diff options
-rw-r--r-- | docs/x509.rst | 20 | ||||
-rw-r--r-- | src/cryptography/x509.py | 42 |
2 files changed, 29 insertions, 33 deletions
diff --git a/docs/x509.rst b/docs/x509.rst index 262ba301..a3426a2b 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -187,12 +187,8 @@ X.509 Certificate Object :type: :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` Returns the - :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` used in - the certificate's signature. - - .. note:: - Items signed by the parsed certificate do not have to use the same - hash algorithm. + :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` which + was used in signing the certificate. .. doctest:: @@ -369,32 +365,32 @@ Name OIDs Signature Algorithm OIDs ~~~~~~~~~~~~~~~~~~~~~~~~ -.. data:: OID_MD5_WITH_RSA +.. data:: OID_MD5_WITH_RSA_ENCRYPTION Corresponds to the dotted string ``"1.2.840.113549.1.1.4"``. This is an MD5 digest signed by an RSA key. -.. data:: OID_SHA1_WITH_RSA +.. data:: OID_SHA1_WITH_RSA_ENCRYPTION Corresponds to the dotted string ``"1.2.840.113549.1.1.5"``. This is a SHA1 digest signed by an RSA key. -.. data:: OID_SHA224_WITH_RSA +.. data:: OID_SHA224_WITH_RSA_ENCRYPTION Corresponds to the dotted string ``"1.2.840.113549.1.1.14"``. This is a SHA224 digest signed by an RSA key. -.. data:: OID_SHA256_WITH_RSA +.. data:: OID_SHA256_WITH_RSA_ENCRYPTION Corresponds to the dotted string ``"1.2.840.113549.1.1.11"``. This is a SHA256 digest signed by an RSA key. -.. data:: OID_SHA384_WITH_RSA +.. data:: OID_SHA384_WITH_RSA_ENCRYPTION Corresponds to the dotted string ``"1.2.840.113549.1.1.12"``. This is a SHA384 digest signed by an RSA key. -.. data:: OID_SHA512_WITH_RSA +.. data:: OID_SHA512_WITH_RSA_ENCRYPTION Corresponds to the dotted string ``"1.2.840.113549.1.1.13"``. This is a SHA512 digest signed by an RSA key. diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py index 0273ca86..774830df 100644 --- a/src/cryptography/x509.py +++ b/src/cryptography/x509.py @@ -29,19 +29,19 @@ _OID_NAMES = { "2.5.4.65": "pseudonym", "0.9.2342.19200300.100.1.25": "domainComponent", "1.2.840.113549.1.9.1": "emailAddress", - "1.2.840.113549.1.1.4": "md5WithRSA", - "1.2.840.113549.1.1.5": "sha1WithRSA", + "1.2.840.113549.1.1.4": "md5WithRSAEncryption", + "1.2.840.113549.1.1.5": "sha1WithRSAEncryption", "1.2.840.113549.1.1.14": "sha224WithRSAEncryption", "1.2.840.113549.1.1.11": "sha256WithRSAEncryption", "1.2.840.113549.1.1.12": "sha384WithRSAEncryption", "1.2.840.113549.1.1.13": "sha512WithRSAEncryption", - "1.2.840.10045.4.3.1": "ecdsa_with_SHA224", - "1.2.840.10045.4.3.2": "ecdsa_with_SHA256", - "1.2.840.10045.4.3.3": "ecdsa_with_SHA384", - "1.2.840.10045.4.3.4": "ecdsa_with_SHA512", - "1.2.840.10040.4.3": "dsaWithSHA1", - "2.16.840.1.101.3.4.3.1": "dsa_with_SHA224", - "2.16.840.1.101.3.4.3.2": "dsa_with_SHA256", + "1.2.840.10045.4.3.1": "ecdsa-with-SHA224", + "1.2.840.10045.4.3.2": "ecdsa-with-SHA256", + "1.2.840.10045.4.3.3": "ecdsa-with-SHA384", + "1.2.840.10045.4.3.4": "ecdsa-with-SHA512", + "1.2.840.10040.4.3": "dsa-with-sha1", + "2.16.840.1.101.3.4.3.1": "dsa-with-sha224", + "2.16.840.1.101.3.4.3.2": "dsa-with-sha256", } @@ -157,12 +157,12 @@ OID_PSEUDONYM = ObjectIdentifier("2.5.4.65") OID_DOMAIN_COMPONENT = ObjectIdentifier("0.9.2342.19200300.100.1.25") OID_EMAIL_ADDRESS = ObjectIdentifier("1.2.840.113549.1.9.1") -OID_MD5_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.4") -OID_SHA1_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.5") -OID_SHA224_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.14") -OID_SHA256_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.11") -OID_SHA384_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.12") -OID_SHA512_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.13") +OID_MD5_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.4") +OID_SHA1_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.5") +OID_SHA224_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.14") +OID_SHA256_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.11") +OID_SHA384_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.12") +OID_SHA512_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.13") OID_ECDSA_WITH_SHA224 = ObjectIdentifier("1.2.840.10045.4.3.1") OID_ECDSA_WITH_SHA256 = ObjectIdentifier("1.2.840.10045.4.3.2") OID_ECDSA_WITH_SHA384 = ObjectIdentifier("1.2.840.10045.4.3.3") @@ -172,12 +172,12 @@ OID_DSA_WITH_SHA224 = ObjectIdentifier("2.16.840.1.101.3.4.3.1") OID_DSA_WITH_SHA256 = ObjectIdentifier("2.16.840.1.101.3.4.3.2") _SIG_OIDS_TO_HASH = { - OID_MD5_WITH_RSA.dotted_string: hashes.MD5(), - OID_SHA1_WITH_RSA.dotted_string: hashes.SHA1(), - OID_SHA224_WITH_RSA.dotted_string: hashes.SHA224(), - OID_SHA256_WITH_RSA.dotted_string: hashes.SHA256(), - OID_SHA384_WITH_RSA.dotted_string: hashes.SHA384(), - OID_SHA512_WITH_RSA.dotted_string: hashes.SHA512(), + OID_MD5_WITH_RSA_ENCRYPTION.dotted_string: hashes.MD5(), + OID_SHA1_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA1(), + OID_SHA224_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA224(), + OID_SHA256_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA256(), + OID_SHA384_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA384(), + OID_SHA512_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA512(), OID_ECDSA_WITH_SHA224.dotted_string: hashes.SHA224(), OID_ECDSA_WITH_SHA256.dotted_string: hashes.SHA256(), OID_ECDSA_WITH_SHA384.dotted_string: hashes.SHA384(), |