Messages

ACME protocol messages.

acme.messages.is_acme_error(err)[source]

Check if argument is an ACME error.

exception acme.messages.Error(**kwargs)[source]

Bases: josepy.json_util.JSONObjectWithFields, acme.errors.Error

ACME error.

https://tools.ietf.org/html/draft-ietf-appsawg-http-problem-00

Variables:
  • typ (unicode) –
  • title (unicode) –
  • detail (unicode) –
classmethod with_code(code, **kwargs)[source]

Create an Error instance with an ACME Error code.

Unicode code:An ACME error code, like ‘dnssec’.
Kwargs:kwargs to pass to Error.
description

Hardcoded error description based on its type.

Returns:Description if standard ACME error or None.
Return type:unicode
code

ACME error code.

Basically self.typ without the ERROR_PREFIX.

Returns:error code if standard ACME code or None.
Return type:unicode
class acme.messages._Constant(name)[source]

Bases: josepy.interfaces.JSONDeSerializable, _abcoll.Hashable

ACME constant.

to_partial_json()[source]

Partially serialize.

Following the example, partial serialization means the following:

assert isinstance(Bar().to_partial_json()[0], Foo)
assert isinstance(Bar().to_partial_json()[1], Foo)

# in particular...
assert Bar().to_partial_json() != ['foo', 'foo']
Raises:josepy.errors.SerializationError – in case of any serialization error.
Returns:Partially serializable object.
classmethod from_json(jobj)[source]

Deserialize a decoded JSON document.

Parameters:jobj – Python object, composed of only other basic data types, as decoded from JSON document. Not necessarily dict (as decoded from “JSON object” document).
Raises:josepy.errors.DeserializationError – if decoding was unsuccessful, e.g. in case of unparseable X509 certificate, or wrong padding in JOSE base64 encoded string, etc.
class acme.messages.Status(name)[source]

Bases: acme.messages._Constant

ACME “status” field.

class acme.messages.IdentifierType(name)[source]

Bases: acme.messages._Constant

ACME identifier type.

class acme.messages.Identifier(**kwargs)[source]

Bases: josepy.json_util.JSONObjectWithFields

ACME identifier.

Variables:
class acme.messages.Directory(jobj)[source]

Bases: josepy.interfaces.JSONDeSerializable

Directory.

class Meta(**kwargs)[source]

Bases: josepy.json_util.JSONObjectWithFields

Directory Meta.

terms_of_service

URL for the CA TOS

classmethod register(resource_body_cls)[source]

Register resource.

to_partial_json()[source]

Partially serialize.

Following the example, partial serialization means the following:

assert isinstance(Bar().to_partial_json()[0], Foo)
assert isinstance(Bar().to_partial_json()[1], Foo)

# in particular...
assert Bar().to_partial_json() != ['foo', 'foo']
Raises:josepy.errors.SerializationError – in case of any serialization error.
Returns:Partially serializable object.
classmethod from_json(jobj)[source]

Deserialize a decoded JSON document.

Parameters:jobj – Python object, composed of only other basic data types, as decoded from JSON document. Not necessarily dict (as decoded from “JSON object” document).
Raises:josepy.errors.DeserializationError – if decoding was unsuccessful, e.g. in case of unparseable X509 certificate, or wrong padding in JOSE base64 encoded string, etc.
class acme.messages.Resource(**kwargs)[source]

Bases: josepy.json_util.JSONObjectWithFields

ACME Resource.

Variables:body (acme.messages.ResourceBody) – Resource body.
class acme.messages.ResourceWithURI(**kwargs)[source]

Bases: acme.messages.Resource

ACME Resource with URI.

Variables:uri (unicode) – Location of the resource.
class acme.messages.ResourceBody(**kwargs)[source]

Bases: josepy.json_util.JSONObjectWithFields

ACME Resource Body.

class acme.messages.ExternalAccountBinding[source]

Bases: object

ACME External Account Binding

classmethod from_data(account_public_key, kid, hmac_key, directory)[source]

Create External Account Binding Resource from contact details, kid and hmac.

class acme.messages.Registration(**kwargs)[source]

Bases: acme.messages.ResourceBody

Registration Resource Body.

Variables:
  • key (josepy.jwk.JWK) – Public key.
  • contact (tuple) – Contact information following ACME spec, tuple of unicode.
  • agreement (unicode) –
classmethod from_data(phone=None, email=None, external_account_binding=None, **kwargs)[source]

Create registration resource from contact details.

phones

All phones found in the contact field.

emails

All emails found in the contact field.

class acme.messages.NewRegistration(**kwargs)[source]

Bases: acme.messages.Registration

New registration.

class acme.messages.UpdateRegistration(**kwargs)[source]

Bases: acme.messages.Registration

Update registration.

class acme.messages.RegistrationResource(**kwargs)[source]

Bases: acme.messages.ResourceWithURI

Registration Resource.

Variables:
class acme.messages.ChallengeBody(**kwargs)[source]

Bases: acme.messages.ResourceBody

Challenge Resource Body.

Todo

Confusingly, this has a similar name to challenges.Challenge, as well as achallenges.AnnotatedChallenge. Please use names such as challb to distinguish instances of this class from achall.

Variables:
encode(name)[source]

Encode a single field.

Parameters:

name (str) – Name of the field to be encoded.

Raises:
  • errors.SerializationError – if field cannot be serialized
  • errors.Error – if field could not be found
to_partial_json()[source]

Partially serialize.

Following the example, partial serialization means the following:

assert isinstance(Bar().to_partial_json()[0], Foo)
assert isinstance(Bar().to_partial_json()[1], Foo)

# in particular...
assert Bar().to_partial_json() != ['foo', 'foo']
Raises:josepy.errors.SerializationError – in case of any serialization error.
Returns:Partially serializable object.
classmethod fields_from_json(jobj)[source]

Deserialize fields from JSON.

uri

The URL of this challenge.

class acme.messages.ChallengeResource(**kwargs)[source]

Bases: acme.messages.Resource

Challenge Resource.

Variables:
uri

The URL of the challenge body.

class acme.messages.Authorization(**kwargs)[source]

Bases: acme.messages.ResourceBody

Authorization Resource Body.

Variables:
resolved_combinations

Combinations with challenges instead of indices.

class acme.messages.NewAuthorization(**kwargs)[source]

Bases: acme.messages.Authorization

New authorization.

class acme.messages.UpdateAuthorization(**kwargs)[source]

Bases: acme.messages.Authorization

Update authorization.

class acme.messages.AuthorizationResource(**kwargs)[source]

Bases: acme.messages.ResourceWithURI

Authorization Resource.

Variables:
class acme.messages.CertificateRequest(**kwargs)[source]

Bases: josepy.json_util.JSONObjectWithFields

ACME new-cert request.

Variables:csr (josepy.util.ComparableX509) – OpenSSL.crypto.X509Req wrapped in ComparableX509
class acme.messages.CertificateResource(**kwargs)[source]

Bases: acme.messages.ResourceWithURI

Certificate Resource.

Variables:
class acme.messages.Revocation(**kwargs)[source]

Bases: josepy.json_util.JSONObjectWithFields

Revocation message.

Variables:certificate (ComparableX509) – OpenSSL.crypto.X509 wrapped in ComparableX509
class acme.messages.Order(**kwargs)[source]

Bases: acme.messages.ResourceBody

Order Resource Body.

Variables:
  • of .Identifier (list) – List of identifiers for the certificate.
  • status (acme.messages.Status) –
  • of str authorizations (list) – URLs of authorizations.
  • certificate (str) – URL to download certificate as a fullchain PEM.
  • finalize (str) – URL to POST to to request issuance once all authorizations have “valid” status.
  • expires (datetime.datetime) – When the order expires.
  • error (Error) – Any error that occurred during finalization, if applicable.
class acme.messages.OrderResource(**kwargs)[source]

Bases: acme.messages.ResourceWithURI

Order Resource.

Variables:
  • body (acme.messages.Order) –
  • csr_pem (str) – The CSR this Order will be finalized with.
  • of acme.messages.AuthorizationResource authorizations (list) – Fully-fetched AuthorizationResource objects.
  • fullchain_pem (str) – The fetched contents of the certificate URL produced once the order was finalized, if it’s present.
class acme.messages.NewOrder(**kwargs)[source]

Bases: acme.messages.Order

New order.