diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-11-24 08:41:05 -1000 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-11-24 08:41:05 -1000 |
commit | 05c122b5614740a50bee67808d4540ed94ae69e9 (patch) | |
tree | 2d80842375314348266fbfce907d9b262e6801f5 | |
parent | e987b81aefb7a6545ff23dee8468d0a234cd13f8 (diff) | |
download | cryptography-05c122b5614740a50bee67808d4540ed94ae69e9.tar.gz cryptography-05c122b5614740a50bee67808d4540ed94ae69e9.tar.bz2 cryptography-05c122b5614740a50bee67808d4540ed94ae69e9.zip |
Initial minimal X509Certificate interfaces
This will be expanded in the future to include algorithm identifier,
subject, issuer, extensions, etc
-rw-r--r-- | docs/hazmat/primitives/interfaces.rst | 44 | ||||
-rw-r--r-- | src/cryptography/hazmat/primitives/interfaces.py | 33 |
2 files changed, 77 insertions, 0 deletions
diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index e9e4e77e..888a3403 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -695,6 +695,50 @@ Key derivation functions :raises cryptography.exceptions.InvalidSignature: This is raised when the provided signature does not match the expected signature. + +X509 +---- + +.. class:: X509Certificate + + .. versionadded:: 0.7 + + .. method:: fingerprint(algorithm) + + :param algorithm: A + :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + that will be used by this context. + + :return: The fingerprint using the supplied hash algorithm as bytes. + + .. attribute:: serial + + :type: int + + The serial as a Python integer. + + .. method:: public_key() + + :type: + :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey` or + :class:`~cryptography.hazmat.primitives.interfaces.DSAPublicKey` or + :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKey` + + The public key associated with the certificate. + + .. attribute:: not_before + + :type: datetime + + The beginning of the validity period for the certificate (UTC). + + .. attribute:: not_after + + :type: datetime + + The end of the validity period for the certificate (UTC). + + .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem) .. _`Chinese remainder theorem`: https://en.wikipedia.org/wiki/Chinese_remainder_theorem .. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm diff --git a/src/cryptography/hazmat/primitives/interfaces.py b/src/cryptography/hazmat/primitives/interfaces.py index 7d9fc4fb..561be972 100644 --- a/src/cryptography/hazmat/primitives/interfaces.py +++ b/src/cryptography/hazmat/primitives/interfaces.py @@ -488,3 +488,36 @@ class MACContext(object): # DeprecatedIn07 CMACContext = MACContext + + +@six.add_metaclass(abc.ABCMeta) +class X509Certificate(object): + @abc.abstractmethod + def fingerprint(self, algorithm): + """ + Returns bytes using digest passed. + """ + + @abc.abstractproperty + def serial(self): + """ + Returns certificate serial number + """ + + @abc.abstractmethod + def public_key(self): + """ + Returns the public key + """ + + @abc.abstractproperty + def not_before(self): + """ + Not before time (represented as UTC datetime) + """ + + @abc.abstractproperty + def not_after(self): + """ + Not after time (represented as UTC datetime) + """ |