-
Notifications
You must be signed in to change notification settings - Fork 422
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for cryptography
CRLs to X509Store
#1252
Conversation
aa2302a
to
51195fa
Compare
@@ -2428,7 +2448,7 @@ def get_revoked(self) -> Optional[Tuple[_RevokedInternal, ...]]: | |||
return tuple(results) | |||
return None | |||
|
|||
def add_revoked(self, revoked: Revoked) -> None: | |||
def add_revoked(self, revoked: _RevokedInternal) -> None: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did this fail mypy or are we avoiding deprecation warnings?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's for the docs, see the current type signature for this function:
add_revoked(revoked: <cryptography.utils._DeprecatedValue object at 0x7f66c71ab1d0>) → None
Add a revoked (by value not reference) to the CRL structure
This still needs a changelog entry 😄 |
51195fa
to
fd7de13
Compare
fd7de13
to
3ad9dcf
Compare
@reaperhulk My bad, fixed! |
As a follow up to deprecating CRL APIs (#1249), there is one remaining function that won't be deprecated but accepts the
CRL
type:X509Store.add_crl(crl: CRL)
. In order to give users an alternative onceCRL
is deprecated, this PR adds support toadd_crl()
so that it also acceptscryptography
'sX509.CertificateRevocationList
.This PR also adds tests for the new code path, by parametrizing existing tests that use
add_crl
so that the CRL being passed as a parameter is either PyOpenSSL's or cryptography's. For example: