From 81233de59df126c8b21f359661f3204924c9d67b Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 4 May 2019 13:34:29 -0400 Subject: fix from_issuer_subject_key_identifier to take the right type (#4864) * fix from_issuer_subject_key_identifier to take the right type deprecate passing the old Extension wrapper object * don't use a try:except: * hilarious contortions to satisfy doc8 --- src/cryptography/utils.py | 1 + src/cryptography/x509/extensions.py | 16 +++++++++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py index 18c2ab3b..0b36f637 100644 --- a/src/cryptography/utils.py +++ b/src/cryptography/utils.py @@ -23,6 +23,7 @@ class CryptographyDeprecationWarning(UserWarning): PersistentlyDeprecated2017 = CryptographyDeprecationWarning PersistentlyDeprecated2018 = CryptographyDeprecationWarning DeprecatedIn25 = CryptographyDeprecationWarning +DeprecatedIn27 = CryptographyDeprecationWarning def _check_bytes(name, value): diff --git a/src/cryptography/x509/extensions.py b/src/cryptography/x509/extensions.py index e64e09c5..d25131b8 100644 --- a/src/cryptography/x509/extensions.py +++ b/src/cryptography/x509/extensions.py @@ -8,6 +8,7 @@ import abc import datetime import hashlib import ipaddress +import warnings from enum import Enum from asn1crypto.keys import PublicKeyInfo @@ -188,8 +189,21 @@ class AuthorityKeyIdentifier(object): @classmethod def from_issuer_subject_key_identifier(cls, ski): + if isinstance(ski, SubjectKeyIdentifier): + digest = ski.digest + else: + digest = ski.value.digest + warnings.warn( + "Extension objects are deprecated as arguments to " + "from_issuer_subject_key_identifier and support will be " + "removed soon. Please migrate to passing a " + "SubjectKeyIdentifier directly.", + utils.DeprecatedIn27, + stacklevel=2, + ) + return cls( - key_identifier=ski.value.digest, + key_identifier=digest, authority_cert_issuer=None, authority_cert_serial_number=None ) -- cgit v1.2.3