diff options
| -rw-r--r-- | docs/x509/reference.rst | 7 | ||||
| -rw-r--r-- | src/cryptography/x509.py | 21 | ||||
| -rw-r--r-- | tests/hazmat/backends/test_openssl.py | 4 | ||||
| -rw-r--r-- | tests/test_x509.py | 18 |
4 files changed, 4 insertions, 46 deletions
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst index e4ea252d..5a809847 100644 --- a/docs/x509/reference.rst +++ b/docs/x509/reference.rst @@ -393,13 +393,6 @@ X.509 Certificate Builder .. class:: CertificateBuilder - .. method:: version(version) - - Sets the X.509 version that will be used in the certificate. - - :param version: The :class:`~cryptography.x509.Version` that will be - used by the certificate. - .. method:: issuer_name(name) Sets the issuer's distinguished name. diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py index 6f7aeeed..4b13fce1 100644 --- a/src/cryptography/x509.py +++ b/src/cryptography/x509.py @@ -1605,7 +1605,7 @@ class CertificateBuilder(object): """ Creates an empty X.509 certificate (version 1). """ - self._version = version + self._version = Version.v3 self._issuer_name = issuer_name self._subject_name = subject_name self._public_key = public_key @@ -1614,20 +1614,6 @@ class CertificateBuilder(object): self._not_valid_after = not_valid_after self._extensions = extensions - def version(self, version): - """ - Sets the X.509 version required by decoders. - """ - if not isinstance(version, Version): - raise TypeError('Expecting x509.Version object.') - if self._version is not None: - raise ValueError('The version may only be set once.') - return CertificateBuilder( - version, self._issuer_name, self._subject_name, self._public_key, - self._serial_number, self._not_valid_before, - self._not_valid_after, self._extensions - ) - def issuer_name(self, name): """ Sets the CA's distinguished name. @@ -1744,7 +1730,4 @@ class CertificateBuilder(object): """ Signs the certificate using the CA's private key. """ - builder = self - if self._version is None: - builder = self.version(Version.v3) - return backend.sign_x509_certificate(builder, private_key, algorithm) + return backend.sign_x509_certificate(self, private_key, algorithm) diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 5505c630..daa37874 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -489,9 +489,7 @@ class TestOpenSSLSignX509Certificate(object): def test_checks_for_unsupported_extensions(self): private_key = RSA_KEY_2048.private_key(backend) - builder = x509.CertificateBuilder().version( - x509.Version.v3 - ).subject_name(x509.Name([ + builder = x509.CertificateBuilder().subject_name(x509.Name([ x509.NameAttribute(x509.OID_COUNTRY_NAME, u'US'), x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, u'Texas'), x509.NameAttribute(x509.OID_LOCALITY_NAME, u'Austin'), diff --git a/tests/test_x509.py b/tests/test_x509.py index c4a423aa..e052b4d9 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -782,9 +782,7 @@ class TestRSACertificateRequest(object): not_valid_before = datetime.datetime(2002, 1, 1, 12, 1) not_valid_after = datetime.datetime(2030, 12, 31, 8, 30) - builder = x509.CertificateBuilder().version( - x509.Version.v3 - ).serial_number( + builder = x509.CertificateBuilder().serial_number( 777 ).issuer_name(x509.Name([ x509.NameAttribute(x509.OID_COUNTRY_NAME, u'US'), @@ -824,20 +822,6 @@ class TestRSACertificateRequest(object): class TestCertificateBuilder(object): - def test_version_must_be_a_version_type(self): - builder = x509.CertificateBuilder() - - with pytest.raises(TypeError): - builder.version("v1") - - def test_version_may_only_be_set_once(self): - builder = x509.CertificateBuilder().version( - x509.Version.v3 - ) - - with pytest.raises(ValueError): - builder.version(x509.Version.v1) - def test_issuer_name_must_be_a_name_type(self): builder = x509.CertificateBuilder() |