diff options
| -rw-r--r-- | docs/x509.rst | 4 | ||||
| -rw-r--r-- | src/cryptography/x509.py | 2 | ||||
| -rw-r--r-- | tests/test_x509.py | 24 |
3 files changed, 10 insertions, 20 deletions
diff --git a/docs/x509.rst b/docs/x509.rst index c4c441e7..f94f50eb 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -494,7 +494,7 @@ X.509 CSR (Certificate Signing Request) Builder Object ... x509.BasicConstraints(ca=False, path_length=None), critical=True, ... ) >>> request = builder.sign( - ... default_backend(), private_key, hashes.SHA256() + ... private_key, hashes.SHA256(), default_backend() ... ) >>> isinstance(request, x509.CertificateSigningRequest) True @@ -515,7 +515,7 @@ X.509 CSR (Certificate Signing Request) Builder Object :returns: A new :class:`~cryptography.x509.CertificateSigningRequestBuilder`. - .. method:: sign(backend, private_key, algorithm) + .. method:: sign(private_key, algorithm, backend) :param backend: Backend that will be used to sign the request. Must support the diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py index 24d501e5..0f72abb3 100644 --- a/src/cryptography/x509.py +++ b/src/cryptography/x509.py @@ -1482,7 +1482,7 @@ class CertificateSigningRequestBuilder(object): self._subject_name, self._extensions + [extension] ) - def sign(self, backend, private_key, algorithm): + def sign(self, private_key, algorithm, backend): """ Signs the request using the requestor's private key. """ diff --git a/tests/test_x509.py b/tests/test_x509.py index 53052196..08dae0ce 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -689,7 +689,7 @@ class TestCertificateSigningRequestBuilder(object): builder = x509.CertificateSigningRequestBuilder() with pytest.raises(TypeError): - builder.sign(backend, private_key, 'NotAHash') + builder.sign(private_key, 'NotAHash', backend) @pytest.mark.requires_backend_interface(interface=RSABackend) def test_build_ca_request_with_rsa(self, backend): @@ -701,9 +701,7 @@ class TestCertificateSigningRequestBuilder(object): ]) ).add_extension( x509.BasicConstraints(ca=True, path_length=2), critical=True - ).sign( - backend, private_key, hashes.SHA1() - ) + ).sign(private_key, hashes.SHA1(), backend) assert isinstance(request.signature_hash_algorithm, hashes.SHA1) public_key = request.public_key() @@ -730,9 +728,7 @@ class TestCertificateSigningRequestBuilder(object): ]) ).add_extension( x509.BasicConstraints(ca=True, path_length=2), critical=True - ).sign( - backend, private_key, hashes.SHA1() - ) + ).sign(private_key, hashes.SHA1(), backend) loaded_request = x509.load_pem_x509_csr( request.public_bytes(encoding=serialization.Encoding.PEM), backend @@ -753,9 +749,7 @@ class TestCertificateSigningRequestBuilder(object): ]) ).add_extension( x509.BasicConstraints(ca=False, path_length=None), critical=True, - ).sign( - backend, private_key, hashes.SHA1() - ) + ).sign(private_key, hashes.SHA1(), backend) assert isinstance(request.signature_hash_algorithm, hashes.SHA1) public_key = request.public_key() @@ -785,9 +779,7 @@ class TestCertificateSigningRequestBuilder(object): ]) ).add_extension( x509.BasicConstraints(ca=True, path_length=2), critical=True - ).sign( - backend, private_key, hashes.SHA1() - ) + ).sign(private_key, hashes.SHA1(), backend) assert isinstance(request.signature_hash_algorithm, hashes.SHA1) public_key = request.public_key() @@ -816,9 +808,7 @@ class TestCertificateSigningRequestBuilder(object): ]) ).add_extension( x509.BasicConstraints(ca=True, path_length=2), critical=True - ).sign( - backend, private_key, hashes.SHA1() - ) + ).sign(private_key, hashes.SHA1(), backend) assert isinstance(request.signature_hash_algorithm, hashes.SHA1) public_key = request.public_key() @@ -868,7 +858,7 @@ class TestCertificateSigningRequestBuilder(object): critical=False, ) with pytest.raises(NotImplementedError): - builder.sign(backend, private_key, hashes.SHA256()) + builder.sign(private_key, hashes.SHA256(), backend) def test_set_subject_twice(self): builder = x509.CertificateSigningRequestBuilder() |