Source code for ssllabs.chain
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# Copyright © 2016 Taylor C. Richberger <taywee@gmx.com>
# This code is released under the license described in the LICENSE file
from __future__ import division, absolute_import, print_function, unicode_literals
from datetime import datetime, timedelta
from ssllabs.chaincert import ChainCert
from ssllabs.object import Object
from ssllabs.util import objectornone
[docs]class Chain(Object):
'''object that can be used to access the chain of an endpoint, accessed from :meth:`ssllabs.endpointdetails.EndpointDetails.chain`'''
def __init__(self, data):
self.__certs = [ChainCert(cert) for cert in data.get('certs', list())]
self.__issues = objectornone(Issues, data, 'issues')
@property
def certs(self):
'''a list of :class:`ssllabs.chaincert.ChainCert` objects, representing
the chain certificates in the order in which they were retrieved from
the server'''
return self.__certs
@property
def issues(self):
'''list of chain issues as an :class:`Issues` object'''
return self.__issues
[docs]class Issues(object):
'''Issues that may be present, from :meth:`Chain.issues`'''
def __init__(self, data):
self.__addedexternal = bool(1 & data)
self.__incompletechain = bool(2 & data)
self.__unrelated = bool(4 & data)
self.__wrongorder = bool(8 & data)
self.__selfsignedroot = bool(16 & data)
self.__couldnotvalidate = bool(32 & data)
@property
def addedexternal(self):
'''if we added external certificates'''
return self.__addedexternal
@property
def incompletechain(self):
'''incomplete chain (set only when we were able to build a chain by
adding missing intermediate certificates from external sources)'''
return self.__incompletechain
@property
def unrelated(self):
'''chain contains unrelated or duplicate certificates (i.e.,
certificates that are not part of the same chain)'''
return self.__unrelated
@property
def wrongorder(self):
'''the certificates form a chain (trusted or not), but the order is
incorrect'''
return self.__wrongorder
@property
def selfsignedroot(self):
'''contains a self-signed root certificate (not set for self-signed
leafs)'''
return self.__selfsignedroot
@property
def couldnotvalidate(self):
'''the certificates form a chain (if we added external certificates,
:meth`addedexternal` will be set), but we could not validate it. If the
leaf was trusted, that means that we built a different chain we
trusted.'''
return self.__couldnotvalidate