Metadata-Version: 2.1
Name: crl-checker
Version: 2.0.0
Summary: Check if certificate is revoked using the x509 CRL extension
Home-page: https://github.com/fulder/crl-checker
License: MIT
Author: Michal Sadowski
Author-email: misad90@gmail.com
Requires-Python: >=3.8.1,<4.0.0
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.8
Classifier: Topic :: Security :: Cryptography
Requires-Dist: pki-tools (>=0.0.31,<0.0.32)
Project-URL: Bug Tracker, https://github.com/fulder/crl-checker/issues
Project-URL: Repository, https://github.com/fulder/crl-checker
Description-Content-Type: text/markdown

## :warning: Library deprecated, please migrate to [pki-tools](https://github.com/fulder/pki-tools) :warning: 

![Python Badge](https://img.shields.io/badge/python-3.8%2B-blue.svg?style=for-the-badge&logo=python)

# crl-checker

This small python library checks if a specific certificate is revoked using the
CRL defined in the x509 CRL distribution points
extension (https://datatracker.ietf.org/doc/html/rfc5280.html#section-4.2.1.13)

# Installation

`pip install crl-checker`

# Usage

Checking revocation using PEM encoded certificate
```python3
from crl_checker import check_revoked, Revoked, Error

cert_pem = """
-----BEGIN CERTIFICATE-----
<CERTIFICATE_PEM_BYTES>
-----END CERTIFICATE-----
"""
crl_issuer_pem = """
-----BEGIN CERTIFICATE-----
<CERTIFICATE_PEM_BYTES>
-----END CERTIFICATE-----
"""

try:
    check_revoked(cert_pem, crl_issuer_pem)
except Revoked as e:
    print(f"Certificate revoked: {e}")
except Error as e:
    print(f"Revocation check failed. Error: {e}")
    raise
```

Checking revocation using an already loaded cryptography [x509.Certificate](https://cryptography.io/en/latest/x509/reference/#cryptography.x509.Certificate):

```python3
from cryptography import x509
from crl_checker import check_revoked_crypto_cert, Revoked, Error

cert : x509.Certificate = ...
chain: x509.Certificate = ...

try:
    check_revoked_crypto_cert(cert, chain)
except Revoked as e:
    print(f"Certificate revoked: {e}")
except Error as e:
    print(f"Revocation check failed. Error: {e}")
    raise
```

