From 1bd77e2f4ee2fcdd9233ea36ed74edeee02817c5 Mon Sep 17 00:00:00 2001
From: Joern Heissler <joern@fishpond.co.nz>
Date: Wed, 13 Jan 2016 22:51:37 +0100
Subject: Add verify method on CertificateSigningRequest

---
 docs/development/test-vectors.rst | 6 ++++--
 docs/x509/reference.rst           | 9 +++++++++
 2 files changed, 13 insertions(+), 2 deletions(-)

(limited to 'docs')

diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst
index ad945f2f..4abf9f63 100644
--- a/docs/development/test-vectors.rst
+++ b/docs/development/test-vectors.rst
@@ -278,7 +278,7 @@ Custom X.509 Request Vectors
   request using RSA and SHA1 with a subject alternative name extension
   generated using OpenSSL.
 * ``two_basic_constraints.pem`` - A certificate signing request
-  for a RSA 2048 bit key containing two basic constraints extensions.
+  for an RSA 2048 bit key containing two basic constraints extensions.
 * ``unsupported_extension.pem`` - A certificate signing request
   for an RSA 2048 bit key containing containing an unsupported
   extension type. The OID was encoded as "1.2.3.4" with an
@@ -287,9 +287,11 @@ Custom X.509 Request Vectors
   request for an RSA 2048 bit key containing containing an unsupported
   extension type marked critical. The OID was encoded as "1.2.3.4"
   with an ``extnValue`` of "value".
-* ``basic_constraints.pem`` - A certificate signing request for a RSA
+* ``basic_constraints.pem`` - A certificate signing request for an RSA
   2048 bit key containing a basic constraints extension marked as
   critical.
+* ``invalid_signature.pem`` - A certificate signing request for an RSA
+  1024 bit key containing an invalid signature with correct padding.
 
 Custom X.509 Certificate Revocation List Vectors
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst
index 8bb3f40d..568eb405 100644
--- a/docs/x509/reference.rst
+++ b/docs/x509/reference.rst
@@ -761,6 +761,15 @@ X.509 CSR (Certificate Signing Request) Object
         key embedded in the CSR). This data may be used to validate the CSR
         signature.
 
+    .. method:: verify()
+
+        .. versionadded:: 1.3
+
+        :raises cryptography.exceptions.InvalidSignature: If the signature does
+            not validate.
+
+        Verifies the CSR signature.
+
 X.509 Certificate Revocation List Builder
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-- 
cgit v1.2.3