add load_der_x509_csr to support loading DER encoded CSRs

author: Paul Kehrer <paul.l.kehrer@gmail.com> 2015-03-30 15:05:59 -0500
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2015-03-30 17:55:39 -0500
commit: 1effb6e11ef4248c65b37a97dfe9dd0c2710882e (patch)
tree: d549a53d61b314f9b024c9a76e9f2803802b35ef /src
parent: d10e1ab8bb4630eb8e0902b37e9e4ea2013bd349 (diff)
download: cryptography-1effb6e11ef4248c65b37a97dfe9dd0c2710882e.tar.gz
cryptography-1effb6e11ef4248c65b37a97dfe9dd0c2710882e.tar.bz2
cryptography-1effb6e11ef4248c65b37a97dfe9dd0c2710882e.zip
4 files changed, 29 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/backends/interfaces.py b/src/cryptography/hazmat/backends/interfaces.py
index 354b5141..5224f5c7 100644
--- a/src/cryptography/hazmat/backends/interfaces.py
+++ b/src/cryptography/hazmat/backends/interfaces.py
@@ -263,6 +263,12 @@ class X509Backend(object):
         """
 
     @abc.abstractmethod
+    def load_der_x509_csr(self, data):
+        """
+        Load an X.509 CSR from DER encoded data.
+        """
+
+    @abc.abstractmethod
     def load_pem_x509_csr(self, data):
         """
         Load an X.509 CSR from PEM encoded data.
diff --git a/src/cryptography/hazmat/backends/multibackend.py b/src/cryptography/hazmat/backends/multibackend.py
index 54b044f0..784ab84d 100644
--- a/src/cryptography/hazmat/backends/multibackend.py
+++ b/src/cryptography/hazmat/backends/multibackend.py
@@ -325,6 +325,15 @@ class MultiBackend(object):
             _Reasons.UNSUPPORTED_X509
         )
 
+    def load_der_x509_csr(self, data):
+        for b in self._filtered_backends(X509Backend):
+            return b.load_der_x509_csr(data)
+
+        raise UnsupportedAlgorithm(
+            "This backend does not support X.509.",
+            _Reasons.UNSUPPORTED_X509
+        )
+
     def load_pem_x509_csr(self, data):
         for b in self._filtered_backends(X509Backend):
             return b.load_pem_x509_csr(data)
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 854219f7..665771a8 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -834,6 +834,16 @@ class Backend(object):
         x509_req = self._ffi.gc(x509_req, self._lib.X509_REQ_free)
         return _CertificateSigningRequest(self, x509_req)
 
+    def load_der_x509_csr(self, data):
+        mem_bio = self._bytes_to_bio(data)
+        x509_req = self._lib.d2i_X509_REQ_bio(mem_bio.bio, self._ffi.NULL)
+        if x509_req == self._ffi.NULL:
+            self._consume_errors()
+            raise ValueError("Unable to load request")
+
+        x509_req = self._ffi.gc(x509_req, self._lib.X509_REQ_free)
+        return _CertificateSigningRequest(self, x509_req)
+
     def _load_key(self, openssl_read_func, convert_func, data, password):
         mem_bio = self._bytes_to_bio(data)
 
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 25bbe9ca..113c35e0 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -64,6 +64,10 @@ def load_pem_x509_csr(data, backend):
     return backend.load_pem_x509_csr(data)
 
 
+def load_der_x509_csr(data, backend):
+    return backend.load_der_x509_csr(data)
+
+
 class InvalidVersion(Exception):
     def __init__(self, msg, parsed_version):
         super(InvalidVersion, self).__init__(msg)
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2015-03-30 15:05:59 -0500
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2015-03-30 17:55:39 -0500
commit	1effb6e11ef4248c65b37a97dfe9dd0c2710882e (patch)
tree	d549a53d61b314f9b024c9a76e9f2803802b35ef /src
parent	d10e1ab8bb4630eb8e0902b37e9e4ea2013bd349 (diff)
download	cryptography-1effb6e11ef4248c65b37a97dfe9dd0c2710882e.tar.gz cryptography-1effb6e11ef4248c65b37a97dfe9dd0c2710882e.tar.bz2 cryptography-1effb6e11ef4248c65b37a97dfe9dd0c2710882e.zip