From 4335fe9ef91b0ec07f2109585126f68c8bb8d948 Mon Sep 17 00:00:00 2001 From: Marti Raudsepp Date: Wed, 25 Nov 2020 18:56:27 +0200 Subject: [PATCH] cryptography: Add common certificate extensions (#4778) Added hints for following classes: * AuthorityKeyIdentifier * SubjectKeyIdentifier * AuthorityInformationAccess * SubjectInformationAccess * BasicConstraints * KeyUsage * ExtendedKeyUsage * UnrecognizedExtension * AccessDescription (not extension itself, but used by AuthorityInformationAccess, SubjectInformationAccess) --- third_party/2and3/cryptography/x509.pyi | 107 ++++++++++++++++++++++++ 1 file changed, 107 insertions(+) diff --git a/third_party/2and3/cryptography/x509.pyi b/third_party/2and3/cryptography/x509.pyi index 4ab9b2b7e..355072482 100644 --- a/third_party/2and3/cryptography/x509.pyi +++ b/third_party/2and3/cryptography/x509.pyi @@ -96,6 +96,15 @@ class SignatureAlgorithmOID(object): RSA_WITH_SHA384: ClassVar[ObjectIdentifier] RSA_WITH_SHA512: ClassVar[ObjectIdentifier] +class ExtendedKeyUsageOID(object): + SERVER_AUTH: ClassVar[ObjectIdentifier] + CLIENT_AUTH: ClassVar[ObjectIdentifier] + CODE_SIGNING: ClassVar[ObjectIdentifier] + EMAIL_PROTECTION: ClassVar[ObjectIdentifier] + TIME_STAMPING: ClassVar[ObjectIdentifier] + OCSP_SIGNING: ClassVar[ObjectIdentifier] + ANY_EXTENDED_KEY_USAGE: ClassVar[ObjectIdentifier] + class NameAttribute(object): oid: ObjectIdentifier value: Text @@ -296,6 +305,104 @@ class SubjectAlternativeName(ExtensionType): def __iter__(self) -> Generator[GeneralName, None, None]: ... def get_values_for_type(self, type: Type[GeneralName]) -> List[Any]: ... +class AuthorityKeyIdentifier(ExtensionType): + @property + def key_identifier(self) -> bytes: ... + @property + def authority_cert_issuer(self) -> Optional[List[GeneralName]]: ... + @property + def authority_cert_serial_number(self) -> Optional[int]: ... + def __init__( + self, + key_identifier: bytes, + authority_cert_issuer: Optional[Iterable[GeneralName]], + authority_cert_serial_number: Optional[int], + ) -> None: ... + @classmethod + def from_issuer_public_key( + cls, public_key: Union[RSAPublicKey, DSAPublicKey, EllipticCurvePublicKey, Ed25519PublicKey, Ed448PublicKey] + ) -> AuthorityKeyIdentifier: ... + @classmethod + def from_issuer_subject_key_identifier(cls, ski: SubjectKeyIdentifier) -> AuthorityKeyIdentifier: ... + +class SubjectKeyIdentifier(ExtensionType): + @property + def digest(self) -> bytes: ... + def __init__(self, digest: bytes) -> None: ... + @classmethod + def from_public_key( + cls, public_key: Union[RSAPublicKey, DSAPublicKey, EllipticCurvePublicKey, Ed25519PublicKey, Ed448PublicKey] + ) -> SubjectKeyIdentifier: ... + +class AccessDescription: + @property + def access_method(self) -> ObjectIdentifier: ... + @property + def access_location(self) -> GeneralName: ... + def __init__(self, access_method: ObjectIdentifier, access_location: GeneralName) -> None: ... + +class AuthorityInformationAccess(ExtensionType): + def __init__(self, descriptions: Iterable[AccessDescription]) -> None: ... + def __len__(self) -> int: ... + def __iter__(self) -> Generator[AccessDescription, None, None]: ... + def __getitem__(self, item: int) -> AccessDescription: ... + +class SubjectInformationAccess(ExtensionType): + def __init__(self, descriptions: Iterable[AccessDescription]) -> None: ... + def __len__(self) -> int: ... + def __iter__(self) -> Generator[AccessDescription, None, None]: ... + def __getitem__(self, item: int) -> AccessDescription: ... + +class BasicConstraints(ExtensionType): + @property + def ca(self) -> bool: ... + @property + def path_length(self) -> Optional[int]: ... + def __init__(self, ca: bool, path_length: Optional[int]) -> None: ... + +class KeyUsage(ExtensionType): + @property + def digital_signature(self) -> bool: ... + @property + def content_commitment(self) -> bool: ... + @property + def key_encipherment(self) -> bool: ... + @property + def data_encipherment(self) -> bool: ... + @property + def key_agreement(self) -> bool: ... + @property + def key_cert_sign(self) -> bool: ... + @property + def crl_sign(self) -> bool: ... + @property + def encipher_only(self) -> bool: ... + @property + def decipher_only(self) -> bool: ... + def __init__( + self, + digital_signature: bool, + content_commitment: bool, + key_encipherment: bool, + data_encipherment: bool, + key_agreement: bool, + key_cert_sign: bool, + crl_sign: bool, + encipher_only: bool, + decipher_only: bool, + ) -> None: ... + +class ExtendedKeyUsage(ExtensionType): + def __init__(self, usages: Iterable[ObjectIdentifier]) -> None: ... + def __len__(self) -> int: ... + def __iter__(self) -> Generator[ObjectIdentifier, None, None]: ... + def __getitem__(self, item: int) -> ObjectIdentifier: ... + +class UnrecognizedExtension(ExtensionType): + @property + def value(self) -> bytes: ... + def __init__(self, oid: ObjectIdentifier, value: bytes) -> None: ... + def load_der_x509_certificate(data: bytes, backend: Optional[X509Backend] = ...) -> Certificate: ... def load_pem_x509_certificate(data: bytes, backend: Optional[X509Backend] = ...) -> Certificate: ... def load_der_x509_crl(data: bytes, backend: Optional[X509Backend] = ...) -> CertificateRevocationList: ...