diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-08-08 15:41:54 -0500 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-08-08 15:53:47 -0500 |
| commit | cc671824ad133df93bbf903ef2d363b54b5835a9 (patch) | |
| tree | c15fe2d3cecead97b41d395e770a068b5c4ba2d5 | |
| parent | 26ac47f1326fb4b8909d40ea0683eafcb9bd858e (diff) | |
| download | cryptography-cc671824ad133df93bbf903ef2d363b54b5835a9.tar.gz cryptography-cc671824ad133df93bbf903ef2d363b54b5835a9.tar.bz2 cryptography-cc671824ad133df93bbf903ef2d363b54b5835a9.zip | |
address review comments
| -rw-r--r-- | docs/x509/reference.rst | 17 | ||||
| -rw-r--r-- | src/cryptography/x509.py | 2 |
2 files changed, 12 insertions, 7 deletions
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst index 930c7f9f..d86ebbe8 100644 --- a/docs/x509/reference.rst +++ b/docs/x509/reference.rst @@ -1176,14 +1176,19 @@ X.509 Extensions ASN.1 bit string. This is the first recommendation in :rfc:`5280` section 4.2.1.2. - :param certificate: The issuing :class:`~cryptography.x509.Certificate`. + :param public_key: One of + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey` + , + :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` + , or + :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey`. .. doctest:: >>> from cryptography import x509 >>> from cryptography.hazmat.backends import default_backend - >>> cert = x509.load_pem_x509_certificate(pem_data, default_backend()) - >>> x509.AuthorityKeyIdentifier.from_issuer_public_key(cert.public_key()) + >>> issuer_cert = x509.load_pem_x509_certificate(pem_data, default_backend()) + >>> x509.AuthorityKeyIdentifier.from_issuer_public_key(issuer_cert.public_key()) <AuthorityKeyIdentifier(key_identifier='X\x01\x84$\x1b\xbc+R\x94J=\xa5\x10r\x14Q\xf5\xaf:\xc9', authority_cert_issuer=None, authority_cert_serial_number=None)> .. class:: SubjectKeyIdentifier @@ -1228,9 +1233,9 @@ X.509 Extensions >>> from cryptography import x509 >>> from cryptography.hazmat.backends import default_backend - >>> cert = x509.load_pem_x509_certificate(pem_data, default_backend()) - >>> x509.SubjectKeyIdentifier.from_public_key(cert.public_key()) - <SubjectKeyIdentifier(digest='X\x01\x84$\x1b\xbc+R\x94J=\xa5\x10r\x14Q\xf5\xaf:\xc9')> + >>> csr = x509.load_pem_x509_csr(pem_req_data, default_backend()) + >>> x509.SubjectKeyIdentifier.from_public_key(csr.public_key()) + <SubjectKeyIdentifier(digest='\xdb\xaa\xf0\x06\x11\xdbD\xfe\xbf\x93\x03\x8av\x88WP7\xa6\x91\xf7')> .. class:: SubjectAlternativeName diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py index 3f306e3a..713e92a2 100644 --- a/src/cryptography/x509.py +++ b/src/cryptography/x509.py @@ -41,10 +41,10 @@ def _key_identifier_from_public_key(public_key): spki, remaining = decoder.decode( serialized, asn1Spec=_SubjectPublicKeyInfo() ) + assert not remaining # the univ.BitString object is a tuple of bits. We need bytes and # pyasn1 really doesn't want to give them to us. To get it we'll # build an integer and convert that to bytes. - assert not remaining bits = 0 for bit in spki.getComponentByName("subjectPublicKey"): bits = bits << 1 | bit |