django_ca.typehints - Type aliases

Various type aliases used in throughout django-ca.

django_ca.typehints.AccessMethodName

Serialized access method for AccessDescription instances.

alias of Literal[‘ocsp’, ‘ca_issuers’, ‘ca_repository’]

django_ca.typehints.CertificateExtensionKey

Extension keys for extensions that may occur in any certificate.

This literal includes keys from EndEntityCertificateExtensionKey and adds the keys for extensions only occur in certificate authorities.

alias of Literal[‘admissions’, ‘authority_information_access’, ‘certificate_policies’, ‘crl_distribution_points’, ‘extended_key_usage’, ‘freshest_crl’, ‘issuer_alternative_name’, ‘key_usage’, ‘ms_certificate_template’, ‘ocsp_no_check’, ‘precert_poison’, ‘private_key_usage_period’, ‘subject_alternative_name’, ‘tls_feature’] | Literal[‘authority_key_identifier’, ‘basic_constraints’, ‘precertificate_signed_certificate_timestamps’, ‘signed_certificate_timestamps’, ‘subject_information_access’, ‘subject_key_identifier’] | Literal[‘inhibit_any_policy’, ‘name_constraints’, ‘policy_constraints’, ‘unknown’]

django_ca.typehints.CertificateExtensionType = cryptography.x509.extensions.Admissions | cryptography.x509.extensions.AuthorityInformationAccess | cryptography.x509.extensions.CertificatePolicies | cryptography.x509.extensions.CRLDistributionPoints | cryptography.x509.extensions.ExtendedKeyUsage | cryptography.x509.extensions.FreshestCRL | cryptography.x509.extensions.IssuerAlternativeName | cryptography.x509.extensions.KeyUsage | cryptography.x509.extensions.MSCertificateTemplate | cryptography.x509.extensions.OCSPNoCheck | cryptography.x509.extensions.PrecertPoison | cryptography.x509.extensions.PrivateKeyUsagePeriod | cryptography.x509.extensions.SubjectAlternativeName | cryptography.x509.extensions.TLSFeature | cryptography.x509.extensions.AuthorityKeyIdentifier | cryptography.x509.extensions.BasicConstraints | cryptography.x509.extensions.PrecertificateSignedCertificateTimestamps | cryptography.x509.extensions.SignedCertificateTimestamps | cryptography.x509.extensions.SubjectInformationAccess | cryptography.x509.extensions.SubjectKeyIdentifier | cryptography.x509.extensions.InhibitAnyPolicy | cryptography.x509.extensions.NameConstraints | cryptography.x509.extensions.PolicyConstraints | cryptography.x509.extensions.UnrecognizedExtension

ExtensionType classes that may appear in any certificate.

This union is based on EndEntityCertificateExtensionType and adds extension types that may appear in certificate authorities.

django_ca.typehints.ConfigurableExtensionKey

Extension keys for extensions that may be configured by the user when issuing certificates.

alias of Literal[‘admissions’, ‘authority_information_access’, ‘certificate_policies’, ‘crl_distribution_points’, ‘extended_key_usage’, ‘freshest_crl’, ‘issuer_alternative_name’, ‘key_usage’, ‘ms_certificate_template’, ‘ocsp_no_check’, ‘precert_poison’, ‘private_key_usage_period’, ‘subject_alternative_name’, ‘tls_feature’]

django_ca.typehints.ConfigurableExtensionType = cryptography.x509.extensions.Admissions | cryptography.x509.extensions.AuthorityInformationAccess | cryptography.x509.extensions.CertificatePolicies | cryptography.x509.extensions.CRLDistributionPoints | cryptography.x509.extensions.ExtendedKeyUsage | cryptography.x509.extensions.FreshestCRL | cryptography.x509.extensions.IssuerAlternativeName | cryptography.x509.extensions.KeyUsage | cryptography.x509.extensions.MSCertificateTemplate | cryptography.x509.extensions.OCSPNoCheck | cryptography.x509.extensions.PrecertPoison | cryptography.x509.extensions.PrivateKeyUsagePeriod | cryptography.x509.extensions.SubjectAlternativeName | cryptography.x509.extensions.TLSFeature

ExtensionType classes that can be configured by the user.

django_ca.typehints.EllipticCurveName

Valid elliptic curve names.

alias of Literal[‘sect571r1’, ‘sect409r1’, ‘sect283r1’, ‘sect233r1’, ‘sect163r2’, ‘sect571k1’, ‘sect409k1’, ‘sect283k1’, ‘sect233k1’, ‘sect163k1’, ‘secp521r1’, ‘secp384r1’, ‘secp256r1’, ‘secp256k1’, ‘secp224r1’, ‘secp192r1’, ‘brainpoolP256r1’, ‘brainpoolP384r1’, ‘brainpoolP512r1’]

django_ca.typehints.EndEntityCertificateExtensionKey

Extension keys for extensions that may occur in an end entity certificate.

This literal includes keys from ConfigurableExtensionKey and adds the keys for extensions that are either derived from the issuer or the certificates public key or that must not be configured by a user.

alias of Literal[‘admissions’, ‘authority_information_access’, ‘certificate_policies’, ‘crl_distribution_points’, ‘extended_key_usage’, ‘freshest_crl’, ‘issuer_alternative_name’, ‘key_usage’, ‘ms_certificate_template’, ‘ocsp_no_check’, ‘precert_poison’, ‘private_key_usage_period’, ‘subject_alternative_name’, ‘tls_feature’] | Literal[‘authority_key_identifier’, ‘basic_constraints’, ‘precertificate_signed_certificate_timestamps’, ‘signed_certificate_timestamps’, ‘subject_information_access’, ‘subject_key_identifier’]

django_ca.typehints.EndEntityCertificateExtensionType = cryptography.x509.extensions.Admissions | cryptography.x509.extensions.AuthorityInformationAccess | cryptography.x509.extensions.CertificatePolicies | cryptography.x509.extensions.CRLDistributionPoints | cryptography.x509.extensions.ExtendedKeyUsage | cryptography.x509.extensions.FreshestCRL | cryptography.x509.extensions.IssuerAlternativeName | cryptography.x509.extensions.KeyUsage | cryptography.x509.extensions.MSCertificateTemplate | cryptography.x509.extensions.OCSPNoCheck | cryptography.x509.extensions.PrecertPoison | cryptography.x509.extensions.PrivateKeyUsagePeriod | cryptography.x509.extensions.SubjectAlternativeName | cryptography.x509.extensions.TLSFeature | cryptography.x509.extensions.AuthorityKeyIdentifier | cryptography.x509.extensions.BasicConstraints | cryptography.x509.extensions.PrecertificateSignedCertificateTimestamps | cryptography.x509.extensions.SignedCertificateTimestamps | cryptography.x509.extensions.SubjectInformationAccess | cryptography.x509.extensions.SubjectKeyIdentifier

ExtensionType classes that may appear in an end entity certificate.

This union is based on ConfigurableExtensionType and adds extension types that are either derived from the issuer or the certificates public key or that must not be configured by the user.

django_ca.typehints.ExtensionKey

Extension keys for all known x509 Extensions.

This literal includes keys from ConfigurableExtensionKey and includes extensions that may occur in certificate authorities or CRLs.

alias of Literal[‘admissions’, ‘authority_information_access’, ‘certificate_policies’, ‘crl_distribution_points’, ‘extended_key_usage’, ‘freshest_crl’, ‘issuer_alternative_name’, ‘key_usage’, ‘ms_certificate_template’, ‘ocsp_no_check’, ‘precert_poison’, ‘private_key_usage_period’, ‘subject_alternative_name’, ‘tls_feature’] | Literal[‘authority_key_identifier’, ‘basic_constraints’, ‘precertificate_signed_certificate_timestamps’, ‘signed_certificate_timestamps’, ‘subject_information_access’, ‘subject_key_identifier’] | Literal[‘inhibit_any_policy’, ‘name_constraints’, ‘policy_constraints’, ‘unknown’] | Literal[‘crl_number’, ‘delta_crl_indicator’, ‘issuing_distribution_point’, ‘policy_mappings’, ‘subject_directory_attributes’]

django_ca.typehints.GeneralName

Valid types of general names.

alias of Literal[‘email’, ‘URI’, ‘IP’, ‘DNS’, ‘RID’, ‘dirName’, ‘otherName’]

django_ca.typehints.IPAddressType = ipaddress.IPv4Address | ipaddress.IPv6Address | ipaddress.IPv4Network | ipaddress.IPv6Network

Union of all IP address types

django_ca.typehints.JSON = dict[str, 'JSON'] | list['JSON'] | str | int | float | bool | None

JSON serializable data.

django_ca.typehints.KeyUsage

List of possible values for KeyUsage instances.

alias of Literal[‘crl_sign’, ‘data_encipherment’, ‘decipher_only’, ‘digital_signature’, ‘encipher_only’, ‘key_agreement’, ‘key_cert_sign’, ‘key_encipherment’, ‘content_commitment’]

django_ca.typehints.LogEntryTypeName

Serialized values of LogEntryType instances.

alias of Literal[‘precertificate’, ‘x509_certificate’]

class django_ca.typehints.OCSPKeyBackendDict[source]

Data structure stored in the ocsp_key_backend field of CertificateAuthority.

certificate: dict[str, dict[str, dict[str, JSON] | list[JSON] | str | int | float | bool | None] | list[dict[str, JSON] | list[JSON] | str | int | float | bool | None] | str | int | float | bool | None]
private_key: dict[str, dict[str, dict[str, JSON] | list[JSON] | str | int | float | bool | None] | list[dict[str, JSON] | list[JSON] | str | int | float | bool | None] | str | int | float | bool | None]
django_ca.typehints.OtherName

Valid OtherName types

alias of Literal[‘UTF8String’, ‘UNIVERSALSTRING’, ‘IA5STRING’, ‘BOOLEAN’, ‘NULL’, ‘UTCTIME’, ‘GENERALIZEDTIME’, ‘INTEGER’, ‘OctetString’]

class django_ca.typehints.SerializedNoticeReference[source]

Serialized variant of a Notice Reference.

notice_numbers: list[int]
organization: str
class django_ca.typehints.SerializedPolicyInformation[source]

Serialized variant of a PolicyInformation extension.

policy_identifier: str
policy_qualifiers: list[str | SerializedUserNotice] | None
class django_ca.typehints.SerializedPydanticExtension[source]

Serialized pydantic extension.

critical: bool
type: Literal['admissions', 'authority_information_access', 'certificate_policies', 'crl_distribution_points', 'extended_key_usage', 'freshest_crl', 'issuer_alternative_name', 'key_usage', 'ms_certificate_template', 'ocsp_no_check', 'precert_poison', 'private_key_usage_period', 'subject_alternative_name', 'tls_feature'] | Literal['authority_key_identifier', 'basic_constraints', 'precertificate_signed_certificate_timestamps', 'signed_certificate_timestamps', 'subject_information_access', 'subject_key_identifier']
value: Any
class django_ca.typehints.SerializedPydanticNameAttribute[source]

Serialized version of a Pydantic name attribute.

oid: str
value: str
class django_ca.typehints.SerializedUserNotice[source]

Serialized variant of a User Notice.

explicit_text: str
notice_reference: SerializedNoticeReference
django_ca.typehints.SignatureHashAlgorithm = cryptography.hazmat.primitives.hashes.SHA224 | cryptography.hazmat.primitives.hashes.SHA256 | cryptography.hazmat.primitives.hashes.SHA384 | cryptography.hazmat.primitives.hashes.SHA512 | cryptography.hazmat.primitives.hashes.SHA3_224 | cryptography.hazmat.primitives.hashes.SHA3_256 | cryptography.hazmat.primitives.hashes.SHA3_384 | cryptography.hazmat.primitives.hashes.SHA3_512

Hash algorithms that can be used for signing certificates.

NOTE: This is a duplicate of the protected cryptography.x509.base._AllowedHashTypes.

django_ca.typehints.SignatureHashAlgorithmName

Names of hash algorithms that can be used for signing certificates.

These names are used in various settings, with the --algorithm command line parameter and in the API.

alias of Literal[‘SHA-224’, ‘SHA-256’, ‘SHA-384’, ‘SHA-512’, ‘SHA3/224’, ‘SHA3/256’, ‘SHA3/384’, ‘SHA3/512’]

django_ca.typehints.SignatureHashAlgorithmNameWithLegacy

SignatureHashAlgorithmName plus insecure legacy algorithms (MD5 and SHA1).

This value is used when displaying data which may include legacy signatures.

alias of Literal[‘MD5’, ‘SHA1’] | Literal[‘SHA-224’, ‘SHA-256’, ‘SHA-384’, ‘SHA-512’, ‘SHA3/224’, ‘SHA3/256’, ‘SHA3/384’, ‘SHA3/512’]

django_ca.typehints.SignatureHashAlgorithmWithLegacy = cryptography.hazmat.primitives.hashes.MD5 | cryptography.hazmat.primitives.hashes.SHA1 | cryptography.hazmat.primitives.hashes.SHA224 | cryptography.hazmat.primitives.hashes.SHA256 | cryptography.hazmat.primitives.hashes.SHA384 | cryptography.hazmat.primitives.hashes.SHA512 | cryptography.hazmat.primitives.hashes.SHA3_224 | cryptography.hazmat.primitives.hashes.SHA3_256 | cryptography.hazmat.primitives.hashes.SHA3_384 | cryptography.hazmat.primitives.hashes.SHA3_512

SignatureHashAlgorithm plus insecure legacy algorithms (MD5 and SHA1).

TypeVars for generics

typehints.ExtensionTypeTypeVar = ~ExtensionTypeTypeVar

A TypeVar bound to ExtensionType.