From 2dcce90056cb8c2082d5a103212ef045daa8bff3 Mon Sep 17 00:00:00 2001 From: Erik Trauschke Date: Thu, 14 May 2015 16:12:24 -0700 Subject: add bindings and interfaces for CRL objects --- docs/x509.rst | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 90 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/x509.rst b/docs/x509.rst index 5e4d9bfa..fa01f046 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -208,7 +208,7 @@ X.509 Certificate Object :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` that will be used to generate the fingerprint. - :return bytes: The fingerprint using the supplied hash algorithm as + :return bytes: The fingerprint using the supplied hash algorithm, as bytes. .. doctest:: @@ -335,6 +335,71 @@ X.509 Certificate Object :return bytes: The data that can be written to a file or sent over the network to be verified by clients. +X.509 CRL (Certificate Revocation List) Object +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. class:: CertificateRevocationList + + .. versionadded:: 1.0 + + .. method:: fingerprint(algorithm) + + :param algorithm: The + :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` + that will be used to generate the fingerprint. + + :return bytes: The fingerprint using the supplied hash algorithm, as + bytes. + + .. attribute:: signature_hash_algorithm + + :type: :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` + + Returns the + :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` which + was used in signing this CRL. + + .. attribute:: issuer + + :type: :class:`Name` + + The :class:`Name` of the issuer. + + .. attribute:: next_update + + :type: :class:`datetime.datetime` + + A naïve datetime representing when the next update to this CRL is + expected. + + .. attribute:: last_update + + :type: :class:`datetime.datetime` + + A naïve datetime representing when the this CRL was last updated. + + .. attribute:: revoked + + :type: list of :class:`RevokedCertificate` + + The revoked certificates listed in this CRL. + + .. attribute:: extensions + + :type: :class:`Extensions` + + The extensions encoded in the CRL. + + .. method:: verify(pubkey) + + :param algorithm: The + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey` or + :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` or + :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey` + that will be used to verify the CRL. + + :return boolean: The result of the verification as boolean value. + X.509 CSR (Certificate Signing Request) Object ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -388,6 +453,30 @@ X.509 CSR (Certificate Signing Request) Object over the network to be signed by the certificate authority. +X.509 Revoked Certificate Object +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. class:: RevokedCertificate + + .. versionadded:: 1.0 + + .. attribute:: serial_number + + :type: :class:`int` + + An integer representing the serial number of the revoked certificate. + + .. attribute:: revocation_date + + :type: :class:`datetime.datetime` + + A naïve datetime representing the date this certificates was revoked. + + .. attribute:: extensions + + :type: :class:`Extensions` + + The extensions encoded in the revoked certificate. .. class:: Name -- cgit v1.2.3 From abb7b6ed99538e49f606b00f3219a2fd568c59d6 Mon Sep 17 00:00:00 2001 From: Erik Trauschke Date: Wed, 27 May 2015 15:07:35 -0700 Subject: doc fixes, rename rekoked -> revoked_certificates --- docs/x509.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/x509.rst b/docs/x509.rst index fa01f046..7e84b492 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -378,7 +378,7 @@ X.509 CRL (Certificate Revocation List) Object A naïve datetime representing when the this CRL was last updated. - .. attribute:: revoked + .. attribute:: revoked_certificates :type: list of :class:`RevokedCertificate` @@ -390,9 +390,9 @@ X.509 CRL (Certificate Revocation List) Object The extensions encoded in the CRL. - .. method:: verify(pubkey) + .. method:: verify(public_key) - :param algorithm: The + :param public_key: The :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey` or :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` or :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey` -- cgit v1.2.3 From c5a8d1724de78e0fa9c6cd9bf8ee6373c1a83ccb Mon Sep 17 00:00:00 2001 From: Erik Trauschke Date: Thu, 28 May 2015 10:24:25 -0700 Subject: removed verify(), various small fixes --- docs/x509.rst | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) (limited to 'docs') diff --git a/docs/x509.rst b/docs/x509.rst index 7e84b492..23a70f45 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -390,16 +390,6 @@ X.509 CRL (Certificate Revocation List) Object The extensions encoded in the CRL. - .. method:: verify(public_key) - - :param public_key: The - :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey` or - :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` or - :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey` - that will be used to verify the CRL. - - :return boolean: The result of the verification as boolean value. - X.509 CSR (Certificate Signing Request) Object ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -454,7 +444,7 @@ X.509 CSR (Certificate Signing Request) Object authority. X.509 Revoked Certificate Object -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .. class:: RevokedCertificate -- cgit v1.2.3