Merge pull request #2813 from reaperhulk/fix-2758

Add AuthorityKeyIdentifier.from_issuer_subject_key_identifier
author: Alex Gaynor <alex.gaynor@gmail.com> 2016-03-12 09:41:47 -0500
committer: Alex Gaynor <alex.gaynor@gmail.com> 2016-03-12 09:41:47 -0500
commit: 2d0deb14fe2502fcab6cb9ec56f444ad7cd6dd4a (patch)
tree: ff568231e454cd9fff9b9cbc4da35f06cb03e448 /docs
parent: ab5de1a6b65c040dc61f02ef6e097105b2404cee (diff)
parent: 2d8e574e9dd1510783f12b7632b05622a16e82ef (diff)
download: cryptography-2d0deb14fe2502fcab6cb9ec56f444ad7cd6dd4a.tar.gz
cryptography-2d0deb14fe2502fcab6cb9ec56f444ad7cd6dd4a.tar.bz2
cryptography-2d0deb14fe2502fcab6cb9ec56f444ad7cd6dd4a.zip
1 files changed, 38 insertions, 0 deletions
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst
index 67427ddb..399d693a 100644
--- a/docs/x509/reference.rst
+++ b/docs/x509/reference.rst
@@ -1541,6 +1541,13 @@ X.509 Extensions
 
         .. versionadded:: 1.0
 
+        .. note::
+
+            This method should be used if the issuer certificate does not
+            contain a :class:`~cryptography.x509.SubjectKeyIdentifier`.
+            Otherwise, use
+            :meth:`~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier`.
+
         Creates a new AuthorityKeyIdentifier instance using the public key
         provided to generate the appropriate digest. This should be the
         **issuer's public key**. The resulting object will contain
@@ -1568,6 +1575,37 @@ X.509 Extensions
             >>> x509.AuthorityKeyIdentifier.from_issuer_public_key(issuer_cert.public_key())
             <AuthorityKeyIdentifier(key_identifier='X\x01\x84$\x1b\xbc+R\x94J=\xa5\x10r\x14Q\xf5\xaf:\xc9', authority_cert_issuer=None, authority_cert_serial_number=None)>
 
+    .. classmethod:: from_issuer_subject_key_identifier(ski)
+
+        .. versionadded:: 1.3
+
+        .. note::
+            This method should be used if the issuer certificate contains a
+            :class:`~cryptography.x509.SubjectKeyIdentifier`.  Otherwise, use
+            :meth:`~cryptography.x509.AuthorityKeyIdentifier.from_issuer_public_key`.
+
+        Creates a new AuthorityKeyIdentifier instance using the
+        SubjectKeyIdentifier from the issuer certificate. The resulting object
+        will contain
+        :attr:`~cryptography.x509.AuthorityKeyIdentifier.key_identifier`, but
+        :attr:`~cryptography.x509.AuthorityKeyIdentifier.authority_cert_issuer`
+        and
+        :attr:`~cryptography.x509.AuthorityKeyIdentifier.authority_cert_serial_number`
+        will be None.
+
+        :param ski: The
+            :class:`~cryptography.x509.SubjectKeyIdentifier` from the issuer
+            certificate.
+
+        .. doctest::
+
+            >>> from cryptography import x509
+            >>> from cryptography.hazmat.backends import default_backend
+            >>> issuer_cert = x509.load_pem_x509_certificate(pem_data, default_backend())
+            >>> ski = issuer_cert.extensions.get_extension_for_class(x509.SubjectKeyIdentifier)
+            >>> x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier(ski)
+            <AuthorityKeyIdentifier(key_identifier='X\x01\x84$\x1b\xbc+R\x94J=\xa5\x10r\x14Q\xf5\xaf:\xc9', authority_cert_issuer=None, authority_cert_serial_number=None)>
+
 .. class:: SubjectKeyIdentifier(digest)
 
     .. versionadded:: 0.9
author	Alex Gaynor <alex.gaynor@gmail.com>	2016-03-12 09:41:47 -0500
committer	Alex Gaynor <alex.gaynor@gmail.com>	2016-03-12 09:41:47 -0500
commit	2d0deb14fe2502fcab6cb9ec56f444ad7cd6dd4a (patch)
tree	ff568231e454cd9fff9b9cbc4da35f06cb03e448 /docs
parent	ab5de1a6b65c040dc61f02ef6e097105b2404cee (diff)
parent	2d8e574e9dd1510783f12b7632b05622a16e82ef (diff)
download	cryptography-2d0deb14fe2502fcab6cb9ec56f444ad7cd6dd4a.tar.gz cryptography-2d0deb14fe2502fcab6cb9ec56f444ad7cd6dd4a.tar.bz2 cryptography-2d0deb14fe2502fcab6cb9ec56f444ad7cd6dd4a.zip