aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/cryptography/hazmat/backends/openssl/backend.py6
-rw-r--r--src/cryptography/x509.py2
2 files changed, 5 insertions, 3 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 3beb716d..eae31cd1 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -1081,7 +1081,11 @@ class Backend(object):
res = self._lib.X509_sign(
x509_cert, private_key._evp_pkey, evp_md
)
- assert res > 0
+ if res == 0:
+ errors = self._consume_errors()
+ assert errors[0][1] == self._lib.ERR_LIB_RSA
+ assert errors[0][3] == self._lib.RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY
+ raise ValueError("Digest too big for RSA key")
return _Certificate(self, x509_cert)
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 11ce6cf0..5760aae7 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -1680,7 +1680,6 @@ class CertificateBuilder(object):
"""
Sets the certificate activation time.
"""
- # TODO: require UTC datetime?
if not isinstance(time, datetime.datetime):
raise TypeError('Expecting datetime object.')
if self._not_valid_before is not None:
@@ -1698,7 +1697,6 @@ class CertificateBuilder(object):
"""
Sets the certificate expiration time.
"""
- # TODO: require UTC datetime?
if not isinstance(time, datetime.datetime):
raise TypeError('Expecting datetime object.')
if self._not_valid_after is not None:
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-05 22:46:25 +0000