From cca2cd54ded074707371d232bdb25eea3029797c 2020-07-13 13:05:59 From: Branko Majic Date: 2020-07-13 13:05:59 Subject: [PATCH] GC-37: Updated inline documentation to include ECDSA-specific types for relevant functions. --- diff --git a/gimmecert/crypto.py b/gimmecert/crypto.py index 88862dfb76678da44f42f488fd42904ad2308830..edfb7b09f55e713ea7122c065dafd786966a8d7a 100644 --- a/gimmecert/crypto.py +++ b/gimmecert/crypto.py @@ -75,7 +75,8 @@ class KeyGenerator: instance creation). :returns: Private key. - :rtype: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey or cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey + :rtype: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey """ if self._algorithm == "rsa": @@ -166,10 +167,12 @@ def issue_certificate(issuer_dn, subject_dn, signing_key, public_key, not_before :type subject_dn: cryptography.x509.Name :param signing_key: Private key belonging to entity associated with passed-in issuer_dn. Used for signing the certificate data. - :type signing_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey + :type signing_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey :param public_key: Public key belonging to entity associated with passed-in subject_dn. Used as part of certificate to denote its owner. - :type public_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey + :type public_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey :param not_before: Beginning of certifiate validity. :type datetime.datetime.: @@ -216,7 +219,8 @@ def generate_ca_hierarchy(base_name, depth, key_generator): :type base_name: str :param key_generator: Callable for generating private keys. - :type key_generator: callable[[], cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey] + :type key_generator: callable[[], cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey] :returns: List of CA private key and certificate pairs, starting with the level 1 (root) CA, and ending with the leaf CA. :rtype: list[(cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey or @@ -269,10 +273,12 @@ def issue_server_certificate(name, public_key, issuer_private_key, issuer_certif :type name: str :param public_key: Public key of the server end entity. - :type public_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey + :type public_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey :param issuer_private_key: Private key of the issuer to use for signing the server certificate structure. - :type issuer_private_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey + :type issuer_private_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey :param issuer_certificate: Certificate of certificate issuer. Naming and validity constraints will be applied based on its content. :type issuer_certificate: cryptography.x509.Certificate @@ -336,10 +342,12 @@ def issue_client_certificate(name, public_key, issuer_private_key, issuer_certif :type name: str :param public_key: Public key of the server end entity. - :type public_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey + :type public_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey :param issuer_private_key: Private key of the issuer to use for signing the client certificate structure. - :type issuer_private_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey + :type issuer_private_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey :param issuer_certificate: Certificate of certificate issuer. Naming and validity constraints will be applied based on its content. :type issuer_certificate: cryptography.x509.Certificate @@ -388,10 +396,12 @@ def renew_certificate(old_certificate, public_key, issuer_private_key, issuer_ce :type old_certificate: cryptography.x509.Certificate :param public_key: Public key to use in resulting certificate. Allows replacement of public key in new certificate. - :type public_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey + :type public_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey :param issuer_private_key: Private key of the issuer to use for signing the certificate structure. - :type issuer_private_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey + :type issuer_private_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey :param issuer_certificate: Certificate of certificate issuer. Naming and validity constraints will be applied based on its content. :type issuer_certificate: cryptography.x509.Certificate @@ -427,7 +437,8 @@ def generate_csr(name, private_key): :type name: str or cryptography.x509.Name :param private_key: Private key of end entity to use for signing the CSR. - :type private_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey + :type private_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey :returns: Certificate signing request with specified naming signed with passed-in private key. :rtype: cryptography.x509.CertificateSigningRequest @@ -456,11 +467,12 @@ def key_specification_from_public_key(public_key): from the passed-in public key. Key specification can be used for generating the private keys via KeyGenerator instances. - :param public_key: Public - :type public_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey + :param public_key: Public key from which to derive the key specification. + :type public_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey :returns: Key algorithm and parameter(s) for generating same type of keys as the passed-in public key. - :rtype: tuple(str, int or cryptography.hazmat.primitives.asymmetric.ec.EllipticCurve) + :rtype: tuple(str, int) or cryptography.hazmat.primitives.asymmetric.ec.EllipticCurve) :raises ValueError: If algorithm/parameters could not be derived from the passed-in public key. """ diff --git a/gimmecert/storage.py b/gimmecert/storage.py index 2475ec65d8541a77db5e1d6442628a982aeabea6..b9c8f0fe8677cbb6b6e53b822ee176a45c5f7255 100644 --- a/gimmecert/storage.py +++ b/gimmecert/storage.py @@ -56,7 +56,8 @@ def write_private_key(private_key, path): The private key is written without any encryption. :param private_key: Private key that should be written. - :type private_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey + :type private_key: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey :param path: File path where the key should be written. :type path: str @@ -138,7 +139,8 @@ def read_ca_hierarchy(ca_directory): :type ca_directory: str :returns: List of private key/certificate pairs, starting with the level 1 CA and moving down the chain to leaf CA. - :rtype: list[(cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey, cryptography.x509.Certificate)] + :rtype: list[(cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey, cryptography.x509.Certificate)] """ ca_hierarchy = [] @@ -162,7 +164,8 @@ def read_private_key(private_key_path): :type private_key_path: str :returns: Private key object read from the specified file. - :rtype: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey + :rtype: cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey or + cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey """ with open(private_key_path, 'rb') as private_key_file: