Skip to content

Commit

Permalink
remove Certificate abc (#11989)
Browse files Browse the repository at this point in the history
  • Loading branch information
reaperhulk authored Nov 17, 2024
1 parent 7a246af commit 451003b
Show file tree
Hide file tree
Showing 2 changed files with 52 additions and 163 deletions.
54 changes: 51 additions & 3 deletions src/cryptography/hazmat/bindings/_rust/x509.pyi
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,13 @@ import datetime
import typing

from cryptography import x509
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat.primitives.asymmetric.ec import ECDSA
from cryptography.hazmat.primitives.asymmetric.padding import PSS, PKCS1v15
from cryptography.hazmat.primitives.asymmetric.types import PrivateKeyTypes
from cryptography.hazmat.primitives.asymmetric.types import (
CertificatePublicKeyTypes,
PrivateKeyTypes,
)

def load_pem_x509_certificate(
data: bytes, backend: typing.Any = None
Expand Down Expand Up @@ -53,7 +57,51 @@ def create_x509_crl(
) -> x509.CertificateRevocationList: ...

class Sct: ...
class Certificate: ...

class Certificate:
def fingerprint(self, algorithm: hashes.HashAlgorithm) -> bytes: ...
@property
def serial_number(self) -> int: ...
@property
def version(self) -> x509.Version: ...
def public_key(self) -> CertificatePublicKeyTypes: ...
@property
def public_key_algorithm_oid(self) -> x509.ObjectIdentifier: ...
@property
def not_valid_before(self) -> datetime.datetime: ...
@property
def not_valid_before_utc(self) -> datetime.datetime: ...
@property
def not_valid_after(self) -> datetime.datetime: ...
@property
def not_valid_after_utc(self) -> datetime.datetime: ...
@property
def issuer(self) -> x509.Name: ...
@property
def subject(self) -> x509.Name: ...
@property
def signature_hash_algorithm(
self,
) -> hashes.HashAlgorithm | None: ...
@property
def signature_algorithm_oid(self) -> x509.ObjectIdentifier: ...
@property
def signature_algorithm_parameters(
self,
) -> None | PSS | PKCS1v15 | ECDSA: ...
@property
def extensions(self) -> x509.Extensions: ...
@property
def signature(self) -> bytes: ...
@property
def tbs_certificate_bytes(self) -> bytes: ...
@property
def tbs_precertificate_bytes(self) -> bytes: ...
def __eq__(self, other: object) -> bool: ...
def __hash__(self) -> int: ...
def public_bytes(self, encoding: serialization.Encoding) -> bytes: ...
def verify_directly_issued_by(self, issuer: Certificate) -> None: ...

class RevokedCertificate: ...
class CertificateRevocationList: ...
class CertificateSigningRequest: ...
Expand Down
161 changes: 1 addition & 160 deletions src/cryptography/x509/base.py
Original file line number Diff line number Diff line change
Expand Up @@ -160,166 +160,7 @@ def __init__(self, msg: str, parsed_version: int) -> None:
self.parsed_version = parsed_version


class Certificate(metaclass=abc.ABCMeta):
@abc.abstractmethod
def fingerprint(self, algorithm: hashes.HashAlgorithm) -> bytes:
"""
Returns bytes using digest passed.
"""

@property
@abc.abstractmethod
def serial_number(self) -> int:
"""
Returns certificate serial number
"""

@property
@abc.abstractmethod
def version(self) -> Version:
"""
Returns the certificate version
"""

@abc.abstractmethod
def public_key(self) -> CertificatePublicKeyTypes:
"""
Returns the public key
"""

@property
@abc.abstractmethod
def public_key_algorithm_oid(self) -> ObjectIdentifier:
"""
Returns the ObjectIdentifier of the public key.
"""

@property
@abc.abstractmethod
def not_valid_before(self) -> datetime.datetime:
"""
Not before time (represented as UTC datetime)
"""

@property
@abc.abstractmethod
def not_valid_before_utc(self) -> datetime.datetime:
"""
Not before time (represented as a non-naive UTC datetime)
"""

@property
@abc.abstractmethod
def not_valid_after(self) -> datetime.datetime:
"""
Not after time (represented as UTC datetime)
"""

@property
@abc.abstractmethod
def not_valid_after_utc(self) -> datetime.datetime:
"""
Not after time (represented as a non-naive UTC datetime)
"""

@property
@abc.abstractmethod
def issuer(self) -> Name:
"""
Returns the issuer name object.
"""

@property
@abc.abstractmethod
def subject(self) -> Name:
"""
Returns the subject name object.
"""

@property
@abc.abstractmethod
def signature_hash_algorithm(
self,
) -> hashes.HashAlgorithm | None:
"""
Returns a HashAlgorithm corresponding to the type of the digest signed
in the certificate.
"""

@property
@abc.abstractmethod
def signature_algorithm_oid(self) -> ObjectIdentifier:
"""
Returns the ObjectIdentifier of the signature algorithm.
"""

@property
@abc.abstractmethod
def signature_algorithm_parameters(
self,
) -> None | padding.PSS | padding.PKCS1v15 | ec.ECDSA:
"""
Returns the signature algorithm parameters.
"""

@property
@abc.abstractmethod
def extensions(self) -> Extensions:
"""
Returns an Extensions object.
"""

@property
@abc.abstractmethod
def signature(self) -> bytes:
"""
Returns the signature bytes.
"""

@property
@abc.abstractmethod
def tbs_certificate_bytes(self) -> bytes:
"""
Returns the tbsCertificate payload bytes as defined in RFC 5280.
"""

@property
@abc.abstractmethod
def tbs_precertificate_bytes(self) -> bytes:
"""
Returns the tbsCertificate payload bytes with the SCT list extension
stripped.
"""

@abc.abstractmethod
def __eq__(self, other: object) -> bool:
"""
Checks equality.
"""

@abc.abstractmethod
def __hash__(self) -> int:
"""
Computes a hash.
"""

@abc.abstractmethod
def public_bytes(self, encoding: serialization.Encoding) -> bytes:
"""
Serializes the certificate to PEM or DER format.
"""

@abc.abstractmethod
def verify_directly_issued_by(self, issuer: Certificate) -> None:
"""
This method verifies that certificate issuer name matches the
issuer subject name and that the certificate is signed by the
issuer's private key. No other validation is performed.
"""


# Runtime isinstance checks need this since the rust class is not a subclass.
Certificate.register(rust_x509.Certificate)
Certificate = rust_x509.Certificate


class RevokedCertificate(metaclass=abc.ABCMeta):
Expand Down

0 comments on commit 451003b

Please sign in to comment.