{"id":16934476,"url":"https://github.com/heavenvolkoff/secure_context","last_synced_at":"2025-03-21T04:22:10.845Z","repository":{"id":90550094,"uuid":"426122780","full_name":"HeavenVolkoff/secure_context","owner":"HeavenVolkoff","description":"Utilities for creation of SSL/TLS security contexts for servers and clients","archived":false,"fork":false,"pushed_at":"2023-10-06T07:16:42.000Z","size":101,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-02T01:44:14.394Z","etag":null,"topics":["certificate","https","openssl","security","ssl","tls"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/HeavenVolkoff.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-11-09T06:54:58.000Z","updated_at":"2021-11-15T17:20:23.000Z","dependencies_parsed_at":null,"dependency_job_id":"c4de63ed-b33a-412a-b2e3-3584e04b3ff6","html_url":"https://github.com/HeavenVolkoff/secure_context","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HeavenVolkoff%2Fsecure_context","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HeavenVolkoff%2Fsecure_context/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HeavenVolkoff%2Fsecure_context/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HeavenVolkoff%2Fsecure_context/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/HeavenVolkoff","download_url":"https://codeload.github.com/HeavenVolkoff/secure_context/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244734384,"owners_count":20501057,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["certificate","https","openssl","security","ssl","tls"],"created_at":"2024-10-13T20:52:15.442Z","updated_at":"2025-03-21T04:22:10.822Z","avatar_url":"https://github.com/HeavenVolkoff.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Secure Context\n\nUtilities for creation of SSL/TLS security contexts for servers and clients\n\n\u003e The purpose of this module is to expose, simple to use, secure definitions that follow current, community agreed,\n\u003e standards. As of now it offers methods for creation of client and server secure contexts.\n\nIt is __STRONGLY RECOMMENDED__ that you __READ__ the __CODE BEFORE__ considering __USING__ this library.\nI am __NOT RESPONSIBLE__ if your product is hacked or cats become humans overlords due to usage of this code.\n\n## Documentation\n\nCurrently, only two functions are exported:\n\n```python\ndef create_server_ssl_context(\n    cert_file: Union[Path, str],\n    key_file: Union[Path, str],\n    *,\n    ca_file: Optional[Union[Path, str]] = None,\n    ca_path: Optional[Union[Path, str]] = None,\n    ca_data: Optional[Union[bytes, str]] = None,\n    crl_file: Optional[Union[Path, str]] = None,\n    protocols: Optional[List[str]] = None,\n    ca_load_default: bool = False,\n) -\u003e ssl.SSLContext:\n    \"\"\"Create SSL context for TLS servers\n\n    Args:\n        cert_file: Path to SSL certificate file\n        key_file: Path to private key file\n        ca_file: Path to a file of concatenated CA certificates in PEM format\n        ca_path: Path to a directory containing CA certificates in PEM format, following an OpenSSL specific layout\n        ca_data: ASCII string of one or more PEM-encoded certificates or a bytes-like object of DER-encoded certificates\n        crl_file: Path to a certificate revocation list file\n        protocols: ALPN and NPN protocols accepted\n        ca_load_default: Whether to load system defaults (default: {False})\n\n    Note:\n        If any of `ca_file`, `ca_path`, `ca_data` are defined client authentication will be enabled, which requires all\n        clients to provide a accepted certificate to connect to the server.\n\n    Raises:\n        SSLError: Occurs if SSLContext creation fails\n        FileNotFoundError: Occurs if a file path is invalid\n\n    Returns:\n        SSL context\n\n    \"\"\"\n    ...\n```\n\n```python\ndef create_client_authentication_ssl_context(\n    cert_file: Union[Path, str],\n    key_file: Union[Path, str],\n    *,\n    ca_file: Optional[Union[Path, str]] = None,\n    ca_path: Optional[Union[Path, str]] = None,\n    ca_data: Optional[Union[bytes, str]] = None,\n    crl_file: Optional[Union[Path, str]] = None,\n    protocols: Optional[List[str]] = None,\n    check_hostname: bool = True,\n) -\u003e ssl.SSLContext:\n    \"\"\"Create SSL context for clients that require TLS client authentication\n\n    WARNING:\n        For clients that DO NOT require client authentication,\n        ssl.create_default_context should be used instead\n\n    Args:\n        cert_file: Path to SSL certificate file\n        key_file: Path to private key file\n        ca_file: Path to a file of concatenated CA certificates in PEM format\n        ca_path: Path to a directory containing CA certificates in PEM format, following an OpenSSL specific layout\n        ca_data: ASCII string of one or more PEM-encoded certificates or a bytes-like object of DER-encoded certificates\n        crl_file: Path to a certificate revocation list file\n        protocols: ALPN and NPN protocols accepted\n        check_hostname: Server hostname match (default: {False})\n\n    Raises:\n        SSLError: Occurs if SSLContext creation fails\n        FileNotFoundError: Occurs if a file path is invalid\n\n    Returns:\n        SSL context\n\n    \"\"\"\n    ...\n```\n\n## License\n\nCopyright © 2019-2023 Vítor Vasconcellos\n\n[BSD-3-Clause](./LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fheavenvolkoff%2Fsecure_context","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fheavenvolkoff%2Fsecure_context","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fheavenvolkoff%2Fsecure_context/lists"}