diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2019-07-06 19:01:33 -0400 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2019-07-06 19:01:33 -0400 |
| commit | 7b1391bfd4949140432bd003a8e43e32bfe968c5 (patch) | |
| tree | 6bc6d5f26a767e47eb224a9d81224a2eea82986a /docs/x509/reference.rst | |
| parent | 7c2cec85975d8bc79ff09af92d7d7d7077c7b18f (diff) | |
| download | cryptography-7b1391bfd4949140432bd003a8e43e32bfe968c5.tar.gz cryptography-7b1391bfd4949140432bd003a8e43e32bfe968c5.tar.bz2 cryptography-7b1391bfd4949140432bd003a8e43e32bfe968c5.zip | |
ed25519 support in x509 certificate builder (#4937)
* ed25519 support in x509 certificate builder
This adds minimal ed25519 support. More to come.
* Apply suggestions from code review
Co-Authored-By: Alex Gaynor <alex.gaynor@gmail.com>
Diffstat (limited to 'docs/x509/reference.rst')
| -rw-r--r-- | docs/x509/reference.rst | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst index 6333a263..38901c7c 100644 --- a/docs/x509/reference.rst +++ b/docs/x509/reference.rst @@ -338,7 +338,8 @@ X.509 Certificate Object :returns: :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey` or :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` or - :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey` + :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey` or + :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey` .. doctest:: @@ -727,8 +728,10 @@ X.509 Certificate Builder :param public_key: The subject's public key. This can be one of :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`, - :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` or + :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`, :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey` + or + :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey` .. method:: serial_number(serial_number) @@ -781,13 +784,20 @@ X.509 Certificate Builder :param private_key: The :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`, - :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey` or + :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`, :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey` + , or + :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey` that will be used to sign the certificate. :param algorithm: The :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` that - will be used to generate the signature. + will be used to generate the signature. This must be ``None`` if + the ``private_key`` is an + :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey` + and an instance of a + :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` + otherwise. :param backend: Backend that will be used to build the certificate. Must support the @@ -2836,6 +2846,13 @@ instances. The following common OIDs are available as constants. Corresponds to the dotted string ``"2.16.840.1.101.3.4.3.2"``. This is a SHA256 digest signed by a DSA key. + .. attribute:: ED25519 + + .. versionadded:: 2.8 + + Corresponds to the dotted string ``"1.3.101.112"``. This is a signature + using an ed25519 key. + .. class:: ExtendedKeyUsageOID |