diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/development/c-bindings.rst | 4 | ||||
| -rw-r--r-- | docs/development/test-vectors.rst | 6 | ||||
| -rw-r--r-- | docs/hazmat/backends/interfaces.rst | 20 | ||||
| -rw-r--r-- | docs/hazmat/primitives/interfaces.rst | 53 | ||||
| -rw-r--r-- | docs/installation.rst | 2 | ||||
| -rw-r--r-- | docs/spelling_wordlist.txt | 1 |
6 files changed, 85 insertions, 1 deletions
diff --git a/docs/development/c-bindings.rst b/docs/development/c-bindings.rst index 56963379..10d5fc10 100644 --- a/docs/development/c-bindings.rst +++ b/docs/development/c-bindings.rst @@ -7,6 +7,10 @@ C bindings are bindings to C libraries, using cffi_ whenever possible. Bindings live in :py:mod:`cryptography.hazmat.bindings`. +When modifying the bindings you will need to recompile the C extensions to +test the changes. This can be accomplished with ``pip install -e .`` in the +project root. If you do not do this a ``RuntimeError`` will be raised. + Style guide ----------- diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst index 6f6d9e62..8c2d1361 100644 --- a/docs/development/test-vectors.rst +++ b/docs/development/test-vectors.rst @@ -34,6 +34,11 @@ Asymmetric ciphers `enc2-rsa-pkcs8.pem`_ was re-encrypted using a stronger PKCS#8 cipher. * `Botan's ECC private keys`_. +X.509 +~~~~~ + +* PKITS test suite from `NIST PKI Testing`_. + Hashes ~~~~~~ @@ -168,3 +173,4 @@ header format (substituting the correct information): .. _`NESSIE`: https://en.wikipedia.org/wiki/NESSIE .. _`Ed25519 website`: http://ed25519.cr.yp.to/software.html .. _`NIST SP-800-38B`: http://csrc.nist.gov/publications/nistpubs/800-38B/Updated_CMAC_Examples.pdf +.. _`NIST PKI Testing`: http://csrc.nist.gov/groups/ST/crypto_apps_infra/pki/pkitesting.html diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index ce2f0918..e4c43d9e 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -512,3 +512,23 @@ A specific ``backend`` may provide one or more of these interfaces. :raises cryptography.exceptions.UnsupportedAlgorithm: If the data is encrypted with an unsupported algorithm. + +.. class:: X509Backend + + .. versionadded:: 0.7 + + A backend with methods for working with X.509 objects. + + .. method:: load_pem_x509_certificate(data) + + :param bytes data: PEM formatted certificate data. + + :returns: An instance of + :class:`~cryptography.hazmat.primitives.interfaces.X509Certificate`. + + .. method:: load_der_x509_certificate(data) + + :param bytes data: DER formatted certificate data. + + :returns: An instance of + :class:`~cryptography.hazmat.primitives.interfaces.X509Certificate`. diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index e9e4e77e..d964f25c 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -695,6 +695,59 @@ Key derivation functions :raises cryptography.exceptions.InvalidSignature: This is raised when the provided signature does not match the expected signature. + +X509 +---- + +.. class:: X509Certificate + + .. versionadded:: 0.7 + + .. attribute:: version + + :type: X509Version + + The certificate version as an enumeration. + + .. method:: fingerprint(algorithm) + + :param algorithm: A + :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + that will be used by this context. + + :return bytes: The fingerprint using the supplied hash algorithm as + bytes. + + .. attribute:: serial + + :type: int + + The serial as a Python integer. + + .. method:: public_key() + + :type: + :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey` or + :class:`~cryptography.hazmat.primitives.interfaces.DSAPublicKey` or + :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKey` + + The public key associated with the certificate. + + .. attribute:: not_before + + :type: :class:`datetime.datetime` + + A naïve datetime representing the beginning of the validity period for the + certificate in UTC. This value is inclusive. + + .. attribute:: not_after + + :type: :class:`datetime.datetime` + + A naïve datetime representing the end of the validity period for the + certificate in UTC. This value is inclusive. + + .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem) .. _`Chinese remainder theorem`: https://en.wikipedia.org/wiki/Chinese_remainder_theorem .. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm diff --git a/docs/installation.rst b/docs/installation.rst index d1b6e69d..d7645cac 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -15,7 +15,7 @@ on these operating systems. * x86-64 CentOS 7.x, 6.4 and CentOS 5.x * x86-64 FreeBSD 9.2 and FreeBSD 10 -* OS X 10.9 Mavericks, 10.8 Mountain Lion, and 10.7 Lion +* OS X 10.10 Yosemite, 10.9 Mavericks, 10.8 Mountain Lion, and 10.7 Lion * x86-64 Ubuntu 12.04 LTS * 32-bit Python on 64-bit Windows Server 2008 * 64-bit Python on 64-bit Windows Server 2012 diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt index b16026f6..b7b33436 100644 --- a/docs/spelling_wordlist.txt +++ b/docs/spelling_wordlist.txt @@ -31,6 +31,7 @@ iOS Koblitz Lange metadata +naïve namespace namespaces pickleable |