Certificate
***********

Parsing for Tor Ed25519 certificates, which are used to for a variety
of purposes…

   * validating the key used to sign server descriptors

   * validating the key used to sign hidden service v3 descriptors

   * signing and encrypting hidden service v3 indroductory points

New in version 1.6.0.

**Module Overview:**

   Ed25519Certificate - Ed25519 signing key certificate
     | +- Ed25519CertificateV1 - version 1 Ed25519 certificate
     |      |- is_expired - checks if certificate is presently expired
     |      |- signing_key - certificate signing key
     |      +- validate - validates a descriptor's signature
     |
     |- from_base64 - decodes a base64 encoded certificate
     |- to_base64 - base64 encoding of this certificate
     |
     |- unpack - decodes a byte encoded certificate
     +- pack - byte encoding of this certificate

   Ed25519Extension - extension included within an Ed25519Certificate

stem.descriptor.certificate.CertType(enum)

   Purpose of Ed25519 certificate. For more information see…

      * cert-spec.txt section A.1

      * rend-spec-v3.txt appendix E

   Deprecated since version 1.8.0: Replaced with
   "stem.client.datatype.CertType"

   +--------------------------+---------------------------------------------------------+
   | CertType                 | Description                                             |
   |==========================|=========================================================|
   | **SIGNING**              | signing key with an identity key                        |
   +--------------------------+---------------------------------------------------------+
   | **LINK_CERT**            | TLS link certificate signed with ed25519 signing key    |
   +--------------------------+---------------------------------------------------------+
   | **AUTH**                 | authentication key signed with ed25519 signing key      |
   +--------------------------+---------------------------------------------------------+
   | **HS_V3_DESC_SIGNING**   | hidden service v3 short-term descriptor signing key     |
   +--------------------------+---------------------------------------------------------+
   | **HS_V3_INTRO_AUTH**     | hidden service v3 introductory point authentication key |
   +--------------------------+---------------------------------------------------------+
   | **HS_V3_INTRO_ENCRYPT**  | hidden service v3 introductory point encryption key     |
   +--------------------------+---------------------------------------------------------+

stem.descriptor.certificate.ExtensionType(enum)

   Recognized exception types.

   +----------------------+-------------------------------------------+
   | ExtensionType        | Description                               |
   |======================|===========================================|
   | **HAS_SIGNING_KEY**  | includes key used to sign the certificate |
   +----------------------+-------------------------------------------+

stem.descriptor.certificate.ExtensionFlag(enum)

   Flags that can be assigned to Ed25519 certificate extensions.

   +------------------------+-----------------------------------------------------+
   | ExtensionFlag          | Description                                         |
   |========================|=====================================================|
   | **AFFECTS_VALIDATION** | extension affects whether the certificate is valid  |
   +------------------------+-----------------------------------------------------+
   | **UNKNOWN**            | extension includes flags not yet recognized by stem |
   +------------------------+-----------------------------------------------------+
