diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2014-11-26 21:04:22 -0600 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2014-11-26 21:04:22 -0600 |
commit | 77f457e734a6882b27a93483b8f0494aabe860b9 (patch) | |
tree | d7f3c39640bc3fd4d214f8e7d78f6aa8128a889b | |
parent | fcea445e88b4435b9c093f01b4a6f90497974398 (diff) | |
parent | 244637cedae3eef1997fd2eb85c74eb3d92d52ce (diff) | |
download | cryptography-77f457e734a6882b27a93483b8f0494aabe860b9.tar.gz cryptography-77f457e734a6882b27a93483b8f0494aabe860b9.tar.bz2 cryptography-77f457e734a6882b27a93483b8f0494aabe860b9.zip |
Merge pull request #1442 from reaperhulk/x509-interface
X509 interfaces
-rw-r--r-- | docs/hazmat/backends/interfaces.rst | 20 | ||||
-rw-r--r-- | docs/hazmat/primitives/interfaces.rst | 53 | ||||
-rw-r--r-- | docs/spelling_wordlist.txt | 1 | ||||
-rw-r--r-- | src/cryptography/hazmat/backends/interfaces.py | 15 | ||||
-rw-r--r-- | src/cryptography/hazmat/primitives/interfaces.py | 39 |
5 files changed, 128 insertions, 0 deletions
diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index ce2f0918..e4c43d9e 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -512,3 +512,23 @@ A specific ``backend`` may provide one or more of these interfaces. :raises cryptography.exceptions.UnsupportedAlgorithm: If the data is encrypted with an unsupported algorithm. + +.. class:: X509Backend + + .. versionadded:: 0.7 + + A backend with methods for working with X.509 objects. + + .. method:: load_pem_x509_certificate(data) + + :param bytes data: PEM formatted certificate data. + + :returns: An instance of + :class:`~cryptography.hazmat.primitives.interfaces.X509Certificate`. + + .. method:: load_der_x509_certificate(data) + + :param bytes data: DER formatted certificate data. + + :returns: An instance of + :class:`~cryptography.hazmat.primitives.interfaces.X509Certificate`. diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index e9e4e77e..d964f25c 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -695,6 +695,59 @@ Key derivation functions :raises cryptography.exceptions.InvalidSignature: This is raised when the provided signature does not match the expected signature. + +X509 +---- + +.. class:: X509Certificate + + .. versionadded:: 0.7 + + .. attribute:: version + + :type: X509Version + + The certificate version as an enumeration. + + .. method:: fingerprint(algorithm) + + :param algorithm: A + :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + that will be used by this context. + + :return bytes: The fingerprint using the supplied hash algorithm as + bytes. + + .. attribute:: serial + + :type: int + + The serial as a Python integer. + + .. method:: public_key() + + :type: + :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey` or + :class:`~cryptography.hazmat.primitives.interfaces.DSAPublicKey` or + :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKey` + + The public key associated with the certificate. + + .. attribute:: not_before + + :type: :class:`datetime.datetime` + + A naïve datetime representing the beginning of the validity period for the + certificate in UTC. This value is inclusive. + + .. attribute:: not_after + + :type: :class:`datetime.datetime` + + A naïve datetime representing the end of the validity period for the + certificate in UTC. This value is inclusive. + + .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem) .. _`Chinese remainder theorem`: https://en.wikipedia.org/wiki/Chinese_remainder_theorem .. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt index b16026f6..b7b33436 100644 --- a/docs/spelling_wordlist.txt +++ b/docs/spelling_wordlist.txt @@ -31,6 +31,7 @@ iOS Koblitz Lange metadata +naïve namespace namespaces pickleable diff --git a/src/cryptography/hazmat/backends/interfaces.py b/src/cryptography/hazmat/backends/interfaces.py index f433afcb..8fc78309 100644 --- a/src/cryptography/hazmat/backends/interfaces.py +++ b/src/cryptography/hazmat/backends/interfaces.py @@ -250,3 +250,18 @@ class PKCS8SerializationBackend(object): Load a private key from PKCS8 encoded data, using password if the data is encrypted. """ + + +@six.add_metaclass(abc.ABCMeta) +class X509Backend(object): + @abc.abstractmethod + def load_pem_x509_certificate(self, data): + """ + Load an X.509 certificate from PEM encoded data. + """ + + @abc.abstractmethod + def load_der_x509_certificate(self, data): + """ + Load an X.509 certificate from DER encoded data. + """ diff --git a/src/cryptography/hazmat/primitives/interfaces.py b/src/cryptography/hazmat/primitives/interfaces.py index 7d9fc4fb..18a62601 100644 --- a/src/cryptography/hazmat/primitives/interfaces.py +++ b/src/cryptography/hazmat/primitives/interfaces.py @@ -488,3 +488,42 @@ class MACContext(object): # DeprecatedIn07 CMACContext = MACContext + + +@six.add_metaclass(abc.ABCMeta) +class X509Certificate(object): + @abc.abstractmethod + def fingerprint(self, algorithm): + """ + Returns bytes using digest passed. + """ + + @abc.abstractproperty + def serial(self): + """ + Returns certificate serial number + """ + + @abc.abstractproperty + def version(self): + """ + Returns the certificate version + """ + + @abc.abstractmethod + def public_key(self): + """ + Returns the public key + """ + + @abc.abstractproperty + def not_before(self): + """ + Not before time (represented as UTC datetime) + """ + + @abc.abstractproperty + def not_after(self): + """ + Not after time (represented as UTC datetime) + """ |