Pkcs11Certificate

class Pkcs11Certificate(**properties: Any)

Superclasses: Object, Object

Implemented Interfaces: Certificate

A certificate loaded from a PKCS#11 storage. It is also a valid Object and can be used as such.

Use lookup_issuer() to lookup the issuer of a given certificate in the PKCS#11 store.

Various common PKCS#11 certificate attributes are automatically loaded and are available via get_attributes().

Methods

class Pkcs11Certificate

get_attributes() → Attributes

Access the automatically loaded attributes for this certificate.

lookup_issuer(certificate: Certificate, cancellable: Cancellable | None = None) → Certificate

Lookup a the issuer of a certificate in the PKCS#11 storage. The lookup is done using the issuer DN of the certificate. No certificate chain verification is done. Use a crypto library to make trust decisions.

This call may block, see lookup_issuer() for the non-blocking version.

Will return None if no issuer certificate is found. Use error to determine if an error occurred.

Parameters:

• certificate – a Certificate

• cancellable – a Cancellable

lookup_issuer_async(certificate: Certificate, cancellable: Cancellable | None = None, callback: Callable[[...], None] | None = None, *user_data: Any) → None

Lookup a the issuer of a certificate in the PKCS#11 storage. The lookup is done using the issuer DN of the certificate. No certificate chain verification is done. Use a crypto library to make trust decisions.

When the operation is finished, callback will be called. You can then call lookup_issuer_finish() to get the result of the operation.

Parameters:

• certificate – a Certificate

• cancellable – a Cancellable

• callback – a AsyncReadyCallback to call when the operation completes

• user_data – the data to pass to callback function

lookup_issuer_finish(result: AsyncResult) → Certificate

Finishes an asynchronous operation started by lookup_issuer_async().

Will return None if no issuer certificate is found. Use error to determine if an error occurred.

Parameters:

result – the AsyncResult passed to the callback

new_from_uri(pkcs11_uri: str, cancellable: Cancellable | None = None) → Certificate | None

Lookup a certificate in the PKCS#11 storage by the given URI.

This call may block, see new_from_uri_async() for the non-blocking version.

Will return None if no certificate is found. Use error to determine if an error occurred.

Parameters:

• pkcs11_uri – a A PKCS ``11`` URI

• cancellable – a Cancellable

new_from_uri_async(pkcs11_uri: str, cancellable: Cancellable | None = None, callback: Callable[[...], None] | None = None, *user_data: Any) → None

Lookup a certificate in the PKCS#11 storage by the given URI.

When the operation is finished, callback will be called. You can then call new_from_uri_finish() to get the result of the operation.

Parameters:

• pkcs11_uri – a A PKCS ``11`` URI

• cancellable – a Cancellable

• callback – a AsyncReadyCallback to call when the operation completes

• user_data – the data to pass to callback function

new_from_uri_finish(result: AsyncResult) → Certificate | None

Finishes an asynchronous operation started by new_from_uri_async().

Will return None if no certificate is found. Use error to determine if an error occurred.

Parameters:

result – the AsyncResult passed to the callback

Properties

class Pkcs11Certificate

props.attributes: Attributes

Automatically loaded attributes for this certificate.

Fields

class Pkcs11Certificate

parent

pv