of Literal[‘admissions’, ‘authority_information_access’, ‘certificate_policies’, ‘crl_distribution_points’, ‘extended_key_usage’, ‘freshest_crl’, ‘issuer_alternative_name’, ‘key_usage’, ‘ms_certificate_template’, ‘ocsp_no_check’, ‘precert_poison’, ‘subject_alternative_name’, ‘tls_feature’] | Literal[‘authority_key_identifier’, ‘basic_constraints’, ‘precertificate_signed_certificate_timestamps’, ‘signed_certificate_timestamps’, ‘subject_information_access’, ‘subject_key_identifier’]

django_ca.typehints.EndEntityCertificateExtensionType

ExtensionType classes that may appear in an end entity certificate.

This union is based on ConfigurableExtensionType and adds extension types that are either derived from the issuer or the certificates public key or that must not be configured by the user.

alias of AuthorityInformationAccess | CertificatePolicies | CRLDistributionPoints | ExtendedKeyUsage | FreshestCRL | IssuerAlternativeName | KeyUsage | MSCertificateTemplate | OCSPNoCheck | PrecertPoison | SubjectAlternativeName | TLSFeature | Admissions | AuthorityKeyIdentifier | BasicConstraints | PrecertificateSignedCertificateTimestamps | SignedCertificateTimestamps | SubjectInformationAccess | SubjectKeyIdentifier

django_ca.typehints.ExtensionKeys

Extension keys for all known x509 Extensions.

This literal includes keys from ConfigurableExtensionKeys and includes extensions that may occur in certificate authorities or CRLs.

alias of Literal[‘admissions’, ‘authority_information_access’, ‘certificate_policies’, ‘crl_distribution_points’, ‘extended_key_usage’, ‘freshest_crl’, ‘issuer_alternative_name’, ‘key_usage’, ‘ms_certificate_template’, ‘ocsp_no_check’, ‘precert_poison’, ‘subject_alternative_name’, ‘tls_feature’] | Literal[‘authority_key_identifier’, ‘basic_constraints’, ‘precertificate_signed_certificate_timestamps’, ‘signed_certificate_timestamps’, ‘subject_information_access’, ‘subject_key_identifier’] | Literal[‘inhibit_any_policy’, ‘name_constraints’, ‘policy_constraints’, ‘unknown’] | Literal[‘crl_number’, ‘delta_crl_indicator’, ‘issuing_distribution_point’, ‘policy_mappings’, ‘subject_directory_attributes’]

django_ca.typehints.GeneralNames

Valid types of general names.

alias of Literal[‘email’, ‘URI’, ‘IP’, ‘DNS’, ‘RID’, ‘dirName’, ‘otherName’]

django_ca.typehints.HashAlgorithms

Valid hash algorithm names.

These names are used in various settings, with the --algorithm command line parameter and in the API.

alias of Literal[‘SHA-224’, ‘SHA-256’, ‘SHA-384’, ‘SHA-512’, ‘SHA3/224’, ‘SHA3/256’, ‘SHA3/384’, ‘SHA3/512’]

django_ca.typehints.IPAddressType

Union of all IP address types

alias of IPv4Address | IPv6Address | IPv4Network | IPv6Network

django_ca.typehints.JSON

JSON serializable data.

alias of dict[str, JSON] | list[JSON] | str | int | float | bool | None

django_ca.typehints.KeyUsages

List of possible values for KeyUsage instances.

alias of Literal[‘crl_sign’, ‘data_encipherment’, ‘decipher_only’, ‘digital_signature’, ‘encipher_only’, ‘key_agreement’, ‘key_cert_sign’, ‘key_encipherment’, ‘content_commitment’]

django_ca.typehints.LogEntryTypes

Serialized values of LogEntryType instances.

alias of Literal[‘precertificate’, ‘x509_certificate’]

class django_ca.typehints.OCSPKeyBackendDict[source]

Data structure stored in the ocsp_key_backend field of CertificateAuthority.

certificate: dict[str, dict[str, dict[str, JSON] | list[JSON] | str | int | float | bool | None] | list[dict[str, JSON] | list[JSON] | str | int | float | bool | None] | str | int | float | bool | None]
private_key: dict[str, dict[str, dict[str, JSON] | list[JSON] | str | int | float | bool | None] | list[dict[str, JSON] | list[JSON] | str | int | float | bool | None] | str | int | float | bool | None]
django_ca.typehints.OtherNames

Valid OtherName types

alias of Literal[‘UTF8String’, ‘UNIVERSALSTRING’, ‘IA5STRING’, ‘BOOLEAN’, ‘NULL’, ‘UTCTIME’, ‘GENERALIZEDTIME’, ‘INTEGER’, ‘OctetString’]

class django_ca.typehints.ParsableAuthorityInformationAccess[source]

Parsable Authority Information Access extension.

issuers: Iterable[GeneralName | str] | None
ocsp: Iterable[GeneralName | str] | None
class django_ca.typehints.ParsableAuthorityKeyIdentifierDict[source]

Parsable version of the ParsableAuthorityKeyIdentifier extension.

authority_cert_issuer: Iterable[str]
authority_cert_serial_number: int | None
key_identifier: bytes | None
class django_ca.typehints.ParsableBasicConstraints[source]

Serialized representation of a BasicConstraints extension.

A value of this type is a dictionary with a "ca" key with a boolean value. If True, it also has a "path_length" value that is either None or an int.

ca: bool
path_length: int | str
class django_ca.typehints.ParsableDistributionPoint[source]

Parsable version of a Distribution Point.

crl_issuer: Iterable[GeneralName | str]
full_name: Iterable[GeneralName | str] | None
reasons: Iterable[str | ReasonFlags]
relative_name: list[SerializedObjectIdentifier] | RelativeDistinguishedName
class django_ca.typehints.ParsableExtension[source]

Base for all extensions.

critical: bool
value: Any
class django_ca.typehints.ParsableNameConstraints[source]

Parsable NameConstraints extension.

excluded: Iterable[GeneralName | str]
permitted: Iterable[GeneralName | str]
class django_ca.typehints.ParsableNoticeReference[source]

Parsable version of a Notice Reference.

notice_numbers: Iterable[int]
organization: str
class django_ca.typehints.ParsablePolicyConstraints[source]

Parsable PolicyConstriants extension.

inhibit_policy_mapping: int
require_explicit_policy: int
class django_ca.typehints.ParsablePolicyInformation[source]

Parsable version of the Policy Information extension.

policy_identifier: str | ObjectIdentifier
policy_qualifiers: Sequence[str | UserNotice | ParsableUserNotice] | None
class django_ca.typehints.ParsableUserNotice[source]

Parsable version of a User Notice.

explicit_text: str
notice_reference: NoticeReference | ParsableNoticeReference
class django_ca.typehints.ProfileExtensionValue[source]

Typed dict as it occurs in profiles.

This TypedDict lacks a type, as the configuration uses a dictionary with the type as mapping key.

This TypedDict is more lenient than SerializedPydanticExtension, as critical often has a default, and value may not be set for extensions that don’t have a value.

critical: bool | None
value: Any | None
class django_ca.typehints.SerializedNoticeReference[source]

Serialized variant of a Notice Reference.

notice_numbers: list[int]
organization: str
class django_ca.typehints.SerializedObjectIdentifier[source]

Parsable version of an object identifier.

oid: str
value: str
class django_ca.typehints.SerializedPolicyInformation[source]

Serialized variant of a PolicyInformation extension.

policy_identifier: str
policy_qualifiers: list[str | SerializedUserNotice] | None
class django_ca.typehints.SerializedProfile[source]

Serialized profile.

algorithm: Literal['SHA-224', 'SHA-256', 'SHA-384', 'SHA-512', 'SHA3/224', 'SHA3/256', 'SHA3/384', 'SHA3/512'] | None
clear_extensions: list[Literal['admissions', 'authority_information_access', 'certificate_policies', 'crl_distribution_points', 'extended_key_usage', 'freshest_crl', 'issuer_alternative_name', 'key_usage', 'ms_certificate_template', 'ocsp_no_check', 'precert_poison', 'subject_alternative_name', 'tls_feature'] | Literal['authority_key_identifier', 'basic_constraints', 'precertificate_signed_certificate_timestamps', 'signed_certificate_timestamps', 'subject_information_access', 'subject_key_identifier']]
description: str
extensions: list[SerializedPydanticExtension]
name: str
subject: list[SerializedPydanticNameAttribute] | None
class django_ca.typehints.SerializedPydanticExtension[source]

Serialized pydantic extension.

critical: bool
type: Literal['admissions', 'authority_information_access', 'certificate_policies', 'crl_distribution_points', 'extended_key_usage', 'freshest_crl', 'issuer_alternative_name', 'key_usage', 'ms_certificate_template', 'ocsp_no_check', 'precert_poison', 'subject_alternative_name', 'tls_feature'] | Literal['authority_key_identifier', 'basic_constraints', 'precertificate_signed_certificate_timestamps', 'signed_certificate_timestamps', 'subject_information_access', 'subject_key_identifier']
value: Any
class django_ca.typehints.SerializedPydanticNameAttribute[source]

Serialized version of a Pydantic name attribute.

oid: str
value: str
class django_ca.typehints.SerializedUserNotice[source]

Serialized variant of a User Notice.

explicit_text: str
notice_reference: SerializedNoticeReference

TypeVars for generics

typehints.ExtensionTypeTypeVar = ~ExtensionTypeTypeVar

A TypeVar bound to ExtensionType.