aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/cryptography/hazmat/backends/interfaces.py6
-rw-r--r--src/cryptography/hazmat/backends/multibackend.py9
-rw-r--r--src/cryptography/hazmat/backends/openssl/backend.py2
-rw-r--r--src/cryptography/x509.py2
-rw-r--r--tests/hazmat/backends/test_multibackend.py6
5 files changed, 23 insertions, 2 deletions
diff --git a/src/cryptography/hazmat/backends/interfaces.py b/src/cryptography/hazmat/backends/interfaces.py
index eca7ddf4..512cb6e3 100644
--- a/src/cryptography/hazmat/backends/interfaces.py
+++ b/src/cryptography/hazmat/backends/interfaces.py
@@ -274,6 +274,12 @@ class X509Backend(object):
Load an X.509 CSR from PEM encoded data.
"""
+ @abc.abstractmethod
+ def create_x509_csr(self, builder, private_key, algorithm):
+ """
+ Create and sign an X.509 CSR from a CSR buidler object.
+ """
+
@six.add_metaclass(abc.ABCMeta)
class DHBackend(object):
diff --git a/src/cryptography/hazmat/backends/multibackend.py b/src/cryptography/hazmat/backends/multibackend.py
index 784ab84d..6e911fd5 100644
--- a/src/cryptography/hazmat/backends/multibackend.py
+++ b/src/cryptography/hazmat/backends/multibackend.py
@@ -342,3 +342,12 @@ class MultiBackend(object):
"This backend does not support X.509.",
_Reasons.UNSUPPORTED_X509
)
+
+ def create_x509_csr(self, builder, private_key, algorithm):
+ for b in self._filtered_backends(X509Backend):
+ return b.create_x509_csr(builder, private_key, algorithm)
+
+ raise UnsupportedAlgorithm(
+ "This backend does not support X.509.",
+ _Reasons.UNSUPPORTED_X509
+ )
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index bf838ead..b8b2ab6b 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -784,7 +784,7 @@ class Backend(object):
def create_cmac_ctx(self, algorithm):
return _CMACContext(self, algorithm)
- def sign_x509_request(self, builder, private_key, algorithm):
+ def create_x509_csr(self, builder, private_key, algorithm):
# TODO: check type of private key parameter.
if not isinstance(algorithm, hashes.HashAlgorithm):
raise TypeError('Algorithm must be a registered hash algorithm.')
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 012c13ba..2ee1c3ef 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -1484,4 +1484,4 @@ class CertificateSigningRequestBuilder(object):
"""
Signs the request using the requestor's private key.
"""
- return backend.sign_x509_request(self, private_key, algorithm)
+ return backend.create_x509_csr(self, private_key, algorithm)
diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index 5871e6c8..3c05cdfa 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -203,6 +203,9 @@ class DummyX509Backend(object):
def load_der_x509_csr(self, data):
pass
+ def create_x509_csr(self, builder, private_key, algorithm):
+ pass
+
class TestMultiBackend(object):
def test_ciphers(self):
@@ -480,6 +483,7 @@ class TestMultiBackend(object):
backend.load_der_x509_certificate(b"certdata")
backend.load_pem_x509_csr(b"reqdata")
backend.load_der_x509_csr(b"reqdata")
+ backend.create_x509_csr(object(), b"privatekey", hashes.SHA1())
backend = MultiBackend([])
with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_X509):
@@ -490,3 +494,5 @@ class TestMultiBackend(object):
backend.load_pem_x509_csr(b"reqdata")
with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_X509):
backend.load_der_x509_csr(b"reqdata")
+ with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_X509):
+ backend.create_x509_csr(object(), b"privatekey", hashes.SHA1())
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-19 16:17:06 +0000