API Reference

Core

See Core API for examples.

Parsers

pem.parse(pem_str)

Extract PEM-like objects from pem_str.

Parameters

pem_str (bytes) – String to parse.

Returns

list of PEM Objects

pem.parse_file(file_name)

Read file_name and parse PEM objects from it using parse().

PEM Objects

The following objects can be returned by the parsing functions.

class pem.Certificate(AbstractPEMObject)

A certificate.

class pem.OpenSSLTrustedCertificate(Certificate)

An OpenSSL “trusted certificate”.

New in version 21.2.0.

class pem.Key(AbstractPEMObject)

A key of unknown type.

class pem.PrivateKey(Key)

A private key of unknown type.

New in version 19.1.0.

class pem.PublicKey(Key)

A public key of unknown type.

New in version 19.1.0.

class pem.RSAPrivateKey(PrivateKey)

A private RSA key.

class pem.RSAPublicKey(PublicKey)

A public RSA key.

New in version 19.1.0.

class pem.ECPrivateKey(PrivateKey)

A private EC key.

New in version 19.2.0.

class pem.DSAPrivateKey(PrivateKey)

A private DSA key.

Also private DSA key in OpenSSH legacy PEM format.

New in version 21.1.0.

class pem.OpenSSHPrivateKey(PrivateKey)

OpenSSH private key format

New in version 19.3.0.

class pem.SSHPublicKey(Key)

A public key in SSH RFC 4716 format.

The Secure Shell (SSH) Public Key File Format.

New in version 21.1.0.

class pem.SSHCOMPrivateKey(PrivateKey)

A private key in SSH.COM / Tectia format.

New in version 21.1.0.

class pem.DHParameters(AbstractPEMObject)

Diffie-Hellman parameters for DHE.

class pem.CertificateRequest(AbstractPEMObject)

A certificate signing request.

New in version 17.1.0.

class pem.CertificateRevocationList(AbstractPEMObject)

A certificate revocation list.

New in version 18.2.0.

Their shared provided API is minimal:

class pem.AbstractPEMObject(pem_bytes)

Base class for parsed objects.

__str__()

Return the PEM-encoded content as a native str.

as_bytes()

Return the PEM-encoded content as bytes.

New in version 16.1.0.

as_text()

Return the PEM-encoded content as Unicode text.

New in version 18.1.0.

property sha1_hexdigest

A SHA-1 digest of the whole object for easy differentiation.

New in version 18.1.0.

Changed in version 20.1.0: Carriage returns are removed before hashing to give the same hashes on Windows and UNIX-like operating systems.

Twisted

See Twisted for examples.