2 files changed, 27 insertions, 0 deletions

diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py
index 1ba59b68..3afbc40f 100644
--- a/src/cryptography/hazmat/backends/openssl/x509.py
+++ b/src/cryptography/hazmat/backends/openssl/x509.py
@@ -322,6 +322,21 @@ class _Certificate(object):
     def extensions(self):
         return _CERTIFICATE_EXTENSION_PARSER.parse(self._backend, self._x509)
 
+    @property
+    def signature(self):
+        return self._backend._asn1_string_to_bytes(self._x509.signature)
+
+    @property
+    def tbs_certificate_bytes(self):
+        pp = self._backend._ffi.new("unsigned char **")
+        # the X509_CINF struct holds the tbsCertificate data
+        res = self._backend._lib.i2d_X509_CINF(self._x509.cert_info, pp)
+        self._backend.openssl_assert(res > 0)
+        pp = self._backend._ffi.gc(
+            pp, lambda pointer: self._backend._lib.OPENSSL_free(pointer[0])
+        )
+        return self._backend._ffi.buffer(pp[0], res)[:]
+
     def public_bytes(self, encoding):
         bio = self._backend._create_mem_bio()
         if encoding is serialization.Encoding.PEM:
diff --git a/src/cryptography/x509/base.py b/src/cryptography/x509/base.py
index 01eadfcb..ad561b94 100644
--- a/src/cryptography/x509/base.py
+++ b/src/cryptography/x509/base.py
@@ -117,6 +117,18 @@ class Certificate(object):
         Returns an Extensions object.
         """
 
+    @abc.abstractproperty
+    def signature(self):
+        """
+        Returns the signature bytes.
+        """
+
+    @abc.abstractproperty
+    def tbs_certificate_bytes(self):
+        """
+        Returns the tbsCertificate payload bytes as defined in RFC 5280.
+        """
+
     @abc.abstractmethod
     def __eq__(self, other):
         """