diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2014-07-10 12:53:00 -0700 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2014-07-10 12:53:00 -0700 |
| commit | 9883e4e970cd8ed3bcdb58ee4679fb166fb0c391 (patch) | |
| tree | 52a79147489f9e0ce346bcf5d72963223b58dcb1 | |
| parent | 32989282ff36de4d000afe71484c5711c9619faa (diff) | |
| download | cryptography-9883e4e970cd8ed3bcdb58ee4679fb166fb0c391.tar.gz cryptography-9883e4e970cd8ed3bcdb58ee4679fb166fb0c391.tar.bz2 cryptography-9883e4e970cd8ed3bcdb58ee4679fb166fb0c391.zip | |
Document what the PEM headers look like in more cases
| -rw-r--r-- | docs/hazmat/primitives/asymmetric/serialization.rst | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst index 0525ed74..2a70146f 100644 --- a/docs/hazmat/primitives/asymmetric/serialization.rst +++ b/docs/hazmat/primitives/asymmetric/serialization.rst @@ -28,9 +28,11 @@ methods. PKCS #8 Format ~~~~~~~~~~~~~~ -PKCS #8 is a serialization format originally standardized by RSA and -currently maintained by the IETF in :rfc:`5208`. It supports password based -encryption and additional key metadata attributes. +PKCS #8 is a serialization format originally standardized by RSA and currently +maintained by the IETF in :rfc:`5208`. It supports password based encryption +and additional key metadata attributes. These keys are recognizable because +they all begin with ``-----BEGIN PRIVATE KEY-----`` or with ``-----BEGIN +ENCRYPTED PRIVATE KEY-----`` if they have a password. .. function:: load_pkcs8_private_key(data, password, backend) @@ -44,6 +46,7 @@ encryption and additional key metadata attributes. :param bytes password: The password to use to decrypt the data. Should be ``None`` if the private key is not encrypted. + :param backend: A :class:`~cryptography.hazmat.backends.interfaces.PKCS8SerializationBackend` provider. @@ -65,11 +68,11 @@ encryption and additional key metadata attributes. Traditional OpenSSL Format ~~~~~~~~~~~~~~~~~~~~~~~~~~ -The "traditional" PKCS #1 based serialization format used by OpenSSL. -It supports password based symmetric key encryption. Commonly found in -OpenSSL based TLS applications. It is usually found in PEM format with a -header that mentions the type of the serialized key. e.g. -``-----BEGIN RSA PRIVATE KEY-----``. +The "traditional" PKCS #1 based serialization format used by OpenSSL. It +supports password based symmetric key encryption. Commonly found in OpenSSL +based TLS applications. It is usually found in PEM format with a header that +mentions the type of the serialized key. e.g. ``-----BEGIN RSA PRIVATE +KEY-----`` or ``-----BEGIN DSA PRIVATE KEY-----``. .. function:: load_pem_traditional_openssl_private_key(data, password, backend) @@ -82,6 +85,7 @@ header that mentions the type of the serialized key. e.g. :param bytes password: The password to use to decrypt the data. Should be ``None`` if the private key is not encrypted. + :param backend: A :class:`~cryptography.hazmat.backends.interfaces.TraditionalOpenSSLSerializationBackend` provider. |