aboutsummaryrefslogtreecommitdiffstats
path: root/docs/x509/reference.rst
diff options
context:
space:
mode:
authorPaul Kehrer <paul.l.kehrer@gmail.com>2019-07-06 19:01:33 -0400
committerAlex Gaynor <alex.gaynor@gmail.com>2019-07-06 19:01:33 -0400
commit7b1391bfd4949140432bd003a8e43e32bfe968c5 (patch)
tree6bc6d5f26a767e47eb224a9d81224a2eea82986a /docs/x509/reference.rst
parent7c2cec85975d8bc79ff09af92d7d7d7077c7b18f (diff)
downloadcryptography-7b1391bfd4949140432bd003a8e43e32bfe968c5.tar.gz
cryptography-7b1391bfd4949140432bd003a8e43e32bfe968c5.tar.bz2
cryptography-7b1391bfd4949140432bd003a8e43e32bfe968c5.zip
ed25519 support in x509 certificate builder (#4937)
* ed25519 support in x509 certificate builder This adds minimal ed25519 support. More to come. * Apply suggestions from code review Co-Authored-By: Alex Gaynor <alex.gaynor@gmail.com>
Diffstat (limited to 'docs/x509/reference.rst')
-rw-r--r--docs/x509/reference.rst25
1 files changed, 21 insertions, 4 deletions
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst
index 6333a263..38901c7c 100644
--- a/docs/x509/reference.rst
+++ b/docs/x509/reference.rst
@@ -338,7 +338,8 @@ X.509 Certificate Object
:returns:
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey` or
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` or
- :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey`
+ :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey` or
+ :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey`
.. doctest::
@@ -727,8 +728,10 @@ X.509 Certificate Builder
:param public_key: The subject's public key. This can be one of
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`,
- :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` or
+ :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey`
+ or
+ :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey`
.. method:: serial_number(serial_number)
@@ -781,13 +784,20 @@ X.509 Certificate Builder
:param private_key: The
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`,
- :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey` or
+ :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey`
+ , or
+ :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey`
that will be used to sign the certificate.
:param algorithm: The
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` that
- will be used to generate the signature.
+ will be used to generate the signature. This must be ``None`` if
+ the ``private_key`` is an
+ :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey`
+ and an instance of a
+ :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
+ otherwise.
:param backend: Backend that will be used to build the certificate.
Must support the
@@ -2836,6 +2846,13 @@ instances. The following common OIDs are available as constants.
Corresponds to the dotted string ``"2.16.840.1.101.3.4.3.2"``. This is
a SHA256 digest signed by a DSA key.
+ .. attribute:: ED25519
+
+ .. versionadded:: 2.8
+
+ Corresponds to the dotted string ``"1.3.101.112"``. This is a signature
+ using an ed25519 key.
+
.. class:: ExtendedKeyUsageOID