From 05c122b5614740a50bee67808d4540ed94ae69e9 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 24 Nov 2014 08:41:05 -1000 Subject: Initial minimal X509Certificate interfaces This will be expanded in the future to include algorithm identifier, subject, issuer, extensions, etc --- docs/hazmat/primitives/interfaces.rst | 44 +++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) (limited to 'docs/hazmat') diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index e9e4e77e..888a3403 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -695,6 +695,50 @@ Key derivation functions :raises cryptography.exceptions.InvalidSignature: This is raised when the provided signature does not match the expected signature. + +X509 +---- + +.. class:: X509Certificate + + .. versionadded:: 0.7 + + .. method:: fingerprint(algorithm) + + :param algorithm: A + :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + that will be used by this context. + + :return: The fingerprint using the supplied hash algorithm as bytes. + + .. attribute:: serial + + :type: int + + The serial as a Python integer. + + .. method:: public_key() + + :type: + :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey` or + :class:`~cryptography.hazmat.primitives.interfaces.DSAPublicKey` or + :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKey` + + The public key associated with the certificate. + + .. attribute:: not_before + + :type: datetime + + The beginning of the validity period for the certificate (UTC). + + .. attribute:: not_after + + :type: datetime + + The end of the validity period for the certificate (UTC). + + .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem) .. _`Chinese remainder theorem`: https://en.wikipedia.org/wiki/Chinese_remainder_theorem .. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm -- cgit v1.2.3 From 6c4302e64c8ee866bfde6cd0acd5a86a9b1834de Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 24 Nov 2014 09:20:38 -1000 Subject: add backend interface for loading x509 certificates --- docs/hazmat/backends/interfaces.rst | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'docs/hazmat') diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index ce2f0918..47553a9d 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -512,3 +512,17 @@ A specific ``backend`` may provide one or more of these interfaces. :raises cryptography.exceptions.UnsupportedAlgorithm: If the data is encrypted with an unsupported algorithm. + +.. class:: X509Backend + + .. versionadded:: 0.7 + + A backend with methods for working with X.509 objects. + + .. method:: load_pem_x509_certificate(data) + + :param bytes data: PEM formatted certificate data. + + :returns: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.X509Certificate` + provider. -- cgit v1.2.3 From 333ae9be186d5a3fc39c6b175774fd4d4413ed2c Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 24 Nov 2014 12:23:22 -1000 Subject: update docs with review feedback --- docs/hazmat/backends/interfaces.rst | 5 ++--- docs/hazmat/primitives/interfaces.rst | 13 ++++++++----- 2 files changed, 10 insertions(+), 8 deletions(-) (limited to 'docs/hazmat') diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index 47553a9d..3cce1576 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -523,6 +523,5 @@ A specific ``backend`` may provide one or more of these interfaces. :param bytes data: PEM formatted certificate data. - :returns: An instance of a - :class:`~cryptography.hazmat.primitives.interfaces.X509Certificate` - provider. + :returns: An instance of + :class:`~cryptography.hazmat.primitives.interfaces.X509Certificate`. diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index 888a3403..d9019cbb 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -709,7 +709,8 @@ X509 :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` that will be used by this context. - :return: The fingerprint using the supplied hash algorithm as bytes. + :return bytes: The fingerprint using the supplied hash algorithm as + bytes. .. attribute:: serial @@ -728,15 +729,17 @@ X509 .. attribute:: not_before - :type: datetime + :type: datetime.datetime - The beginning of the validity period for the certificate (UTC). + A naïve datetime representing the beginning of the validity period for the + certificate in UTC. This value is inclusive. .. attribute:: not_after - :type: datetime + :type: datetime.datetime - The end of the validity period for the certificate (UTC). + A naïve datetime representing the end of the validity period for the + certificate in UTC. This value is inclusive. .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem) -- cgit v1.2.3 From f0e05bb7711f3c04a96f3bc924588ecfa838d41d Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 24 Nov 2014 12:30:03 -1000 Subject: =?UTF-8?q?link=20datetime=20better=20and=20add=20na=C3=AFve=20to?= =?UTF-8?q?=20spelling=20list?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docs/hazmat/primitives/interfaces.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs/hazmat') diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index d9019cbb..77aa0017 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -729,14 +729,14 @@ X509 .. attribute:: not_before - :type: datetime.datetime + :type: :class:`datetime.datetime` A naïve datetime representing the beginning of the validity period for the certificate in UTC. This value is inclusive. .. attribute:: not_after - :type: datetime.datetime + :type: :class:`datetime.datetime` A naïve datetime representing the end of the validity period for the certificate in UTC. This value is inclusive. -- cgit v1.2.3 From 8473df6d553a2e0bf790b613c2818beb4bd2f416 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 24 Nov 2014 17:13:59 -1000 Subject: add load_der_x509_certificate X509Backend method --- docs/hazmat/backends/interfaces.rst | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docs/hazmat') diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index 3cce1576..e4c43d9e 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -525,3 +525,10 @@ A specific ``backend`` may provide one or more of these interfaces. :returns: An instance of :class:`~cryptography.hazmat.primitives.interfaces.X509Certificate`. + + .. method:: load_der_x509_certificate(data) + + :param bytes data: DER formatted certificate data. + + :returns: An instance of + :class:`~cryptography.hazmat.primitives.interfaces.X509Certificate`. -- cgit v1.2.3 From 244637cedae3eef1997fd2eb85c74eb3d92d52ce Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 25 Nov 2014 08:20:59 -1000 Subject: add X509Certificate version attribute --- docs/hazmat/primitives/interfaces.rst | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'docs/hazmat') diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index 77aa0017..d964f25c 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -703,6 +703,12 @@ X509 .. versionadded:: 0.7 + .. attribute:: version + + :type: X509Version + + The certificate version as an enumeration. + .. method:: fingerprint(algorithm) :param algorithm: A -- cgit v1.2.3