SecureBlackbox Lite 2020 Python Edition

Questions / Feedback?

CRLManager Class

Properties   Methods   Events   Configuration Settings   Errors  

The CRLManager class supports the importing, exporting, and validation of Certificate Revocation Lists (CRLs).

Syntax

class secureblackboxlite.CRLManager

Remarks

CRLs store information about revoked certificates, i.e., certificates that have been identified as invalid for any number of reasons by the issuing certificate authority (CA). CRLs identify certificates by their serial numbers. Therefore, by knowing the certificate's SerialNumber, its validity status can be checked against a CRL.

Each CRL corresponds to one issuing point, and each Certificate Authority (CA) certificate can have a corresponding CRL which contains information about the certificates signed with this CA certificate.

CAs are not required to issue CRLs if other revocation or certificate status mechanisms are provided. Each CRL must contain the date by which the next CRL will be issued. This date is specified by the NextUpdate field.

Property List


The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

ca_cert_bytesReturns raw certificate data in DER format.
ca_cert_handleAllows to get or set a 'handle', a unique identifier of the underlying property object.
crl_bytesReturns raw CRL data in DER format.
crlca_key_idA unique identifier (fingerprint) of the CA certificate's private key, if present in the CRL.
crl_entry_countReturns the number of certificate status entries in the CRL.
crl_handleAllows to get or set a 'handle', a unique identifier of the underlying property object.
crl_issuerThe common name of the CRL issuer (CA), typically a company name.
crl_issuer_rdnA collection of information, in the form of [OID, Value] pairs, uniquely identifying the CRL issuer.
crl_locationThe URL that the CRL was downloaded from.
crl_next_updateThe planned time and date of the next version of this CRL to be published.
crl_sig_algorithmThe public key algorithm that was used by the CA to sign this CRL.
crltbsThe to-be-signed part of the CRL (the CRL without the signature part).
crl_this_updateThe date and time at which this version of the CRL was published.
entry_countThe number of items in the CRL.
crl_entry_info_cert_statusReturns the status of the certificate.
crl_entry_info_handleAllows to get or set a 'handle', a unique identifier of the underlying property object.
crl_entry_info_revocation_dateThe time and date when the certificate gets revoked or cancelled.
crl_entry_info_revocation_reasonSpecifies the reason for certificate revocation.
crl_entry_info_serial_numberThe certificate serial number.
external_crypto_custom_paramsCustom parameters to be passed to the signing service (uninterpreted).
external_crypto_dataAdditional data to be included in the async state and mirrored back by the requestor.
external_crypto_external_hash_calculationSpecifies whether the message hash is to be calculated at the external endpoint.
external_crypto_hash_algorithmSpecifies the request's signature hash algorithm.
external_crypto_key_idThe ID of the pre-shared key used for DC request authentication.
external_crypto_key_secretThe pre-shared key used for DC request authentication.
external_crypto_methodSpecifies the asynchronous signing method.
external_crypto_modeSpecifies the external cryptography mode.
external_crypto_public_key_algorithmProvide public key algorithm here if the certificate is not available on the pre-signing stage.

Method List


The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

addAdds a new revoked certificate entry.
clearEmpties the CRL.
configSets or retrieves a configuration setting.
downloadDownloads a CRL from the specified location.
get_cert_entry_indexReturns the index of the CRL item by the certificate's serial number.
loadLoads a CRL from a byte array.
load_from_fileLoads a CRL from a file.
removeRemoves the specified entry from the CRL.
saveSaves the CRL to a byte array.
save_to_fileSaves the CRL to a file.
select_entryFetches revocation information about the selected certificate from the CRL.
validateValidates the CRL signature.

Event List


The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

on_errorInformation about errors during CRL management.
on_external_signHandles remote or external signing initiated by the SignExternal method or other source.
on_notificationThis event notifies the application about an underlying control flow event.

Configuration Settings


The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.

Copyright (c) 2022 /n software inc. - All rights reserved.
SecureBlackbox Lite 2020 Python Edition - Version 20.0 [Build 8166]