diff options
| author | Erik Trauschke <erik.trauschke@gmail.com> | 2015-05-14 16:12:24 -0700 |
|---|---|---|
| committer | Erik Trauschke <erik.trauschke@gmail.com> | 2015-05-27 09:26:09 -0700 |
| commit | 2dcce90056cb8c2082d5a103212ef045daa8bff3 (patch) | |
| tree | 7a86d13fd5f2d51ee49eb8ad28d73fd2cd278862 /docs/x509.rst | |
| parent | f2646557cbe6ee7dc8c338ad60b188a8ab1978ab (diff) | |
| download | cryptography-2dcce90056cb8c2082d5a103212ef045daa8bff3.tar.gz cryptography-2dcce90056cb8c2082d5a103212ef045daa8bff3.tar.bz2 cryptography-2dcce90056cb8c2082d5a103212ef045daa8bff3.zip | |
add bindings and interfaces for CRL objects
Diffstat (limited to 'docs/x509.rst')
| -rw-r--r-- | docs/x509.rst | 91 |
1 files changed, 90 insertions, 1 deletions
diff --git a/docs/x509.rst b/docs/x509.rst index 5e4d9bfa..fa01f046 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -208,7 +208,7 @@ X.509 Certificate Object :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` that will be used to generate the fingerprint. - :return bytes: The fingerprint using the supplied hash algorithm as + :return bytes: The fingerprint using the supplied hash algorithm, as bytes. .. doctest:: @@ -335,6 +335,71 @@ X.509 Certificate Object :return bytes: The data that can be written to a file or sent over the network to be verified by clients. +X.509 CRL (Certificate Revocation List) Object +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. class:: CertificateRevocationList + + .. versionadded:: 1.0 + + .. method:: fingerprint(algorithm) + + :param algorithm: The + :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` + that will be used to generate the fingerprint. + + :return bytes: The fingerprint using the supplied hash algorithm, as + bytes. + + .. attribute:: signature_hash_algorithm + + :type: :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` + + Returns the + :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` which + was used in signing this CRL. + + .. attribute:: issuer + + :type: :class:`Name` + + The :class:`Name` of the issuer. + + .. attribute:: next_update + + :type: :class:`datetime.datetime` + + A naïve datetime representing when the next update to this CRL is + expected. + + .. attribute:: last_update + + :type: :class:`datetime.datetime` + + A naïve datetime representing when the this CRL was last updated. + + .. attribute:: revoked + + :type: list of :class:`RevokedCertificate` + + The revoked certificates listed in this CRL. + + .. attribute:: extensions + + :type: :class:`Extensions` + + The extensions encoded in the CRL. + + .. method:: verify(pubkey) + + :param algorithm: The + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey` or + :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` or + :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey` + that will be used to verify the CRL. + + :return boolean: The result of the verification as boolean value. + X.509 CSR (Certificate Signing Request) Object ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -388,6 +453,30 @@ X.509 CSR (Certificate Signing Request) Object over the network to be signed by the certificate authority. +X.509 Revoked Certificate Object +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. class:: RevokedCertificate + + .. versionadded:: 1.0 + + .. attribute:: serial_number + + :type: :class:`int` + + An integer representing the serial number of the revoked certificate. + + .. attribute:: revocation_date + + :type: :class:`datetime.datetime` + + A naïve datetime representing the date this certificates was revoked. + + .. attribute:: extensions + + :type: :class:`Extensions` + + The extensions encoded in the revoked certificate. .. class:: Name |