diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2015-08-03 13:55:41 -0400 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2015-08-03 13:55:41 -0400 |
commit | b45c79b69d75c0e1dc69e941f67c3eaa4326a443 (patch) | |
tree | 8240d0cd72de8f74c8c0b41b5b2b607d6fe69b24 | |
parent | 05db69f2a4c86b1e43a7af70a95e1a223982f658 (diff) | |
parent | b8f11bca26c1819ccdfb2a36e18375b19a91e5da (diff) | |
download | cryptography-b45c79b69d75c0e1dc69e941f67c3eaa4326a443.tar.gz cryptography-b45c79b69d75c0e1dc69e941f67c3eaa4326a443.tar.bz2 cryptography-b45c79b69d75c0e1dc69e941f67c3eaa4326a443.zip |
Merge pull request #2196 from reaperhulk/reorder-certbuilder-args
reorder CertificateBuilder sign arguments
-rw-r--r-- | docs/x509/reference.rst | 12 | ||||
-rw-r--r-- | src/cryptography/x509.py | 2 | ||||
-rw-r--r-- | tests/hazmat/backends/test_openssl.py | 2 | ||||
-rw-r--r-- | tests/test_x509.py | 14 |
4 files changed, 15 insertions, 15 deletions
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst index 799126b9..61971fed 100644 --- a/docs/x509/reference.rst +++ b/docs/x509/reference.rst @@ -502,15 +502,10 @@ X.509 Certificate Builder :param critical: Set to ``True`` if the extension must be understood and handled by whoever reads the certificate. - .. method:: sign(backend, private_key, algorithm) + .. method:: sign(private_key, algorithm, backend) Sign the certificate using the CA's private key. - :param backend: Backend that will be used to build the certificate. - Must support the - :class:`~cryptography.hazmat.backends.interfaces.X509Backend` - interface. - :param private_key: The :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`, :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey` or @@ -521,6 +516,11 @@ X.509 Certificate Builder :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` that will be used to generate the signature. + :param backend: Backend that will be used to build the certificate. + Must support the + :class:`~cryptography.hazmat.backends.interfaces.X509Backend` + interface. + X.509 CSR (Certificate Signing Request) Object ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py index a831506e..f35582b0 100644 --- a/src/cryptography/x509.py +++ b/src/cryptography/x509.py @@ -1740,7 +1740,7 @@ class CertificateBuilder(object): self._not_valid_after, self._extensions + [extension] ) - def sign(self, backend, private_key, algorithm): + def sign(self, private_key, algorithm, backend): """ Signs the certificate using the CA's private key. """ diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index c2a4f544..0f2c80a6 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -531,7 +531,7 @@ class TestOpenSSLSignX509Certificate(object): ) with pytest.raises(NotImplementedError): - builder.sign(backend, private_key, hashes.SHA1()) + builder.sign(private_key, hashes.SHA1(), backend) class TestOpenSSLSerialisationWithOpenSSL(object): diff --git a/tests/test_x509.py b/tests/test_x509.py index ac20f649..ba35f64d 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -809,7 +809,7 @@ class TestRSACertificateRequest(object): not_valid_after ) - cert = builder.sign(backend, issuer_private_key, hashes.SHA1()) + cert = builder.sign(issuer_private_key, hashes.SHA1(), backend) assert cert.version is x509.Version.v3 assert cert.not_valid_before == not_valid_before @@ -969,7 +969,7 @@ class TestCertificateBuilder(object): builder = x509.CertificateBuilder() with pytest.raises(TypeError): - builder.sign(backend, private_key, object()) + builder.sign(private_key, object(), backend) @pytest.mark.requires_backend_interface(interface=DSABackend) @pytest.mark.requires_backend_interface(interface=X509Backend) @@ -981,7 +981,7 @@ class TestCertificateBuilder(object): builder = x509.CertificateBuilder() with pytest.raises(NotImplementedError): - builder.sign(backend, private_key, hashes.SHA512()) + builder.sign(private_key, hashes.SHA512(), backend) @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) @pytest.mark.requires_backend_interface(interface=X509Backend) @@ -994,7 +994,7 @@ class TestCertificateBuilder(object): builder = x509.CertificateBuilder() with pytest.raises(NotImplementedError): - builder.sign(backend, private_key, hashes.SHA512()) + builder.sign(private_key, hashes.SHA512(), backend) @pytest.mark.requires_backend_interface(interface=DSABackend) @pytest.mark.requires_backend_interface(interface=X509Backend) @@ -1027,7 +1027,7 @@ class TestCertificateBuilder(object): not_valid_after ) - cert = builder.sign(backend, issuer_private_key, hashes.SHA1()) + cert = builder.sign(issuer_private_key, hashes.SHA1(), backend) assert cert.version is x509.Version.v3 assert cert.not_valid_before == not_valid_before @@ -1076,7 +1076,7 @@ class TestCertificateBuilder(object): not_valid_after ) - cert = builder.sign(backend, issuer_private_key, hashes.SHA1()) + cert = builder.sign(issuer_private_key, hashes.SHA1(), backend) assert cert.version is x509.Version.v3 assert cert.not_valid_before == not_valid_before @@ -1117,7 +1117,7 @@ class TestCertificateBuilder(object): ) with pytest.raises(ValueError): - builder.sign(backend, issuer_private_key, hashes.SHA512()) + builder.sign(issuer_private_key, hashes.SHA512(), backend) @pytest.mark.requires_backend_interface(interface=X509Backend) |