django_ca.typehints - Type aliases

Various type aliases used in throughout django-ca.

django_ca.typehints.AccessMethods

Serialized access method for AccessDescription instances.

alias of Literal[‘ocsp’, ‘ca_issuers’, ‘ca_repository’]

django_ca.typehints.AllowedHashTypes = cryptography.hazmat.primitives.hashes.SHA224 | cryptography.hazmat.primitives.hashes.SHA256 | cryptography.hazmat.primitives.hashes.SHA384 | cryptography.hazmat.primitives.hashes.SHA512 | cryptography.hazmat.primitives.hashes.SHA3_224 | cryptography.hazmat.primitives.hashes.SHA3_256 | cryptography.hazmat.primitives.hashes.SHA3_384 | cryptography.hazmat.primitives.hashes.SHA3_512

Hash algorithms that can be used for signing certificates. NOTE: This is a duplicate of the protected cryptography.x509.base._AllowedHashTypes.

django_ca.typehints.CertificateExtensionKeys

Extension keys for extensions that may occur in any certificate.

This literal includes keys from EndEntityCertificateExtensionKeys and adds the keys for extensions only occur in certificate authorities.

alias of Literal[‘admissions’, ‘authority_information_access’, ‘certificate_policies’, ‘crl_distribution_points’, ‘extended_key_usage’, ‘freshest_crl’, ‘issuer_alternative_name’, ‘key_usage’, ‘ms_certificate_template’, ‘ocsp_no_check’, ‘precert_poison’, ‘private_key_usage_period’, ‘subject_alternative_name’, ‘tls_feature’] | Literal[‘authority_key_identifier’, ‘basic_constraints’, ‘precertificate_signed_certificate_timestamps’, ‘signed_certificate_timestamps’, ‘subject_information_access’, ‘subject_key_identifier’] | Literal[‘inhibit_any_policy’, ‘name_constraints’, ‘policy_constraints’, ‘unknown’]

django_ca.typehints.CertificateExtensionType = cryptography.x509.extensions.Admissions | cryptography.x509.extensions.AuthorityInformationAccess | cryptography.x509.extensions.PrivateKeyUsagePeriod | cryptography.x509.extensions.CertificatePolicies | cryptography.x509.extensions.CRLDistributionPoints | cryptography.x509.extensions.ExtendedKeyUsage | cryptography.x509.extensions.FreshestCRL | cryptography.x509.extensions.IssuerAlternativeName | cryptography.x509.extensions.KeyUsage | cryptography.x509.extensions.MSCertificateTemplate | cryptography.x509.extensions.OCSPNoCheck | cryptography.x509.extensions.PrecertPoison | cryptography.x509.extensions.SubjectAlternativeName | cryptography.x509.extensions.TLSFeature | cryptography.x509.extensions.AuthorityKeyIdentifier | cryptography.x509.extensions.BasicConstraints | cryptography.x509.extensions.PrecertificateSignedCertificateTimestamps | cryptography.x509.extensions.SignedCertificateTimestamps | cryptography.x509.extensions.SubjectInformationAccess | cryptography.x509.extensions.SubjectKeyIdentifier | cryptography.x509.extensions.InhibitAnyPolicy | cryptography.x509.extensions.NameConstraints | cryptography.x509.extensions.PolicyConstraints | cryptography.x509.extensions.UnrecognizedExtension

ExtensionType classes that may appear in any certificate.

This union is based on EndEntityCertificateExtensionType and adds extension types that may appear in certificate authorities.

django_ca.typehints.ConfigurableExtensionKeys

Extension keys for extensions that may be configured by the user when issuing certificates.

alias of Literal[‘admissions’, ‘authority_information_access’, ‘certificate_policies’, ‘crl_distribution_points’, ‘extended_key_usage’, ‘freshest_crl’, ‘issuer_alternative_name’, ‘key_usage’, ‘ms_certificate_template’, ‘ocsp_no_check’, ‘precert_poison’, ‘private_key_usage_period’, ‘subject_alternative_name’, ‘tls_feature’]

django_ca.typehints.ConfigurableExtensionType = cryptography.x509.extensions.Admissions | cryptography.x509.extensions.AuthorityInformationAccess | cryptography.x509.extensions.PrivateKeyUsagePeriod | cryptography.x509.extensions.CertificatePolicies | cryptography.x509.extensions.CRLDistributionPoints | cryptography.x509.extensions.ExtendedKeyUsage | cryptography.x509.extensions.FreshestCRL | cryptography.x509.extensions.IssuerAlternativeName | cryptography.x509.extensions.KeyUsage | cryptography.x509.extensions.MSCertificateTemplate | cryptography.x509.extensions.OCSPNoCheck | cryptography.x509.extensions.PrecertPoison | cryptography.x509.extensions.SubjectAlternativeName | cryptography.x509.extensions.TLSFeature

ExtensionType classes that can be configured by the user.

django_ca.typehints.EndEntityCertificateExtensionKeys

Extension keys for extensions that may occur in an end entity certificate.

This literal includes keys from ConfigurableExtensionKeys and adds the keys for extensions that are either derived from the issuer or the certificates public key or that must not be configured by a user.

alias of Literal[‘admissions’, ‘authority_information_access’, ‘certificate_policies’, ‘crl_distribution_points’, ‘extended_key_usage’, ‘freshest_crl’, ‘issuer_alternative_name’, ‘key_usage’, ‘ms_certificate_template’, ‘ocsp_no_check’, ‘precert_poison’, ‘private_key_usage_period’, ‘subject_alternative_name’, ‘tls_feature’] | Literal[‘authority_key_identifier’, ‘basic_constraints’, ‘precertificate_signed_certificate_timestamps’, ‘signed_certificate_timestamps’, ‘subject_information_access’, ‘subject_key_identifier’]

django_ca.typehints.EndEntityCertificateExtensionType = cryptography.x509.extensions.Admissions | cryptography.x509.extensions.AuthorityInformationAccess | cryptography.x509.extensions.PrivateKeyUsagePeriod | cryptography.x509.extensions.CertificatePolicies | cryptography.x509.extensions.CRLDistributionPoints | cryptography.x509.extensions.ExtendedKeyUsage | cryptography.x509.extensions.FreshestCRL | cryptography.x509.extensions.IssuerAlternativeName | cryptography.x509.extensions.KeyUsage | cryptography.x509.extensions.MSCertificateTemplate | cryptography.x509.extensions.OCSPNoCheck | cryptography.x509.extensions.PrecertPoison | cryptography.x509.extensions.SubjectAlternativeName | cryptography.x509.extensions.TLSFeature | cryptography.x509.extensions.AuthorityKeyIdentifier | cryptography.x509.extensions.BasicConstraints | cryptography.x509.extensions.PrecertificateSignedCertificateTimestamps | cryptography.x509.extensions.SignedCertificateTimestamps | cryptography.x509.extensions.SubjectInformationAccess | cryptography.x509.extensions.SubjectKeyIdentifier

ExtensionType classes that may appear in an end entity certificate.

This union is based on ConfigurableExtensionType and adds extension types that are either derived from the issuer or the certificates public key or that must not be configured by the user.

django_ca.typehints.ExtensionKeys

Extension keys for all known x509 Extensions.

This literal includes keys from ConfigurableExtensionKeys and includes extensions that may occur in certificate authorities or CRLs.

alias of Literal[‘admissions’, ‘authority_information_access’, ‘certificate_policies’, ‘crl_distribution_points’, ‘extended_key_usage’, ‘freshest_crl’, ‘issuer_alternative_name’, ‘key_usage’, ‘ms_certificate_template’, ‘ocsp_no_check’, ‘precert_poison’, ‘private_key_usage_period’, ‘subject_alternative_name’, ‘tls_feature’] | Literal[‘authority_key_identifier’, ‘basic_constraints’, ‘precertificate_signed_certificate_timestamps’, ‘signed_certificate_timestamps’, ‘subject_information_access’, ‘subject_key_identifier’] | Literal[‘inhibit_any_policy’, ‘name_constraints’, ‘policy_constraints’, ‘unknown’] | Literal[‘crl_number’, ‘delta_crl_indicator’, ‘issuing_distribution_point’, ‘policy_mappings’, ‘subject_directory_attributes’]

django_ca.typehints.GeneralNames

Valid types of general names.

alias of Literal[‘email’, ‘URI’, ‘IP’, ‘DNS’, ‘RID’, ‘dirName’, ‘otherName’]

django_ca.typehints.HashAlgorithms

Valid hash algorithm names.

These names are used in various settings, with the --algorithm command line parameter and in the API.

alias of Literal[‘SHA-224’, ‘SHA-256’, ‘SHA-384’, ‘SHA-512’, ‘SHA3/224’, ‘SHA3/256’, ‘SHA3/384’, ‘SHA3/512’]

django_ca.typehints.IPAddressType = ipaddress.IPv4Address | ipaddress.IPv6Address | ipaddress.IPv4Network | ipaddress.IPv6Network

Union of all IP address types

django_ca.typehints.JSON = dict[str, 'JSON'] | list['JSON'] | str | int | float | bool | None

JSON serializable data.

django_ca.typehints.KeyUsages

List of possible values for KeyUsage instances.

alias of Literal[‘crl_sign’, ‘data_encipherment’, ‘decipher_only’, ‘digital_signature’, ‘encipher_only’, ‘key_agreement’, ‘key_cert_sign’, ‘key_encipherment’, ‘content_commitment’]

django_ca.typehints.LogEntryTypes

Serialized values of LogEntryType instances.

alias of Literal[‘precertificate’, ‘x509_certificate’]

class django_ca.typehints.OCSPKeyBackendDict[source]

Data structure stored in the ocsp_key_backend field of CertificateAuthority.

certificate: dict[str, dict[str, dict[str, JSON] | list[JSON] | str | int | float | bool | None] | list[dict[str, JSON] | list[JSON] | str | int | float | bool | None] | str | int | float | bool | None]
private_key: dict[str, dict[str, dict[str, JSON] | list[JSON] | str | int | float | bool | None] | list[dict[str, JSON] | list[JSON] | str | int | float | bool | None] | str | int | float | bool | None]
django_ca.typehints.OtherNames

Valid OtherName types

alias of Literal[‘UTF8String’, ‘UNIVERSALSTRING’, ‘IA5STRING’, ‘BOOLEAN’, ‘NULL’, ‘UTCTIME’, ‘GENERALIZEDTIME’, ‘INTEGER’, ‘OctetString’]

class django_ca.typehints.ProfileExtensionValue[source]

Typed dict as it occurs in profiles.

This TypedDict lacks a type, as the configuration uses a dictionary with the type as mapping key.

This TypedDict is more lenient than SerializedPydanticExtension, as critical often has a default, and value may not be set for extensions that don’t have a value.

critical: bool | None
value: Any | None
class django_ca.typehints.SerializedNoticeReference[source]

Serialized variant of a Notice Reference.

notice_numbers: list[int]
organization: str
class django_ca.typehints.SerializedPolicyInformation[source]

Serialized variant of a PolicyInformation extension.

policy_identifier: str
policy_qualifiers: list[str | SerializedUserNotice] | None
class django_ca.typehints.SerializedProfile[source]

Serialized profile.

algorithm: Literal['SHA-224', 'SHA-256', 'SHA-384', 'SHA-512', 'SHA3/224', 'SHA3/256', 'SHA3/384', 'SHA3/512'] | None
clear_extensions: list[Literal['admissions', 'authority_information_access', 'certificate_policies', 'crl_distribution_points', 'extended_key_usage', 'freshest_crl', 'issuer_alternative_name', 'key_usage', 'ms_certificate_template', 'ocsp_no_check', 'precert_poison', 'private_key_usage_period', 'subject_alternative_name', 'tls_feature'] | Literal['authority_key_identifier', 'basic_constraints', 'precertificate_signed_certificate_timestamps', 'signed_certificate_timestamps', 'subject_information_access', 'subject_key_identifier']]
description: str
extensions: list[SerializedPydanticExtension]
name: str
subject: list[SerializedPydanticNameAttribute] | None
class django_ca.typehints.SerializedPydanticExtension[source]

Serialized pydantic extension.

critical: bool
type: Literal['admissions', 'authority_information_access', 'certificate_policies', 'crl_distribution_points', 'extended_key_usage', 'freshest_crl', 'issuer_alternative_name', 'key_usage', 'ms_certificate_template', 'ocsp_no_check', 'precert_poison', 'private_key_usage_period', 'subject_alternative_name', 'tls_feature'] | Literal['authority_key_identifier', 'basic_constraints', 'precertificate_signed_certificate_timestamps', 'signed_certificate_timestamps', 'subject_information_access', 'subject_key_identifier']
value: Any
class django_ca.typehints.SerializedPydanticNameAttribute[source]

Serialized version of a Pydantic name attribute.

oid: str
value: str
class django_ca.typehints.SerializedUserNotice[source]

Serialized variant of a User Notice.

explicit_text: str
notice_reference: SerializedNoticeReference

TypeVars for generics

typehints.ExtensionTypeTypeVar = ~ExtensionTypeTypeVar

A TypeVar bound to ExtensionType.