diff options
| author | Marko Kreen <markokr@gmail.com> | 2019-09-09 02:44:02 +0300 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2019-09-09 07:44:02 +0800 |
| commit | f7c77712d6611dc72cb2ef6fb1fe72fee4ab88de (patch) | |
| tree | 7ff0841b1c2e9b29737874ff76c215de50ce0ee0 /docs/x509/ocsp.rst | |
| parent | c918fef88670fc46433d3edd91957231c654ff05 (diff) | |
| download | cryptography-f7c77712d6611dc72cb2ef6fb1fe72fee4ab88de.tar.gz cryptography-f7c77712d6611dc72cb2ef6fb1fe72fee4ab88de.tar.bz2 cryptography-f7c77712d6611dc72cb2ef6fb1fe72fee4ab88de.zip | |
Finish ed25519 and ed448 support in x509 module (#4972)
* Support ed25519 in csr/crl creation
* Tests for ed25519/x509
* Support ed448 in crt/csr/crl creation
* Tests for ed448/x509
* Support ed25519/ed448 in OCSPResponseBuilder
* Tests for eddsa in OCSPResponseBuilder
* Builder check missing in create_x509_csr
* Documentation update for ed25519+ed448 in x509
Diffstat (limited to 'docs/x509/ocsp.rst')
| -rw-r--r-- | docs/x509/ocsp.rst | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/docs/x509/ocsp.rst b/docs/x509/ocsp.rst index d3815d6f..e28c05a7 100644 --- a/docs/x509/ocsp.rst +++ b/docs/x509/ocsp.rst @@ -292,14 +292,23 @@ Creating Responses :attr:`~cryptography.x509.ocsp.OCSPResponseStatus.SUCCESSFUL` response. :param private_key: The - :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey` - or - :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey` + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`, + :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`, + :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey`, + :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey` or + :class:`~cryptography.hazmat.primitives.asymmetric.ed448.Ed448PrivateKey` that will be used to sign the certificate. :param algorithm: The :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` that - will be used to generate the signature. + will be used to generate the signature. This must be ``None`` if + the ``private_key`` is an + :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey` + or an + :class:`~cryptography.hazmat.primitives.asymmetric.ed448.Ed448PrivateKey` + and an instance of a + :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` + otherwise. :returns: A new :class:`~cryptography.x509.ocsp.OCSPResponse`. @@ -434,7 +443,10 @@ Interfaces Returns the :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` which - was used in signing this response. + was used in signing this response. Can be ``None`` if signature + did not use separate hash + (:attr:`~cryptography.x509.oid.SignatureAlgorithmOID.ED25519`, + :attr:`~cryptography.x509.oid.SignatureAlgorithmOID.ED448`). .. attribute:: signature |