From 1effb6e11ef4248c65b37a97dfe9dd0c2710882e Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Mon, 30 Mar 2015 15:05:59 -0500
Subject: add load_der_x509_csr to support loading DER encoded CSRs

---
 src/cryptography/hazmat/backends/interfaces.py      |  6 ++++++
 src/cryptography/hazmat/backends/multibackend.py    |  9 +++++++++
 src/cryptography/hazmat/backends/openssl/backend.py | 10 ++++++++++
 src/cryptography/x509.py                            |  4 ++++
 4 files changed, 29 insertions(+)

(limited to 'src')

diff --git a/src/cryptography/hazmat/backends/interfaces.py b/src/cryptography/hazmat/backends/interfaces.py
index 354b5141..5224f5c7 100644
--- a/src/cryptography/hazmat/backends/interfaces.py
+++ b/src/cryptography/hazmat/backends/interfaces.py
@@ -262,6 +262,12 @@ class X509Backend(object):
         Load an X.509 certificate from DER encoded data.
         """
 
+    @abc.abstractmethod
+    def load_der_x509_csr(self, data):
+        """
+        Load an X.509 CSR from DER encoded data.
+        """
+
     @abc.abstractmethod
     def load_pem_x509_csr(self, data):
         """
diff --git a/src/cryptography/hazmat/backends/multibackend.py b/src/cryptography/hazmat/backends/multibackend.py
index 54b044f0..784ab84d 100644
--- a/src/cryptography/hazmat/backends/multibackend.py
+++ b/src/cryptography/hazmat/backends/multibackend.py
@@ -325,6 +325,15 @@ class MultiBackend(object):
             _Reasons.UNSUPPORTED_X509
         )
 
+    def load_der_x509_csr(self, data):
+        for b in self._filtered_backends(X509Backend):
+            return b.load_der_x509_csr(data)
+
+        raise UnsupportedAlgorithm(
+            "This backend does not support X.509.",
+            _Reasons.UNSUPPORTED_X509
+        )
+
     def load_pem_x509_csr(self, data):
         for b in self._filtered_backends(X509Backend):
             return b.load_pem_x509_csr(data)
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 854219f7..665771a8 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -834,6 +834,16 @@ class Backend(object):
         x509_req = self._ffi.gc(x509_req, self._lib.X509_REQ_free)
         return _CertificateSigningRequest(self, x509_req)
 
+    def load_der_x509_csr(self, data):
+        mem_bio = self._bytes_to_bio(data)
+        x509_req = self._lib.d2i_X509_REQ_bio(mem_bio.bio, self._ffi.NULL)
+        if x509_req == self._ffi.NULL:
+            self._consume_errors()
+            raise ValueError("Unable to load request")
+
+        x509_req = self._ffi.gc(x509_req, self._lib.X509_REQ_free)
+        return _CertificateSigningRequest(self, x509_req)
+
     def _load_key(self, openssl_read_func, convert_func, data, password):
         mem_bio = self._bytes_to_bio(data)
 
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 25bbe9ca..113c35e0 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -64,6 +64,10 @@ def load_pem_x509_csr(data, backend):
     return backend.load_pem_x509_csr(data)
 
 
+def load_der_x509_csr(data, backend):
+    return backend.load_der_x509_csr(data)
+
+
 class InvalidVersion(Exception):
     def __init__(self, msg, parsed_version):
         super(InvalidVersion, self).__init__(msg)
-- 
cgit v1.2.3