From 60517a4466c153449f88063ef627291c53ea5ee1 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 1 Aug 2015 20:54:45 +0100 Subject: improve changelog information around csrbuilder --- CHANGELOG.rst | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 85f84477..0946b8bb 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -25,7 +25,13 @@ Changelog * Raise a ``TypeError`` when passing objects that are not text as the value to :class:`~cryptography.x509.NameAttribute`. * Add support for creating certificate signing requests with - :class:`~cryptography.x509.CertificateSigningRequestBuilder`. + :class:`~cryptography.x509.CertificateSigningRequestBuilder`. This includes + support for the following extensions: + + * :class:`~cryptography.x509.BasicConstraints` + * :class:`~cryptography.x509.ExtendedKeyUsage` + * :class:`~cryptography.x509.KeyUsage` + * :class:`~cryptography.x509.SubjectAlternativeName` 0.9.3 - 2015-07-09 ~~~~~~~~~~~~~~~~~~ -- cgit v1.2.3 From c4e6194f182dcf49280a140bedd0d88c7d94b4e3 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 1 Aug 2015 21:21:13 +0100 Subject: add missing extensions documentation to CertificateSigningRequest --- docs/x509/reference.rst | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst index 9179468f..4d164dca 100644 --- a/docs/x509/reference.rst +++ b/docs/x509/reference.rst @@ -431,6 +431,25 @@ X.509 CSR (Certificate Signing Request) Object >>> isinstance(csr.signature_hash_algorithm, hashes.SHA1) True + .. attribute:: extensions + + :type: :class:`Extensions` + + The extensions encoded in the certificate signing request. + + :raises cryptography.x509.DuplicateExtension: If more than one + extension of the same type is found within the certificate siging request. + + :raises cryptography.x509.UnsupportedExtension: If the certificate siging request + contains an extension that is not supported. + + :raises cryptography.x509.UnsupportedGeneralNameType: If an extension + contains a general name that is not supported. + + :raises UnicodeError: If an extension contains IDNA encoding that is + invalid or not compliant with IDNA 2008. + + .. method:: public_bytes(encoding) .. versionadded:: 1.0 -- cgit v1.2.3 From 44171a29788ba7e8f95585bc9e97c4ca847a6267 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 1 Aug 2015 21:21:26 +0100 Subject: improve the changelog for 1.0 --- CHANGELOG.rst | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 0946b8bb..4506a466 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -24,6 +24,18 @@ Changelog and :class:`~cryptography.hazmat.primitives.kdf.concatkdf.ConcatKDFHMAC`. * Raise a ``TypeError`` when passing objects that are not text as the value to :class:`~cryptography.x509.NameAttribute`. +* Add support for :class:`~cryptography.x509.OtherName` as a general name + type. +* Added new X.509 extension support in :class:`~cryptography.x509.Certificate` + The following new extensions are now supported: + + * :class:`~cryptography.x509.OCSPNoCheck` + * :class:`~cryptography.x509.InhibitAnyPolicy` + * :class:`~cryptography.x509.IssuerAlternativeName` + * :class:`~cryptography.x509.NameConstraints` + +* Extension support was added to + :class:`~cryptography.x509.CertificateSigningRequest`. * Add support for creating certificate signing requests with :class:`~cryptography.x509.CertificateSigningRequestBuilder`. This includes support for the following extensions: -- cgit v1.2.3 From 24283d22ef0e44e94aeef6cf170448240e83fcb2 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 1 Aug 2015 21:31:19 +0100 Subject: typo fix --- docs/x509/reference.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst index 4d164dca..c7d45c77 100644 --- a/docs/x509/reference.rst +++ b/docs/x509/reference.rst @@ -438,9 +438,9 @@ X.509 CSR (Certificate Signing Request) Object The extensions encoded in the certificate signing request. :raises cryptography.x509.DuplicateExtension: If more than one - extension of the same type is found within the certificate siging request. + extension of the same type is found within the certificate signing request. - :raises cryptography.x509.UnsupportedExtension: If the certificate siging request + :raises cryptography.x509.UnsupportedExtension: If the certificate signing request contains an extension that is not supported. :raises cryptography.x509.UnsupportedGeneralNameType: If an extension -- cgit v1.2.3