pem is an MIT-licensed Python module for parsing and splitting of PEM files, i.e. Base64 encoded DER keys and certificates.
It runs on Python 2.6, 2.7, 3.3, 3.4, and PyPy 2.0+, has no dependencies and does not attempt to interpret the certificate data in any way.
pem is intended to ease the handling of PEM files in combination with PyOpenSSL and – by extension – Twisted.
It’s born from the need to load keys, certificates, trust chains, and DH parameters from various certificate deployments: some servers (like Apache) expect them to be a separate file while others (like nginx) expect them concatenated to the server certificate.
To be able to cope with both scenarios in Python, pem was born:
>>> import pem
>>> certs = pem.parse_file("chain.pem")
>>> certs
[<Certificate(PEM string with SHA-1 digest '...')>, <Certificate(PEM string with SHA-1 digest '...')>]
>>> str(certs[0])
'-----BEGIN CERTIFICATE-----\n...'Additionally to the vanilla parsing code, pem also contains helpers for Twisted that save a lot of boilerplate code.
pem’s documentation lives at Read the Docs, the code on GitHub.