From 1bd77e2f4ee2fcdd9233ea36ed74edeee02817c5 Mon Sep 17 00:00:00 2001 From: Joern Heissler Date: Wed, 13 Jan 2016 22:51:37 +0100 Subject: Add verify method on CertificateSigningRequest --- docs/development/test-vectors.rst | 6 ++++-- docs/x509/reference.rst | 9 +++++++++ 2 files changed, 13 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst index ad945f2f..4abf9f63 100644 --- a/docs/development/test-vectors.rst +++ b/docs/development/test-vectors.rst @@ -278,7 +278,7 @@ Custom X.509 Request Vectors request using RSA and SHA1 with a subject alternative name extension generated using OpenSSL. * ``two_basic_constraints.pem`` - A certificate signing request - for a RSA 2048 bit key containing two basic constraints extensions. + for an RSA 2048 bit key containing two basic constraints extensions. * ``unsupported_extension.pem`` - A certificate signing request for an RSA 2048 bit key containing containing an unsupported extension type. The OID was encoded as "1.2.3.4" with an @@ -287,9 +287,11 @@ Custom X.509 Request Vectors request for an RSA 2048 bit key containing containing an unsupported extension type marked critical. The OID was encoded as "1.2.3.4" with an ``extnValue`` of "value". -* ``basic_constraints.pem`` - A certificate signing request for a RSA +* ``basic_constraints.pem`` - A certificate signing request for an RSA 2048 bit key containing a basic constraints extension marked as critical. +* ``invalid_signature.pem`` - A certificate signing request for an RSA + 1024 bit key containing an invalid signature with correct padding. Custom X.509 Certificate Revocation List Vectors ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst index 8bb3f40d..568eb405 100644 --- a/docs/x509/reference.rst +++ b/docs/x509/reference.rst @@ -761,6 +761,15 @@ X.509 CSR (Certificate Signing Request) Object key embedded in the CSR). This data may be used to validate the CSR signature. + .. method:: verify() + + .. versionadded:: 1.3 + + :raises cryptography.exceptions.InvalidSignature: If the signature does + not validate. + + Verifies the CSR signature. + X.509 Certificate Revocation List Builder ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- cgit v1.2.3 From fbda8ce83d8aa774bbd5438dfd98def87585df3b Mon Sep 17 00:00:00 2001 From: Joern Heissler Date: Mon, 18 Jan 2016 00:24:44 +0100 Subject: Change method to property --- docs/x509/reference.rst | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'docs') diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst index 568eb405..3b14567e 100644 --- a/docs/x509/reference.rst +++ b/docs/x509/reference.rst @@ -761,14 +761,11 @@ X.509 CSR (Certificate Signing Request) Object key embedded in the CSR). This data may be used to validate the CSR signature. - .. method:: verify() + .. attribute:: is_signature_valid .. versionadded:: 1.3 - :raises cryptography.exceptions.InvalidSignature: If the signature does - not validate. - - Verifies the CSR signature. + Returns True if the CSR signature is correct, False otherwise. X.509 Certificate Revocation List Builder ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- cgit v1.2.3