diff options
| author | Marko Kreen <markokr@gmail.com> | 2020-06-15 00:12:06 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-06-14 16:12:06 -0500 |
| commit | 0b036170842e33c98f2132c9ba00ff97f07c709f (patch) | |
| tree | e567e3ed2f21e383cd5646f400778c91a43a0e13 /src/cryptography/x509/ocsp.py | |
| parent | 0d0d70bd78f432397b91eee4d9743000686037a6 (diff) | |
| download | cryptography-master.tar.gz cryptography-master.tar.bz2 cryptography-master.zip | |
- Use common implementation
- OCSP signing was using different validation
- Check if private key is usable for signing
Diffstat (limited to 'src/cryptography/x509/ocsp.py')
| -rw-r--r-- | src/cryptography/x509/ocsp.py | 10 |
1 files changed, 0 insertions, 10 deletions
diff --git a/src/cryptography/x509/ocsp.py b/src/cryptography/x509/ocsp.py index 4e0c985a..7db92b90 100644 --- a/src/cryptography/x509/ocsp.py +++ b/src/cryptography/x509/ocsp.py @@ -12,7 +12,6 @@ import six from cryptography import x509 from cryptography.hazmat.primitives import hashes -from cryptography.hazmat.primitives.asymmetric import ed25519, ed448 from cryptography.x509.base import ( _EARLIEST_UTC_TIME, _convert_to_naive_utc_time, _reject_duplicate_extension ) @@ -242,15 +241,6 @@ class OCSPResponseBuilder(object): if self._responder_id is None: raise ValueError("You must add a responder_id before signing") - if isinstance(private_key, - (ed25519.Ed25519PrivateKey, ed448.Ed448PrivateKey)): - if algorithm is not None: - raise ValueError( - "algorithm must be None when signing via ed25519 or ed448" - ) - elif not isinstance(algorithm, hashes.HashAlgorithm): - raise TypeError("Algorithm must be a registered hash algorithm.") - return backend.create_ocsp_response( OCSPResponseStatus.SUCCESSFUL, self, private_key, algorithm ) |