Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable use of CRL (and more) in verify context. #483

Merged
merged 18 commits into from
Jun 5, 2016
Merged

Enable use of CRL (and more) in verify context. #483

Changes from 1 commit
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
f38ea82
Enable use of CRL (and more) in verify context.
sholsapp Jun 4, 2016
45d3447
flake8 fixes.
Jun 4, 2016
a983072
Comments from Hynek & Paul.
Jun 4, 2016
2dca3d9
More updates from Paul & Hynek.
Jun 4, 2016
5e4816b
Fix closing backtick.
Jun 4, 2016
2bc4bd8
Remove commented out constants.
Jun 4, 2016
e3421c7
More doc updates. Changelog update.
Jun 4, 2016
1186115
Getting closer?
Jun 4, 2016
7fed893
Sphinx fix.
Jun 4, 2016
7cfd528
Indent docstring.
Jun 4, 2016
4a14255
More Sphinx updates.
Jun 4, 2016
e3ce93d
Type updates for docstrings.
Jun 5, 2016
55af14e
Remove Enum subclassing.
Jun 5, 2016
c5dc568
Docstring update.
Jun 5, 2016
f0fcf90
Docstrings updates.
Jun 5, 2016
8842733
Round and round it goes. Where it ends, nobody knows.
Jun 5, 2016
0317e55
Remove TODO comment. Need @sholsapp to follow up.
Jun 5, 2016
cd5f04c
Time for lots of alcohol.
Jun 5, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Docstrings updates.
  • Loading branch information
Dan Sully committed Jun 5, 2016
commit f0fcf90f31d857854ffe029d38159f28584df597
81 changes: 37 additions & 44 deletions src/OpenSSL/crypto.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@ def generate_key(self, type, bits):
of the appropriate type.
:raises ValueError: If the number of bits isn't an integer of
the appropriate size.
:return: :py:const:`None`
:return: ``None``
"""
if not isinstance(type, int):
raise TypeError("type must be an integer")
Expand Down Expand Up @@ -816,7 +816,7 @@ def set_pubkey(self, pkey):
:param pkey: The public key to use.
:type pkey: :py:class:`PKey`

:return: :py:const:`None`
:return: ``None``
"""
set_result = _lib.X509_REQ_set_pubkey(self._req, pkey._pkey)
if not set_result:
Expand Down Expand Up @@ -845,7 +845,7 @@ def set_version(self, version):
request.

:param int version: The version number.
:return: :py:const:`None`
:return: ``None``
"""
set_result = _lib.X509_REQ_set_version(self._req, version)
if not set_result:
Expand Down Expand Up @@ -891,7 +891,7 @@ def add_extensions(self, extensions):

:param extensions: The X.509 extensions to add.
:type extensions: iterable of :py:class:`X509Extension`
:return: :py:const:`None`
:return: ``None``
"""
stack = _lib.sk_X509_EXTENSION_new_null()
if stack == _ffi.NULL:
Expand Down Expand Up @@ -938,7 +938,7 @@ def sign(self, pkey, digest):
:param digest: The name of the message digest to use for the signature,
e.g. :py:data:`b"sha1"`.
:type digest: :py:class:`bytes`
:return: :py:const:`None`
:return: ``None``
"""
if pkey._only_public:
raise ValueError("Key has only public part")
Expand Down Expand Up @@ -996,7 +996,7 @@ def set_version(self, version):
:param version: The version number of the certificate.
:type version: :py:class:`int`

:return: :py:const:`None`
:return: ``None``
"""
if not isinstance(version, int):
raise TypeError("version must be an integer")
Expand Down Expand Up @@ -1174,7 +1174,7 @@ def get_serial_number(self):
Return the serial number of this certificate.

:return: The serial number.
:rtype: :py:class:`int`
:rtype: int
"""
asn1_serial = _lib.X509_get_serialNumber(self._x509)
bignum_serial = _lib.ASN1_INTEGER_to_BN(asn1_serial, _ffi.NULL)
Expand All @@ -1193,10 +1193,9 @@ def gmtime_adj_notAfter(self, amount):
"""
Adjust the time stamp on which the certificate stops being valid.

:param amount: The number of seconds by which to adjust the timestamp.
:type amount: :py:class:`int`

:return: :py:const:`None`
:param int amount: The number of seconds by which to adjust the
timestamp.
:return: ``None``
"""
if not isinstance(amount, int):
raise TypeError("amount must be an integer")
Expand All @@ -1209,7 +1208,7 @@ def gmtime_adj_notBefore(self, amount):
Adjust the timestamp on which the certificate starts being valid.

:param amount: The number of seconds by which to adjust the timestamp.
:return: :py:const:`None`
:return: ``None``
"""
if not isinstance(amount, int):
raise TypeError("amount must be an integer")
Expand All @@ -1221,9 +1220,8 @@ def has_expired(self):
"""
Check whether the certificate has expired.

:return: :py:const:`True` if the certificate has expired,
:py:const:`False` otherwise.
:rtype: :py:class:`bool`
:return: ``True`` if the certificate has expired, ``False`` otherwise.
:rtype: bool
"""
time_string = _native(self.get_notAfter())
not_after = datetime.datetime.strptime(time_string, "%Y%m%d%H%M%SZ")
Expand All @@ -1243,8 +1241,8 @@ def get_notBefore(self):
YYYYMMDDhhmmss+hhmm
YYYYMMDDhhmmss-hhmm

:return: A timestamp string, or :py:const:`None` if there is none.
:rtype: :py:class:`bytes` or :py:const:`None`
:return: A timestamp string, or ``None`` if there is none.
:rtype: bytes or NoneType
"""
return self._get_boundary_time(_lib.X509_get_notBefore)

Expand All @@ -1261,10 +1259,8 @@ def set_notBefore(self, when):
YYYYMMDDhhmmss+hhmm
YYYYMMDDhhmmss-hhmm

:param when: A timestamp string.
:type when: :py:class:`bytes`

:return: :py:const:`None`
:param bytes when: A timestamp string.
:return: ``None``
"""
return self._set_boundary_time(_lib.X509_get_notBefore, when)

Expand All @@ -1278,8 +1274,8 @@ def get_notAfter(self):
YYYYMMDDhhmmss+hhmm
YYYYMMDDhhmmss-hhmm

:return: A timestamp string, or :py:const:`None` if there is none.
:rtype: :py:class:`bytes` or :py:const:`None`
:return: A timestamp string, or ``None`` if there is none.
:rtype: bytes or NoneType
"""
return self._get_boundary_time(_lib.X509_get_notAfter)

Expand All @@ -1293,10 +1289,8 @@ def set_notAfter(self, when):
YYYYMMDDhhmmss+hhmm
YYYYMMDDhhmmss-hhmm

:param when: A timestamp string.
:type when: :py:class:`bytes`

:return: :py:const:`None`
:param bytes when: A timestamp string.
:return: ``None``
"""
return self._set_boundary_time(_lib.X509_get_notAfter, when)

Expand Down Expand Up @@ -1342,7 +1336,7 @@ def set_issuer(self, issuer):
:param issuer: The issuer.
:type issuer: :py:class:`X509Name`

:return: :py:const:`None`
:return: ``None``
"""
return self._set_name(_lib.X509_set_issuer_name, issuer)

Expand All @@ -1367,7 +1361,7 @@ def set_subject(self, subject):
:param subject: The subject.
:type subject: :py:class:`X509Name`

:return: :py:const:`None`
:return: ``None``
"""
return self._set_name(_lib.X509_set_subject_name, subject)

Expand All @@ -1388,7 +1382,7 @@ def add_extensions(self, extensions):

:param extensions: The extensions to add.
:type extensions: An iterable of :py:class:`X509Extension` objects.
:return: :py:const:`None`
:return: ``None``
"""
for ext in extensions:
if not isinstance(ext, X509Extension):
Expand Down Expand Up @@ -1850,12 +1844,12 @@ def set_reason(self, reason):
"""
Set the reason of this revocation.

If :data:`reason` is :const:`None`, delete the reason instead.
If :data:`reason` is ``None``, delete the reason instead.

:param reason: The reason string.
:type reason: :class:`bytes` or :class:`NoneType`

:return: :const:`None`
:return: ``None``

.. seealso::

Expand Down Expand Up @@ -1893,8 +1887,8 @@ def get_reason(self):
"""
Get the reason of this revocation.

:return: The reason, or :const:`None` if there is none.
:rtype: :class:`bytes` or :class:`NoneType`
:return: The reason, or ``None`` if there is none.
:rtype: bytes or NoneType

.. seealso::

Expand Down Expand Up @@ -1936,7 +1930,7 @@ def set_rev_date(self, when):

:param bytes when: The timestamp of the revocation,
as ASN.1 GENERALIZEDTIME.
:return: :const:`None`
:return: ``None``
"""
dt = _lib.X509_REVOKED_get0_revocationDate(self._revoked)
return _set_asn1_time(dt, when)
Expand Down Expand Up @@ -1991,7 +1985,7 @@ def add_revoked(self, revoked):
this CRL.

:param Revoked revoked: The new revocation.
:return: :const:`None`
:return: ``None``
"""
copy = _lib.Cryptography_X509_REVOKED_dup(revoked._revoked)
if copy == _ffi.NULL:
Expand Down Expand Up @@ -2244,7 +2238,7 @@ def set_certificate(self, cert):
:param cert: The new certificate, or :py:const:`None` to unset it.
:type cert: :py:class:`X509` or :py:const:`None`

:return: :py:const:`None`
:return: ``None``
"""
if not isinstance(cert, X509):
raise TypeError("cert must be an X509 instance")
Expand All @@ -2266,7 +2260,7 @@ def set_privatekey(self, pkey):
:param pkey: The new private key, or :py:const:`None` to unset it.
:type pkey: :py:class:`PKey` or :py:const:`None`

:return: :py:const:`None`
:return: ``None``
"""
if not isinstance(pkey, PKey):
raise TypeError("pkey must be a PKey instance")
Expand All @@ -2291,7 +2285,7 @@ def set_ca_certificates(self, cacerts):
them.
:type cacerts: An iterable of :py:class:`X509` or :py:const:`None`

:return: :py:const:`None`
:return: ``None``
"""
if cacerts is None:
self._cacerts = None
Expand All @@ -2311,7 +2305,7 @@ def set_friendlyname(self, name):
:param name: The new friendly name, or :py:const:`None` to unset.
:type name: :py:class:`bytes` or :py:const:`None`

:return: :py:const:`None`
:return: ``None``
"""
if name is None:
self._friendlyname = None
Expand Down Expand Up @@ -2413,7 +2407,7 @@ def sign(self, pkey, digest):
:param digest: The message digest to use.
:type digest: :py:class:`bytes`

:return: :py:const:`None`
:return: ``None``
"""
if pkey._only_public:
raise ValueError("Key has only public part")
Expand Down Expand Up @@ -2483,7 +2477,7 @@ def set_pubkey(self, pkey):
Set the public key of the certificate

:param pkey: The public key
:return: :py:const:`None`
:return: ``None``
"""
set_result = _lib.NETSCAPE_SPKI_set_pubkey(self._spki, pkey._pkey)
if not set_result:
Expand Down Expand Up @@ -2726,8 +2720,7 @@ def verify(cert, signature, data, digest):
:param signature: signature returned by sign function
:param data: data to be verified
:param digest: message digest to use
:return: :py:const:`None` if the signature is correct, raise exception
otherwise
:return: ``None`` if the signature is correct, raise exception otherwise.
"""
data = _text_to_bytes_and_warn("data", data)

Expand Down