cryptography: Add common certificate extensions (#4778)

Added hints for following classes: * AuthorityKeyIdentifier * SubjectKeyIdentifier * AuthorityInformationAccess * SubjectInformationAccess * BasicConstraints * KeyUsage * ExtendedKeyUsage * UnrecognizedExtension * AccessDescription (not extension itself, but used by AuthorityInformationAccess, SubjectInformationAccess)
2025-12-06 20:24:30 +08:00 · 2020-11-25 18:56:27 +02:00
parent adb43aacd5
commit 4335fe9ef9
1 changed files with 107 additions and 0 deletions
--- a/third_party/2and3/cryptography/x509.pyi
+++ b/third_party/2and3/cryptography/x509.pyi
@@ -96,6 +96,15 @@ class SignatureAlgorithmOID(object):
    RSA_WITH_SHA384: ClassVar[ObjectIdentifier]
    RSA_WITH_SHA512: ClassVar[ObjectIdentifier]

+class ExtendedKeyUsageOID(object):
+    SERVER_AUTH: ClassVar[ObjectIdentifier]
+    CLIENT_AUTH: ClassVar[ObjectIdentifier]
+    CODE_SIGNING: ClassVar[ObjectIdentifier]
+    EMAIL_PROTECTION: ClassVar[ObjectIdentifier]
+    TIME_STAMPING: ClassVar[ObjectIdentifier]
+    OCSP_SIGNING: ClassVar[ObjectIdentifier]
+    ANY_EXTENDED_KEY_USAGE: ClassVar[ObjectIdentifier]
+
 class NameAttribute(object):
    oid: ObjectIdentifier
    value: Text
@@ -296,6 +305,104 @@ class SubjectAlternativeName(ExtensionType):
    def __iter__(self) -> Generator[GeneralName, None, None]: ...
    def get_values_for_type(self, type: Type[GeneralName]) -> List[Any]: ...

+class AuthorityKeyIdentifier(ExtensionType):
+    @property
+    def key_identifier(self) -> bytes: ...
+    @property
+    def authority_cert_issuer(self) -> Optional[List[GeneralName]]: ...
+    @property
+    def authority_cert_serial_number(self) -> Optional[int]: ...
+    def __init__(
+        self,
+        key_identifier: bytes,
+        authority_cert_issuer: Optional[Iterable[GeneralName]],
+        authority_cert_serial_number: Optional[int],
+    ) -> None: ...
+    @classmethod
+    def from_issuer_public_key(
+        cls, public_key: Union[RSAPublicKey, DSAPublicKey, EllipticCurvePublicKey, Ed25519PublicKey, Ed448PublicKey]
+    ) -> AuthorityKeyIdentifier: ...
+    @classmethod
+    def from_issuer_subject_key_identifier(cls, ski: SubjectKeyIdentifier) -> AuthorityKeyIdentifier: ...
+
+class SubjectKeyIdentifier(ExtensionType):
+    @property
+    def digest(self) -> bytes: ...
+    def __init__(self, digest: bytes) -> None: ...
+    @classmethod
+    def from_public_key(
+        cls, public_key: Union[RSAPublicKey, DSAPublicKey, EllipticCurvePublicKey, Ed25519PublicKey, Ed448PublicKey]
+    ) -> SubjectKeyIdentifier: ...
+
+class AccessDescription:
+    @property
+    def access_method(self) -> ObjectIdentifier: ...
+    @property
+    def access_location(self) -> GeneralName: ...
+    def __init__(self, access_method: ObjectIdentifier, access_location: GeneralName) -> None: ...
+
+class AuthorityInformationAccess(ExtensionType):
+    def __init__(self, descriptions: Iterable[AccessDescription]) -> None: ...
+    def __len__(self) -> int: ...
+    def __iter__(self) -> Generator[AccessDescription, None, None]: ...
+    def __getitem__(self, item: int) -> AccessDescription: ...
+
+class SubjectInformationAccess(ExtensionType):
+    def __init__(self, descriptions: Iterable[AccessDescription]) -> None: ...
+    def __len__(self) -> int: ...
+    def __iter__(self) -> Generator[AccessDescription, None, None]: ...
+    def __getitem__(self, item: int) -> AccessDescription: ...
+
+class BasicConstraints(ExtensionType):
+    @property
+    def ca(self) -> bool: ...
+    @property
+    def path_length(self) -> Optional[int]: ...
+    def __init__(self, ca: bool, path_length: Optional[int]) -> None: ...
+
+class KeyUsage(ExtensionType):
+    @property
+    def digital_signature(self) -> bool: ...
+    @property
+    def content_commitment(self) -> bool: ...
+    @property
+    def key_encipherment(self) -> bool: ...
+    @property
+    def data_encipherment(self) -> bool: ...
+    @property
+    def key_agreement(self) -> bool: ...
+    @property
+    def key_cert_sign(self) -> bool: ...
+    @property
+    def crl_sign(self) -> bool: ...
+    @property
+    def encipher_only(self) -> bool: ...
+    @property
+    def decipher_only(self) -> bool: ...
+    def __init__(
+        self,
+        digital_signature: bool,
+        content_commitment: bool,
+        key_encipherment: bool,
+        data_encipherment: bool,
+        key_agreement: bool,
+        key_cert_sign: bool,
+        crl_sign: bool,
+        encipher_only: bool,
+        decipher_only: bool,
+    ) -> None: ...
+
+class ExtendedKeyUsage(ExtensionType):
+    def __init__(self, usages: Iterable[ObjectIdentifier]) -> None: ...
+    def __len__(self) -> int: ...
+    def __iter__(self) -> Generator[ObjectIdentifier, None, None]: ...
+    def __getitem__(self, item: int) -> ObjectIdentifier: ...
+
+class UnrecognizedExtension(ExtensionType):
+    @property
+    def value(self) -> bytes: ...
+    def __init__(self, oid: ObjectIdentifier, value: bytes) -> None: ...
+
 def load_der_x509_certificate(data: bytes, backend: Optional[X509Backend] = ...) -> Certificate: ...
 def load_pem_x509_certificate(data: bytes, backend: Optional[X509Backend] = ...) -> Certificate: ...
 def load_der_x509_crl(data: bytes, backend: Optional[X509Backend] = ...) -> CertificateRevocationList: ...