diff options
| -rw-r--r-- | docs/x509/reference.rst | 9 | ||||
| -rw-r--r-- | src/cryptography/x509/__init__.py | 1 | ||||
| -rw-r--r-- | src/cryptography/x509/oid.py | 2 |
3 files changed, 12 insertions, 0 deletions
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst index 7a41e1f3..3fc6507e 100644 --- a/docs/x509/reference.rst +++ b/docs/x509/reference.rst @@ -2569,6 +2569,15 @@ instances. The following common OIDs are available as constants. Corresponds to the dotted string ``"1.2.840.113549.1.1.13"``. This is a SHA512 digest signed by an RSA key. + .. attribute:: RSASSA_PSS + + .. versionadded:: 2.3 + + Corresponds to the dotted string ``"1.2.840.113549.1.1.10"``. This is + signed by an RSA key using the Probabilistic Signature Scheme (PSS) + padding from RFC 4055. The hash function and padding are defined by + signature algorithm parameters. + .. attribute:: ECDSA_WITH_SHA1 Corresponds to the dotted string ``"1.2.840.10045.4.1"``. This is a SHA1 diff --git a/src/cryptography/x509/__init__.py b/src/cryptography/x509/__init__.py index 224c9af6..d2f9b049 100644 --- a/src/cryptography/x509/__init__.py +++ b/src/cryptography/x509/__init__.py @@ -74,6 +74,7 @@ OID_RSA_WITH_SHA224 = SignatureAlgorithmOID.RSA_WITH_SHA224 OID_RSA_WITH_SHA256 = SignatureAlgorithmOID.RSA_WITH_SHA256 OID_RSA_WITH_SHA384 = SignatureAlgorithmOID.RSA_WITH_SHA384 OID_RSA_WITH_SHA512 = SignatureAlgorithmOID.RSA_WITH_SHA512 +OID_RSASSA_PSS = SignatureAlgorithmOID.RSASSA_PSS OID_COMMON_NAME = NameOID.COMMON_NAME OID_COUNTRY_NAME = NameOID.COUNTRY_NAME diff --git a/src/cryptography/x509/oid.py b/src/cryptography/x509/oid.py index 8b92d6b3..90003d79 100644 --- a/src/cryptography/x509/oid.py +++ b/src/cryptography/x509/oid.py @@ -137,6 +137,7 @@ class SignatureAlgorithmOID(object): RSA_WITH_SHA256 = ObjectIdentifier("1.2.840.113549.1.1.11") RSA_WITH_SHA384 = ObjectIdentifier("1.2.840.113549.1.1.12") RSA_WITH_SHA512 = ObjectIdentifier("1.2.840.113549.1.1.13") + RSASSA_PSS = ObjectIdentifier("1.2.840.113549.1.1.10") ECDSA_WITH_SHA1 = ObjectIdentifier("1.2.840.10045.4.1") ECDSA_WITH_SHA224 = ObjectIdentifier("1.2.840.10045.4.3.1") ECDSA_WITH_SHA256 = ObjectIdentifier("1.2.840.10045.4.3.2") @@ -221,6 +222,7 @@ _OID_NAMES = { SignatureAlgorithmOID.RSA_WITH_SHA256: "sha256WithRSAEncryption", SignatureAlgorithmOID.RSA_WITH_SHA384: "sha384WithRSAEncryption", SignatureAlgorithmOID.RSA_WITH_SHA512: "sha512WithRSAEncryption", + SignatureAlgorithmOID.RSASSA_PSS: "RSASSA-PSS", SignatureAlgorithmOID.ECDSA_WITH_SHA1: "ecdsa-with-SHA1", SignatureAlgorithmOID.ECDSA_WITH_SHA224: "ecdsa-with-SHA224", SignatureAlgorithmOID.ECDSA_WITH_SHA256: "ecdsa-with-SHA256", |