1 files changed, 39 insertions, 0 deletions

diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst
index dfa91fac..d86ebbe8 100644
--- a/docs/x509/reference.rst
+++ b/docs/x509/reference.rst
@@ -1160,6 +1160,37 @@ X.509 Extensions
 
         The serial number of the issuer's issuer.
 
+    .. classmethod:: from_issuer_public_key(public_key)
+
+        .. versionadded:: 1.0
+
+        Creates a new AuthorityKeyIdentifier instance using the public key
+        provided to generate the appropriate digest. This should be the
+        **issuer's public key**. The resulting object will contain
+        :attr:`~cryptography.x509.AuthorityKeyIdentifier.key_identifier`, but
+        :attr:`~cryptography.x509.AuthorityKeyIdentifier.authority_cert_issuer`
+        and
+        :attr:`~cryptography.x509.AuthorityKeyIdentifier.authority_cert_serial_number`
+        will be None.
+        The generated ``key_identifier`` is the SHA1 hash of the ``subjectPublicKey``
+        ASN.1 bit string. This is the first recommendation in :rfc:`5280`
+        section 4.2.1.2.
+
+        :param public_key: One of
+            :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`
+            ,
+            :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`
+            , or
+            :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey`.
+
+        .. doctest::
+
+            >>> from cryptography import x509
+            >>> from cryptography.hazmat.backends import default_backend
+            >>> issuer_cert = x509.load_pem_x509_certificate(pem_data, default_backend())
+            >>> x509.AuthorityKeyIdentifier.from_issuer_public_key(issuer_cert.public_key())
+            <AuthorityKeyIdentifier(key_identifier='X\x01\x84$\x1b\xbc+R\x94J=\xa5\x10r\x14Q\xf5\xaf:\xc9', authority_cert_issuer=None, authority_cert_serial_number=None)>
+
 .. class:: SubjectKeyIdentifier
 
     .. versionadded:: 0.9
@@ -1198,6 +1229,14 @@ X.509 Extensions
             , or
             :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey`.
 
+        .. doctest::
+
+            >>> from cryptography import x509
+            >>> from cryptography.hazmat.backends import default_backend
+            >>> csr = x509.load_pem_x509_csr(pem_req_data, default_backend())
+            >>> x509.SubjectKeyIdentifier.from_public_key(csr.public_key())
+            <SubjectKeyIdentifier(digest='\xdb\xaa\xf0\x06\x11\xdbD\xfe\xbf\x93\x03\x8av\x88WP7\xa6\x91\xf7')>
+
 .. class:: SubjectAlternativeName
 
     .. versionadded:: 0.9