common Package

health Module

lemur.common.health.health()
lemur.common.health.healthcheck(db)

managers Module

class lemur.common.managers.InstanceManager(class_list=None, instances=True)

Bases: object

add(class_path)
all()

Returns a list of cached instances.

get_class_list()
remove(class_path)
update(class_list)

Updates the class list and wipes the cache.

utils Module

lemur.common.utils.base64encode(string)
lemur.common.utils.check_cert_signature(cert, issuer_public_key)

Check a certificate’s signature against an issuer public key. Before EC validation, make sure we support the algorithm, otherwise raise UnsupportedAlgorithm On success, returns None; on failure, raises UnsupportedAlgorithm or InvalidSignature.

lemur.common.utils.column_windows(session, column, windowsize)

Return a series of WHERE clauses against a given column that break it into windows.

Result is an iterable of tuples, consisting of ((start, end), whereclause), where (start, end) are the ids.

Requires a database that supports window functions, i.e. Postgresql, SQL Server, Oracle.

Enhance this yourself ! Add a “where” argument so that windows of just a subset of rows can be computed.

lemur.common.utils.convert_pkcs7_bytes_to_pem(certs_pkcs7)

Given a list of certificates in pkcs7 encoding (bytes), covert them into a list of PEM encoded files :raises ValueError or ValidationError :param certs_pkcs7: :return: list of certs in PEM format

lemur.common.utils.find_matching_certificates_by_hash(cert, matching_certs)

Given a Cryptography-formatted certificate cert, and Lemur-formatted certificates (matching_certs), determine if any of the certificate hashes match and return the matches.

lemur.common.utils.generate_private_key(key_type)

Generates a new private key based on key_type.

Valid key types: RSA2048, RSA4096’, ‘ECCPRIME192V1’, ‘ECCPRIME256V1’, ‘ECCSECP192R1’,

‘ECCSECP224R1’, ‘ECCSECP256R1’, ‘ECCSECP384R1’, ‘ECCSECP521R1’, ‘ECCSECP256K1’, ‘ECCSECT163K1’, ‘ECCSECT233K1’, ‘ECCSECT283K1’, ‘ECCSECT409K1’, ‘ECCSECT571K1’, ‘ECCSECT163R2’, ‘ECCSECT233R1’, ‘ECCSECT283R1’, ‘ECCSECT409R1’, ‘ECCSECT571R2’

Parameters

key_type

Returns

lemur.common.utils.get_authority_key(body)

Returns the authority key for a given certificate in hex format

lemur.common.utils.get_key_type_from_certificate(body)

Helper function to determine key type by pasrding given PEM certificate

Parameters

body – PEM string

Returns

Key type string

lemur.common.utils.get_key_type_from_ec_curve(curve_name)

Give an EC curve name, return the matching key_type.

Param

curve_name

Returns

key_type

lemur.common.utils.get_psuedo_random_string()

Create a random and strongish challenge.

lemur.common.utils.is_selfsigned(cert)

Returns True if the certificate is self-signed. Returns False for failed verification or unsupported signing algorithm.

lemur.common.utils.is_weekend(date)

Determines if a given date is on a weekend.

Parameters

date

Returns

lemur.common.utils.parse_cert_chain(pem_chain)

Helper function to split and parse a series of PEM certificates.

Parameters

pem_chain – string

Returns

List of parsed certificates

lemur.common.utils.parse_certificate(body)

Helper function that parses a PEM certificate.

Parameters

body

Returns

lemur.common.utils.parse_csr(csr)

Helper function that parses a CSR.

Parameters

csr

Returns

lemur.common.utils.parse_private_key(private_key)

Parses a PEM-format private key (RSA, DSA, ECDSA or any other supported algorithm).

Raises ValueError for an invalid string. Raises AssertionError when passed value is not str-type.

Parameters

private_key – String containing PEM private key

lemur.common.utils.split_pem(data)

Split a string of several PEM payloads to a list of strings.

Parameters

data – String

Returns

List of strings

lemur.common.utils.truthiness(s)

If input string resembles something truthy then return True, else False.

lemur.common.utils.validate_conf(app, required_vars)

Ensures that the given fields are set in the applications conf.

Parameters
  • app

  • required_vars – list

lemur.common.utils.windowed_query(q, column, windowsize)

“Break a Query into windows on a given column.