Adds method chaining to CSR builder.

author: Andre Caron <andre.l.caron@gmail.com> 2015-05-31 17:36:18 -0400
committer: Ian Cordasco <graffatcolmingov@gmail.com> 2015-06-24 13:35:49 -0500
commit: fc164c5e4fce2f6617b35887a5799ec10082b906 (patch)
tree: 4b34170789838d13eff45ed45ebaccb7075c536a
parent: eebe700861774a640f82391d2a4597d2fe6ff399 (diff)
download: cryptography-fc164c5e4fce2f6617b35887a5799ec10082b906.tar.gz
cryptography-fc164c5e4fce2f6617b35887a5799ec10082b906.tar.bz2
cryptography-fc164c5e4fce2f6617b35887a5799ec10082b906.zip
2 files changed, 42 insertions, 35 deletions
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 2ee1c3ef..c59de606 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -1445,13 +1445,13 @@ class RevokedCertificate(object):
 
 
 class CertificateSigningRequestBuilder(object):
-    def __init__(self):
+    def __init__(self, version=Version.v1, subject_name=None, extensions=[]):
         """
         Creates an empty X.509 certificate request (v1).
         """
         self._version = Version.v1
-        self._subject_name = None
-        self._extensions = []
+        self._subject_name = subject_name
+        self._extensions = extensions[:]
 
     def set_version(self, version):
         """
@@ -1459,7 +1459,9 @@ class CertificateSigningRequestBuilder(object):
         """
         if not isinstance(version, Version):
             raise TypeError('Expecting x509.Version object.')
-        self._version = version
+        return CertificateSigningRequestBuilder(
+            version, self._subject_name, self._extensions
+        )
 
     def set_subject_name(self, name):
         """
@@ -1467,7 +1469,9 @@ class CertificateSigningRequestBuilder(object):
         """
         if not isinstance(name, Name):
             raise TypeError('Expecting x509.Name object.')
-        self._subject_name = name
+        return CertificateSigningRequestBuilder(
+            self._version, name, self._extensions
+        )
 
     def add_extension(self, extension):
         """
@@ -1478,7 +1482,9 @@ class CertificateSigningRequestBuilder(object):
         for e in self._extensions:
             if e.oid == extension.oid:
                 raise ValueError('This extension has already been set.')
-        self._extensions.append(extension)
+        return CertificateSigningRequestBuilder(
+            self._version, self._subject_name, self._extensions + [extension]
+        )
 
     def sign(self, backend, private_key, algorithm):
         """
diff --git a/tests/test_x509.py b/tests/test_x509.py
index 85ef4b5c..981ad528 100644
--- a/tests/test_x509.py
+++ b/tests/test_x509.py
@@ -699,21 +699,21 @@ class TestCertificateSigningRequestBuilder(object):
             backend=backend,
         )
 
-        builder = x509.CertificateSigningRequestBuilder()
-        builder.set_version(x509.Version.v3)
-        builder.set_subject_name(x509.Name([
+        request = x509.CertificateSigningRequestBuilder().set_version(
+            x509.Version.v3
+        ).set_subject_name(x509.Name([
             x509.NameAttribute(x509.OID_COUNTRY_NAME, 'US'),
             x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, 'Texas'),
             x509.NameAttribute(x509.OID_LOCALITY_NAME, 'Austin'),
             x509.NameAttribute(x509.OID_ORGANIZATION_NAME, 'PyCA'),
             x509.NameAttribute(x509.OID_COMMON_NAME, 'cryptography.io'),
-        ]))
-        builder.add_extension(x509.Extension(
+        ])).add_extension(x509.Extension(
             x509.OID_BASIC_CONSTRAINTS,
             True,
             x509.BasicConstraints(True, 2),
-        ))
-        request = builder.sign(backend, private_key, hashes.SHA1())
+        )).sign(
+            backend, private_key, hashes.SHA1()
+        )
 
         assert isinstance(request.signature_hash_algorithm, hashes.SHA1)
         public_key = request.public_key()
@@ -740,21 +740,21 @@ class TestCertificateSigningRequestBuilder(object):
             backend=backend,
         )
 
-        builder = x509.CertificateSigningRequestBuilder()
-        builder.set_version(x509.Version.v3)
-        builder.set_subject_name(x509.Name([
+        request = x509.CertificateSigningRequestBuilder().set_version(
+            x509.Version.v3
+        ).set_subject_name(x509.Name([
             x509.NameAttribute(x509.OID_COUNTRY_NAME, 'US'),
             x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, 'Texas'),
             x509.NameAttribute(x509.OID_LOCALITY_NAME, 'Austin'),
             x509.NameAttribute(x509.OID_ORGANIZATION_NAME, 'PyCA'),
             x509.NameAttribute(x509.OID_COMMON_NAME, 'cryptography.io'),
-        ]))
-        builder.add_extension(x509.Extension(
+        ])).add_extension(x509.Extension(
             x509.OID_BASIC_CONSTRAINTS,
             True,
             x509.BasicConstraints(False, None),
-        ))
-        request = builder.sign(backend, private_key, hashes.SHA1())
+        )).sign(
+            backend, private_key, hashes.SHA1()
+        )
 
         assert isinstance(request.signature_hash_algorithm, hashes.SHA1)
         public_key = request.public_key()
@@ -775,12 +775,13 @@ class TestCertificateSigningRequestBuilder(object):
         assert basic_constraints.value.path_length is None
 
     def test_add_duplicate_extension(self, backend):
-        builder = x509.CertificateSigningRequestBuilder()
-        builder.add_extension(x509.Extension(
-            x509.OID_BASIC_CONSTRAINTS,
-            True,
-            x509.BasicConstraints(True, 2),
-        ))
+        builder = x509.CertificateSigningRequestBuilder().add_extension(
+            x509.Extension(
+                x509.OID_BASIC_CONSTRAINTS,
+                True,
+                x509.BasicConstraints(True, 2),
+            )
+        )
         with pytest.raises(ValueError):
             builder.add_extension(x509.Extension(
                 x509.OID_BASIC_CONSTRAINTS,
@@ -809,15 +810,15 @@ class TestCertificateSigningRequestBuilder(object):
             key_size=2048,
             backend=backend,
         )
-        builder = x509.CertificateSigningRequestBuilder()
-        builder.set_subject_name(x509.Name([
-            x509.NameAttribute(x509.OID_COUNTRY_NAME, u'US'),
-            x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, u'Texas'),
-            x509.NameAttribute(x509.OID_LOCALITY_NAME, u'Austin'),
-            x509.NameAttribute(x509.OID_ORGANIZATION_NAME, u'PyCA'),
-            x509.NameAttribute(x509.OID_COMMON_NAME, u'cryptography.io'),
-        ]))
-        builder.add_extension(x509.Extension(
+        builder = x509.CertificateSigningRequestBuilder().set_subject_name(
+            x509.Name([
+                x509.NameAttribute(x509.OID_COUNTRY_NAME, u'US'),
+                x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, u'Texas'),
+                x509.NameAttribute(x509.OID_LOCALITY_NAME, u'Austin'),
+                x509.NameAttribute(x509.OID_ORGANIZATION_NAME, u'PyCA'),
+                x509.NameAttribute(x509.OID_COMMON_NAME, u'cryptography.io'),
+            ])
+        ).add_extension(x509.Extension(
             x509.ObjectIdentifier('1.2.3.4'),
             False,
             'value',
author	Andre Caron <andre.l.caron@gmail.com>	2015-05-31 17:36:18 -0400
committer	Ian Cordasco <graffatcolmingov@gmail.com>	2015-06-24 13:35:49 -0500
commit	fc164c5e4fce2f6617b35887a5799ec10082b906 (patch)
tree	4b34170789838d13eff45ed45ebaccb7075c536a
parent	eebe700861774a640f82391d2a4597d2fe6ff399 (diff)
download	cryptography-fc164c5e4fce2f6617b35887a5799ec10082b906.tar.gz cryptography-fc164c5e4fce2f6617b35887a5799ec10082b906.tar.bz2 cryptography-fc164c5e4fce2f6617b35887a5799ec10082b906.zip