From cb90edabd99d0761a61d3dc04cb89da398b4b89f Mon Sep 17 00:00:00 2001
From: Marat Sharafutdinov <decaz89@gmail.com>
Date: Wed, 24 Feb 2021 16:37:56 +0300
Subject: [PATCH] Add PKCS7 support for cryptography (#5062)

---
 .../primitives/serialization/__init__.pyi     |  2 ++
 .../hazmat/primitives/serialization/pkcs7.pyi | 30 +++++++++++++++++++
 2 files changed, 32 insertions(+)
 create mode 100644 stubs/cryptography/cryptography/hazmat/primitives/serialization/pkcs7.pyi

diff --git a/stubs/cryptography/cryptography/hazmat/primitives/serialization/__init__.pyi b/stubs/cryptography/cryptography/hazmat/primitives/serialization/__init__.pyi
index 39d3ad26c..53ce83eea 100644
--- a/stubs/cryptography/cryptography/hazmat/primitives/serialization/__init__.pyi
+++ b/stubs/cryptography/cryptography/hazmat/primitives/serialization/__init__.pyi
@@ -37,11 +37,13 @@ class Encoding(Enum):
     OpenSSH: str
     Raw: str
     X962: str
+    SMIME: str
 
 class PrivateFormat(Enum):
     PKCS8: str
     TraditionalOpenSSL: str
     Raw: str
+    OpenSSH: str
 
 class PublicFormat(Enum):
     SubjectPublicKeyInfo: str
diff --git a/stubs/cryptography/cryptography/hazmat/primitives/serialization/pkcs7.pyi b/stubs/cryptography/cryptography/hazmat/primitives/serialization/pkcs7.pyi
new file mode 100644
index 000000000..582d9a74c
--- /dev/null
+++ b/stubs/cryptography/cryptography/hazmat/primitives/serialization/pkcs7.pyi
@@ -0,0 +1,30 @@
+from enum import Enum
+from typing import Any, Iterable, List, Optional, Union
+
+from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey
+from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey
+from cryptography.hazmat.primitives.hashes import SHA1, SHA224, SHA256, SHA384, SHA512
+from cryptography.hazmat.primitives.serialization import Encoding
+from cryptography.x509 import Certificate
+
+def load_pem_pkcs7_certificates(data: bytes) -> List[Certificate]: ...
+def load_der_pkcs7_certificates(data: bytes) -> List[Certificate]: ...
+
+class PKCS7Options(Enum):
+    Text: str
+    Binary: str
+    DetachedSignature: str
+    NoCapabilities: str
+    NoAttributes: str
+    NoCerts: str
+
+class PKCS7SignatureBuilder:
+    def set_data(self, data: bytes) -> PKCS7SignatureBuilder: ...
+    def add_signer(
+        self,
+        certificate: Certificate,
+        private_key: Union[RSAPrivateKey, EllipticCurvePrivateKey],
+        hash_algorithm: Union[SHA1, SHA224, SHA256, SHA384, SHA512],
+    ) -> PKCS7SignatureBuilder: ...
+    def add_certificate(self, certificate: Certificate) -> PKCS7SignatureBuilder: ...
+    def sign(self, encoding: Encoding, options: Iterable[PKCS7Options], backend: Optional[Any] = ...) -> bytes: ...