From 56da2a50cd96e7214f4fdb254610bc19d8c0f255 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Wed, 11 Feb 2015 23:35:07 -0600
Subject: add support for signature_algorithm in x509.Certificate

---
 src/cryptography/hazmat/backends/openssl/x509.py | 11 ++++++++
 src/cryptography/hazmat/bindings/openssl/x509.py |  1 +
 src/cryptography/x509.py                         | 34 ++++++++++++++++++++++++
 3 files changed, 46 insertions(+)

(limited to 'src')

diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py
index 76dcf32f..a3dddc49 100644
--- a/src/cryptography/hazmat/backends/openssl/x509.py
+++ b/src/cryptography/hazmat/backends/openssl/x509.py
@@ -136,3 +136,14 @@ class _Certificate(object):
             )
 
         return x509.Name(attributes)
+
+    @property
+    def signature_algorithm(self):
+        buf_len = 50
+        buf = self._backend._ffi.new("char[]", buf_len)
+        res = self._backend._lib.OBJ_obj2txt(
+            buf, buf_len, self._x509.sig_alg.algorithm, 1
+        )
+        assert res <= 50 and res > 0
+        oid = self._backend._ffi.buffer(buf, res)[:].decode()
+        return x509.ObjectIdentifier(oid)
diff --git a/src/cryptography/hazmat/bindings/openssl/x509.py b/src/cryptography/hazmat/bindings/openssl/x509.py
index e30d23b7..bf689e33 100644
--- a/src/cryptography/hazmat/bindings/openssl/x509.py
+++ b/src/cryptography/hazmat/bindings/openssl/x509.py
@@ -65,6 +65,7 @@ typedef struct {
 } X509_CRL;
 
 typedef struct {
+    X509_ALGOR *sig_alg;
     X509_CINF *cert_info;
     ...;
 } X509;
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 8a888d2a..c4d87bb7 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -28,6 +28,19 @@ _OID_NAMES = {
     "2.5.4.65": "pseudonym",
     "0.9.2342.19200300.100.1.25": "domainComponent",
     "1.2.840.113549.1.9.1": "emailAddress",
+    "1.2.840.113549.1.1.4": "md5WithRSA",
+    "1.2.840.113549.1.1.5": "sha1WithRSA",
+    "1.2.840.113549.1.1.14": "sha224WithRSAEncryption",
+    "1.2.840.113549.1.1.11": "sha256WithRSAEncryption",
+    "1.2.840.113549.1.1.12": "sha384WithRSAEncryption",
+    "1.2.840.113549.1.1.13": "sha512WithRSAEncryption",
+    "1.2.840.10045.4.3.1": "ecdsa_with_SHA224",
+    "1.2.840.10045.4.3.2": "ecdsa_with_SHA256",
+    "1.2.840.10045.4.3.3": "ecdsa_with_SHA384",
+    "1.2.840.10045.4.3.4": "ecdsa_with_SHA512",
+    "1.2.840.10040.4.3": "dsaWithSHA1",
+    "2.16.840.1.101.3.4.3.1": "dsa_with_SHA224",
+    "2.16.840.1.101.3.4.3.2": "dsa_with_SHA256",
 }
 
 
@@ -143,6 +156,20 @@ OID_PSEUDONYM = ObjectIdentifier("2.5.4.65")
 OID_DOMAIN_COMPONENT = ObjectIdentifier("0.9.2342.19200300.100.1.25")
 OID_EMAIL_ADDRESS = ObjectIdentifier("1.2.840.113549.1.9.1")
 
+OID_MD5_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.4")
+OID_SHA1_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.5")
+OID_SHA224_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.14")
+OID_SHA256_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.11")
+OID_SHA384_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.12")
+OID_SHA512_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.13")
+OID_ECDSA_WITH_SHA224 = ObjectIdentifier("1.2.840.10045.4.3.1")
+OID_ECDSA_WITH_SHA256 = ObjectIdentifier("1.2.840.10045.4.3.2")
+OID_ECDSA_WITH_SHA384 = ObjectIdentifier("1.2.840.10045.4.3.3")
+OID_ECDSA_WITH_SHA512 = ObjectIdentifier("1.2.840.10045.4.3.4")
+OID_DSA_WITH_SHA1 = ObjectIdentifier("1.2.840.10040.4.3")
+OID_DSA_WITH_SHA224 = ObjectIdentifier("2.16.840.1.101.3.4.3.1")
+OID_DSA_WITH_SHA256 = ObjectIdentifier("2.16.840.1.101.3.4.3.2")
+
 
 @six.add_metaclass(abc.ABCMeta)
 class Certificate(object):
@@ -193,3 +220,10 @@ class Certificate(object):
         """
         Returns the subject name object.
         """
+
+    @abc.abstractproperty
+    def signature_algorithm(self):
+        """
+        Returns an ObjectIdentifier corresponding to the signature algorithm of
+        the certificate.
+        """
-- 
cgit v1.2.3


From 8802a5bae7138d10c289361e5204fb1ea72fc099 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Fri, 13 Feb 2015 12:06:57 -0600
Subject: implement signature_hash_algorithm instead

---
 src/cryptography/hazmat/backends/openssl/x509.py | 12 +++++++++++-
 src/cryptography/x509.py                         | 23 ++++++++++++++++++++---
 2 files changed, 31 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py
index a3dddc49..989a9dd7 100644
--- a/src/cryptography/hazmat/backends/openssl/x509.py
+++ b/src/cryptography/hazmat/backends/openssl/x509.py
@@ -16,6 +16,7 @@ from __future__ import absolute_import, division, print_function
 import datetime
 
 from cryptography import utils, x509
+from cryptography.exceptions import UnsupportedAlgorithm
 from cryptography.hazmat.primitives import hashes
 
 
@@ -138,7 +139,16 @@ class _Certificate(object):
         return x509.Name(attributes)
 
     @property
-    def signature_algorithm(self):
+    def signature_hash_algorithm(self):
+        oid = self._signature_algorithm()
+        try:
+            return x509._SIG_OIDS_TO_HASH[oid.dotted_string]
+        except KeyError:
+            raise UnsupportedAlgorithm(
+                "Signature algorithm {0} not recognized".format(oid)
+            )
+
+    def _signature_algorithm(self):
         buf_len = 50
         buf = self._backend._ffi.new("char[]", buf_len)
         res = self._backend._lib.OBJ_obj2txt(
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index c4d87bb7..c6ce61d1 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -10,6 +10,7 @@ from enum import Enum
 import six
 
 from cryptography import utils
+from cryptography.hazmat.primitives import hashes
 
 
 _OID_NAMES = {
@@ -170,6 +171,22 @@ OID_DSA_WITH_SHA1 = ObjectIdentifier("1.2.840.10040.4.3")
 OID_DSA_WITH_SHA224 = ObjectIdentifier("2.16.840.1.101.3.4.3.1")
 OID_DSA_WITH_SHA256 = ObjectIdentifier("2.16.840.1.101.3.4.3.2")
 
+_SIG_OIDS_TO_HASH = {
+    "1.2.840.113549.1.1.4": hashes.MD5(),
+    "1.2.840.113549.1.1.5": hashes.SHA1(),
+    "1.2.840.113549.1.1.14": hashes.SHA224(),
+    "1.2.840.113549.1.1.11": hashes.SHA256(),
+    "1.2.840.113549.1.1.12": hashes.SHA384(),
+    "1.2.840.113549.1.1.13": hashes.SHA512(),
+    "1.2.840.10045.4.3.1": hashes.SHA224(),
+    "1.2.840.10045.4.3.2": hashes.SHA256(),
+    "1.2.840.10045.4.3.3": hashes.SHA384(),
+    "1.2.840.10045.4.3.4": hashes.SHA512(),
+    "1.2.840.10040.4.3": hashes.SHA1(),
+    "2.16.840.1.101.3.4.3.1": hashes.SHA224(),
+    "2.16.840.1.101.3.4.3.2": hashes.SHA256()
+}
+
 
 @six.add_metaclass(abc.ABCMeta)
 class Certificate(object):
@@ -222,8 +239,8 @@ class Certificate(object):
         """
 
     @abc.abstractproperty
-    def signature_algorithm(self):
+    def signature_hash_algorithm(self):
         """
-        Returns an ObjectIdentifier corresponding to the signature algorithm of
-        the certificate.
+        Returns a HashAlgorithm corresponding to the type of the digest signed
+        in the certificate.
         """
-- 
cgit v1.2.3


From 42a87cbde14c23b2f10af665c6977697a1d0c034 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Fri, 13 Feb 2015 18:53:24 -0600
Subject: address review feedback

---
 src/cryptography/hazmat/backends/openssl/x509.py | 16 ++++++---------
 src/cryptography/x509.py                         | 26 ++++++++++++------------
 2 files changed, 19 insertions(+), 23 deletions(-)

(limited to 'src')

diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py
index 989a9dd7..c69e9148 100644
--- a/src/cryptography/hazmat/backends/openssl/x509.py
+++ b/src/cryptography/hazmat/backends/openssl/x509.py
@@ -140,15 +140,6 @@ class _Certificate(object):
 
     @property
     def signature_hash_algorithm(self):
-        oid = self._signature_algorithm()
-        try:
-            return x509._SIG_OIDS_TO_HASH[oid.dotted_string]
-        except KeyError:
-            raise UnsupportedAlgorithm(
-                "Signature algorithm {0} not recognized".format(oid)
-            )
-
-    def _signature_algorithm(self):
         buf_len = 50
         buf = self._backend._ffi.new("char[]", buf_len)
         res = self._backend._lib.OBJ_obj2txt(
@@ -156,4 +147,9 @@ class _Certificate(object):
         )
         assert res <= 50 and res > 0
         oid = self._backend._ffi.buffer(buf, res)[:].decode()
-        return x509.ObjectIdentifier(oid)
+        try:
+            return x509._SIG_OIDS_TO_HASH[oid]
+        except KeyError:
+            raise UnsupportedAlgorithm(
+                "Signature algorithm OID:{0} not recognized".format(oid)
+            )
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index c6ce61d1..0273ca86 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -172,19 +172,19 @@ OID_DSA_WITH_SHA224 = ObjectIdentifier("2.16.840.1.101.3.4.3.1")
 OID_DSA_WITH_SHA256 = ObjectIdentifier("2.16.840.1.101.3.4.3.2")
 
 _SIG_OIDS_TO_HASH = {
-    "1.2.840.113549.1.1.4": hashes.MD5(),
-    "1.2.840.113549.1.1.5": hashes.SHA1(),
-    "1.2.840.113549.1.1.14": hashes.SHA224(),
-    "1.2.840.113549.1.1.11": hashes.SHA256(),
-    "1.2.840.113549.1.1.12": hashes.SHA384(),
-    "1.2.840.113549.1.1.13": hashes.SHA512(),
-    "1.2.840.10045.4.3.1": hashes.SHA224(),
-    "1.2.840.10045.4.3.2": hashes.SHA256(),
-    "1.2.840.10045.4.3.3": hashes.SHA384(),
-    "1.2.840.10045.4.3.4": hashes.SHA512(),
-    "1.2.840.10040.4.3": hashes.SHA1(),
-    "2.16.840.1.101.3.4.3.1": hashes.SHA224(),
-    "2.16.840.1.101.3.4.3.2": hashes.SHA256()
+    OID_MD5_WITH_RSA.dotted_string: hashes.MD5(),
+    OID_SHA1_WITH_RSA.dotted_string: hashes.SHA1(),
+    OID_SHA224_WITH_RSA.dotted_string: hashes.SHA224(),
+    OID_SHA256_WITH_RSA.dotted_string: hashes.SHA256(),
+    OID_SHA384_WITH_RSA.dotted_string: hashes.SHA384(),
+    OID_SHA512_WITH_RSA.dotted_string: hashes.SHA512(),
+    OID_ECDSA_WITH_SHA224.dotted_string: hashes.SHA224(),
+    OID_ECDSA_WITH_SHA256.dotted_string: hashes.SHA256(),
+    OID_ECDSA_WITH_SHA384.dotted_string: hashes.SHA384(),
+    OID_ECDSA_WITH_SHA512.dotted_string: hashes.SHA512(),
+    OID_DSA_WITH_SHA1.dotted_string: hashes.SHA1(),
+    OID_DSA_WITH_SHA224.dotted_string: hashes.SHA224(),
+    OID_DSA_WITH_SHA256.dotted_string: hashes.SHA256()
 }
 
 
-- 
cgit v1.2.3


From 2e776e20eb60378e0af9b7439000d0e80da7c7e3 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Fri, 13 Feb 2015 19:18:03 -0600
Subject: refactor obj2txt to be a separate method

---
 src/cryptography/hazmat/backends/openssl/x509.py | 26 ++++++++++--------------
 1 file changed, 11 insertions(+), 15 deletions(-)

(limited to 'src')

diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py
index c69e9148..b712f1f9 100644
--- a/src/cryptography/hazmat/backends/openssl/x509.py
+++ b/src/cryptography/hazmat/backends/openssl/x509.py
@@ -122,14 +122,7 @@ class _Certificate(object):
                 buf, lambda buf: self._backend._lib.OPENSSL_free(buf[0])
             )
             value = self._backend._ffi.buffer(buf[0], res)[:].decode('utf8')
-            # Set to 80 on the recommendation of
-            # https://www.openssl.org/docs/crypto/OBJ_nid2ln.html
-            buf_len = 80
-            buf = self._backend._ffi.new("char[]", buf_len)
-            res = self._backend._lib.OBJ_obj2txt(buf, buf_len, obj, 1)
-            assert res > 0
-            oid = self._backend._ffi.buffer(buf, res)[:].decode()
-
+            oid = self._obj2txt(obj)
             attributes.append(
                 x509.NameAttribute(
                     x509.ObjectIdentifier(oid), value
@@ -138,15 +131,18 @@ class _Certificate(object):
 
         return x509.Name(attributes)
 
+    def _obj2txt(self, obj):
+        # Set to 80 on the recommendation of
+        # https://www.openssl.org/docs/crypto/OBJ_nid2ln.html#return_values
+        buf_len = 80
+        buf = self._backend._ffi.new("char[]", buf_len)
+        res = self._backend._lib.OBJ_obj2txt(buf, buf_len, obj, 1)
+        assert res > 0
+        return self._backend._ffi.buffer(buf, res)[:].decode()
+
     @property
     def signature_hash_algorithm(self):
-        buf_len = 50
-        buf = self._backend._ffi.new("char[]", buf_len)
-        res = self._backend._lib.OBJ_obj2txt(
-            buf, buf_len, self._x509.sig_alg.algorithm, 1
-        )
-        assert res <= 50 and res > 0
-        oid = self._backend._ffi.buffer(buf, res)[:].decode()
+        oid = self._obj2txt(self._x509.sig_alg.algorithm)
         try:
             return x509._SIG_OIDS_TO_HASH[oid]
         except KeyError:
-- 
cgit v1.2.3


From 71d40c6af6c70f38da3bf1f65c8b8f16ae7d567e Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Thu, 19 Feb 2015 08:21:04 -0600
Subject: address review feedback, fix short names for sig alg OIDs

---
 src/cryptography/x509.py | 42 +++++++++++++++++++++---------------------
 1 file changed, 21 insertions(+), 21 deletions(-)

(limited to 'src')

diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 0273ca86..774830df 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -29,19 +29,19 @@ _OID_NAMES = {
     "2.5.4.65": "pseudonym",
     "0.9.2342.19200300.100.1.25": "domainComponent",
     "1.2.840.113549.1.9.1": "emailAddress",
-    "1.2.840.113549.1.1.4": "md5WithRSA",
-    "1.2.840.113549.1.1.5": "sha1WithRSA",
+    "1.2.840.113549.1.1.4": "md5WithRSAEncryption",
+    "1.2.840.113549.1.1.5": "sha1WithRSAEncryption",
     "1.2.840.113549.1.1.14": "sha224WithRSAEncryption",
     "1.2.840.113549.1.1.11": "sha256WithRSAEncryption",
     "1.2.840.113549.1.1.12": "sha384WithRSAEncryption",
     "1.2.840.113549.1.1.13": "sha512WithRSAEncryption",
-    "1.2.840.10045.4.3.1": "ecdsa_with_SHA224",
-    "1.2.840.10045.4.3.2": "ecdsa_with_SHA256",
-    "1.2.840.10045.4.3.3": "ecdsa_with_SHA384",
-    "1.2.840.10045.4.3.4": "ecdsa_with_SHA512",
-    "1.2.840.10040.4.3": "dsaWithSHA1",
-    "2.16.840.1.101.3.4.3.1": "dsa_with_SHA224",
-    "2.16.840.1.101.3.4.3.2": "dsa_with_SHA256",
+    "1.2.840.10045.4.3.1": "ecdsa-with-SHA224",
+    "1.2.840.10045.4.3.2": "ecdsa-with-SHA256",
+    "1.2.840.10045.4.3.3": "ecdsa-with-SHA384",
+    "1.2.840.10045.4.3.4": "ecdsa-with-SHA512",
+    "1.2.840.10040.4.3": "dsa-with-sha1",
+    "2.16.840.1.101.3.4.3.1": "dsa-with-sha224",
+    "2.16.840.1.101.3.4.3.2": "dsa-with-sha256",
 }
 
 
@@ -157,12 +157,12 @@ OID_PSEUDONYM = ObjectIdentifier("2.5.4.65")
 OID_DOMAIN_COMPONENT = ObjectIdentifier("0.9.2342.19200300.100.1.25")
 OID_EMAIL_ADDRESS = ObjectIdentifier("1.2.840.113549.1.9.1")
 
-OID_MD5_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.4")
-OID_SHA1_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.5")
-OID_SHA224_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.14")
-OID_SHA256_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.11")
-OID_SHA384_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.12")
-OID_SHA512_WITH_RSA = ObjectIdentifier("1.2.840.113549.1.1.13")
+OID_MD5_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.4")
+OID_SHA1_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.5")
+OID_SHA224_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.14")
+OID_SHA256_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.11")
+OID_SHA384_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.12")
+OID_SHA512_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.13")
 OID_ECDSA_WITH_SHA224 = ObjectIdentifier("1.2.840.10045.4.3.1")
 OID_ECDSA_WITH_SHA256 = ObjectIdentifier("1.2.840.10045.4.3.2")
 OID_ECDSA_WITH_SHA384 = ObjectIdentifier("1.2.840.10045.4.3.3")
@@ -172,12 +172,12 @@ OID_DSA_WITH_SHA224 = ObjectIdentifier("2.16.840.1.101.3.4.3.1")
 OID_DSA_WITH_SHA256 = ObjectIdentifier("2.16.840.1.101.3.4.3.2")
 
 _SIG_OIDS_TO_HASH = {
-    OID_MD5_WITH_RSA.dotted_string: hashes.MD5(),
-    OID_SHA1_WITH_RSA.dotted_string: hashes.SHA1(),
-    OID_SHA224_WITH_RSA.dotted_string: hashes.SHA224(),
-    OID_SHA256_WITH_RSA.dotted_string: hashes.SHA256(),
-    OID_SHA384_WITH_RSA.dotted_string: hashes.SHA384(),
-    OID_SHA512_WITH_RSA.dotted_string: hashes.SHA512(),
+    OID_MD5_WITH_RSA_ENCRYPTION.dotted_string: hashes.MD5(),
+    OID_SHA1_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA1(),
+    OID_SHA224_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA224(),
+    OID_SHA256_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA256(),
+    OID_SHA384_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA384(),
+    OID_SHA512_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA512(),
     OID_ECDSA_WITH_SHA224.dotted_string: hashes.SHA224(),
     OID_ECDSA_WITH_SHA256.dotted_string: hashes.SHA256(),
     OID_ECDSA_WITH_SHA384.dotted_string: hashes.SHA384(),
-- 
cgit v1.2.3


From 1a7ba87dcc9c44178c9dae3351484707730d6a18 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Thu, 19 Feb 2015 18:09:05 -0600
Subject: surrender to alex's feels and name our constants consistently

---
 src/cryptography/x509.py | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

(limited to 'src')

diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 774830df..a46367ed 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -157,12 +157,12 @@ OID_PSEUDONYM = ObjectIdentifier("2.5.4.65")
 OID_DOMAIN_COMPONENT = ObjectIdentifier("0.9.2342.19200300.100.1.25")
 OID_EMAIL_ADDRESS = ObjectIdentifier("1.2.840.113549.1.9.1")
 
-OID_MD5_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.4")
-OID_SHA1_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.5")
-OID_SHA224_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.14")
-OID_SHA256_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.11")
-OID_SHA384_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.12")
-OID_SHA512_WITH_RSA_ENCRYPTION = ObjectIdentifier("1.2.840.113549.1.1.13")
+OID_RSA_WITH_MD5 = ObjectIdentifier("1.2.840.113549.1.1.4")
+OID_RSA_WITH_SHA1 = ObjectIdentifier("1.2.840.113549.1.1.5")
+OID_RSA_WITH_SHA224 = ObjectIdentifier("1.2.840.113549.1.1.14")
+OID_RSA_WITH_SHA256 = ObjectIdentifier("1.2.840.113549.1.1.11")
+OID_RSA_WITH_SHA384 = ObjectIdentifier("1.2.840.113549.1.1.12")
+OID_RSA_WITH_SHA512 = ObjectIdentifier("1.2.840.113549.1.1.13")
 OID_ECDSA_WITH_SHA224 = ObjectIdentifier("1.2.840.10045.4.3.1")
 OID_ECDSA_WITH_SHA256 = ObjectIdentifier("1.2.840.10045.4.3.2")
 OID_ECDSA_WITH_SHA384 = ObjectIdentifier("1.2.840.10045.4.3.3")
@@ -172,12 +172,12 @@ OID_DSA_WITH_SHA224 = ObjectIdentifier("2.16.840.1.101.3.4.3.1")
 OID_DSA_WITH_SHA256 = ObjectIdentifier("2.16.840.1.101.3.4.3.2")
 
 _SIG_OIDS_TO_HASH = {
-    OID_MD5_WITH_RSA_ENCRYPTION.dotted_string: hashes.MD5(),
-    OID_SHA1_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA1(),
-    OID_SHA224_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA224(),
-    OID_SHA256_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA256(),
-    OID_SHA384_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA384(),
-    OID_SHA512_WITH_RSA_ENCRYPTION.dotted_string: hashes.SHA512(),
+    OID_RSA_WITH_MD5.dotted_string: hashes.MD5(),
+    OID_RSA_WITH_SHA1.dotted_string: hashes.SHA1(),
+    OID_RSA_WITH_SHA224.dotted_string: hashes.SHA224(),
+    OID_RSA_WITH_SHA256.dotted_string: hashes.SHA256(),
+    OID_RSA_WITH_SHA384.dotted_string: hashes.SHA384(),
+    OID_RSA_WITH_SHA512.dotted_string: hashes.SHA512(),
     OID_ECDSA_WITH_SHA224.dotted_string: hashes.SHA224(),
     OID_ECDSA_WITH_SHA256.dotted_string: hashes.SHA256(),
     OID_ECDSA_WITH_SHA384.dotted_string: hashes.SHA384(),
-- 
cgit v1.2.3