Add alias for Certificate serial as serial number (#2950)

* Add alias for Certificate serial as serial number * Adding deprecation to utils * Now with catch warnings and proper vers
pyca · Jun 3, 2016 · e295f3a · e295f3a
1 parent 5751515
commit e295f3a
Show file tree

Hide file tree

Showing 5 changed files with 53 additions and 11 deletions.
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst
@@ -125,7 +125,7 @@ Loading Certificates
         >>> from cryptography import x509
         >>> from cryptography.hazmat.backends import default_backend
         >>> cert = x509.load_pem_x509_certificate(pem_data, default_backend())
-        >>> cert.serial
+        >>> cert.serial_number
         2
 
 .. function:: load_der_x509_certificate(data, backend)
@@ -273,15 +273,15 @@ X.509 Certificate Object
             >>> cert.fingerprint(hashes.SHA256())
             '\x86\xd2\x187Gc\xfc\xe7}[+E9\x8d\xb4\x8f\x10\xe5S\xda\x18u\xbe}a\x03\x08[\xac\xa04?'
 
-    .. attribute:: serial
+    .. attribute:: serial_number
 
         :type: int
 
         The serial as a Python integer.
 
         .. doctest::
 
-            >>> cert.serial
+            >>> cert.serial_number
             2
 
     .. method:: public_key()
@@ -2197,7 +2197,7 @@ instances. The following common OIDs are available as constants.
 
         Corresponds to the dotted string ``"2.5.4.5"``. This is distinct from
         the serial number of the certificate itself (which can be obtained with
-        :func:`~cryptography.x509.Certificate.serial`).
+        :func:`~cryptography.x509.Certificate.serial_number`).
 
     .. attribute:: SURNAME
 

diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py
@@ -5,6 +5,7 @@
 from __future__ import absolute_import, division, print_function
 
 import operator
+import warnings
 
 from cryptography import utils, x509
 from cryptography.exceptions import UnsupportedAlgorithm
@@ -58,6 +59,14 @@ def version(self):
 
     @property
     def serial(self):
+        warnings.warn(
+            "Certificate serial is deprecated, use serial_number instead.",
+            utils.DeprecatedIn10
+        )
+        return self.serial_number
+
+    @property
+    def serial_number(self):
         asn1_int = self._backend._lib.X509_get_serialNumber(self._x509)
         self._backend.openssl_assert(asn1_int != self._backend._ffi.NULL)
         return _asn1_integer_to_int(self._backend, asn1_int)

diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py
@@ -12,9 +12,11 @@
 import warnings
 
 
-# the functions deprecated in 1.0 are on an arbitrarily extended deprecation
-# cycle and should not be removed until we agree on when that cycle ends.
+# the functions deprecated in 1.0 and 1.4 are on an arbitrarily extended
+# deprecation cycle and should not be removed until we agree on when that cycle
+# ends.
 DeprecatedIn10 = DeprecationWarning
+DeprecatedIn14 = DeprecationWarning
 
 
 def read_only_property(name):

diff --git a/src/cryptography/x509/base.py b/src/cryptography/x509/base.py
@@ -68,6 +68,12 @@ def serial(self):
         Returns certificate serial number
         """
 
+    @abc.abstractproperty
+    def serial_number(self):
+        """
+        Returns certificate serial number
+        """
+
     @abc.abstractproperty
     def version(self):
         """

diff --git a/tests/test_x509.py b/tests/test_x509.py
@@ -8,6 +8,7 @@
 import datetime
 import ipaddress
 import os
+import warnings
 
 from pyasn1.codec.der import decoder
 
@@ -486,19 +487,43 @@ def test_load_pem_cert(self, backend):
             backend
         )
         assert isinstance(cert, x509.Certificate)
-        assert cert.serial == 11559813051657483483
+        assert cert.serial_number == 11559813051657483483
         fingerprint = binascii.hexlify(cert.fingerprint(hashes.SHA1()))
         assert fingerprint == b"2b619ed04bfc9c3b08eb677d272192286a0947a8"
         assert isinstance(cert.signature_hash_algorithm, hashes.SHA1)
 
+    def test_cert_serial_number(self, backend):
+        cert = _load_cert(
+            os.path.join("x509", "PKITS_data", "certs", "GoodCACert.crt"),
+            x509.load_der_x509_certificate,
+            backend
+        )
+
+        with warnings.catch_warnings():
+            warnings.simplefilter("always", utils.DeprecatedIn10)
+            assert cert.serial == 2
+            assert cert.serial_number == 2
+
+    def test_cert_serial_warning(self, backend):
+        cert = _load_cert(
+            os.path.join("x509", "PKITS_data", "certs", "GoodCACert.crt"),
+            x509.load_der_x509_certificate,
+            backend
+        )
+
+        with warnings.catch_warnings():
+            warnings.simplefilter("always", utils.DeprecatedIn10)
+            with pytest.deprecated_call():
+                cert.serial
+
     def test_load_der_cert(self, backend):
         cert = _load_cert(
             os.path.join("x509", "PKITS_data", "certs", "GoodCACert.crt"),
             x509.load_der_x509_certificate,
             backend
         )
         assert isinstance(cert, x509.Certificate)
-        assert cert.serial == 2
+        assert cert.serial_number == 2
         fingerprint = binascii.hexlify(cert.fingerprint(hashes.SHA1()))
         assert fingerprint == b"6f49779533d565e8b7c1062503eab41492c38e4d"
         assert isinstance(cert.signature_hash_algorithm, hashes.SHA256)
@@ -734,7 +759,7 @@ def test_load_good_ca_cert(self, backend):
 
         assert cert.not_valid_before == datetime.datetime(2010, 1, 1, 8, 30)
         assert cert.not_valid_after == datetime.datetime(2030, 12, 31, 8, 30)
-        assert cert.serial == 2
+        assert cert.serial_number == 2
         public_key = cert.public_key()
         assert isinstance(public_key, rsa.RSAPublicKey)
         assert cert.version is x509.Version.v3
@@ -909,7 +934,7 @@ def test_public_bytes_pem(self, backend):
         # We should recover what we had to start with.
         assert cert.not_valid_before == datetime.datetime(2010, 1, 1, 8, 30)
         assert cert.not_valid_after == datetime.datetime(2030, 12, 31, 8, 30)
-        assert cert.serial == 2
+        assert cert.serial_number == 2
         public_key = cert.public_key()
         assert isinstance(public_key, rsa.RSAPublicKey)
         assert cert.version is x509.Version.v3
@@ -932,7 +957,7 @@ def test_public_bytes_der(self, backend):
         # We should recover what we had to start with.
         assert cert.not_valid_before == datetime.datetime(2010, 1, 1, 8, 30)
         assert cert.not_valid_after == datetime.datetime(2030, 12, 31, 8, 30)
-        assert cert.serial == 2
+        assert cert.serial_number == 2
         public_key = cert.public_key()
         assert isinstance(public_key, rsa.RSAPublicKey)
         assert cert.version is x509.Version.v3