add signature_hash_algorithm to OCSPResponse (#4681) * add signature_hash_algorithm to OCSPResponse * fix pointless asserts

commit: 60f264b0f293bfded7a0b4395715669d355a6185 [log] [tgz]
author: Paul Kehrer <paul.l.kehrer@gmail.com> Thu Jan 10 15:37:03 2019 -0800
committer: Alex Gaynor <alex.gaynor@gmail.com> Thu Jan 10 18:37:03 2019 -0500
tree: a8fdf4f17f20115063e557eebf36b0f9dd1b7a63
parent: 90a557764542f2d939a8b0a61c74b299870fca6c [diff]
diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst
index eb9ba4b..a10125a 100644
--- a/docs/development/test-vectors.rst
+++ b/docs/development/test-vectors.rst

@@ -471,6 +471,8 @@
   revocation reason.
 * ``x509/ocsp/resp-revoked-no-next-update.der`` - An OCSP response that
   contains a revoked certificate and no ``nextUpdate`` value.
+* ``x509/ocsp/resp-invalid-signature-oid.der`` - An OCSP response that was
+  modified to contain an MD2 signature algorithm object identifier.
 
 Custom X.509 OCSP Test Vectors
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

diff --git a/docs/x509/ocsp.rst b/docs/x509/ocsp.rst
index 535ffdd..d3815d6 100644
--- a/docs/x509/ocsp.rst
+++ b/docs/x509/ocsp.rst

@@ -426,6 +426,16 @@
         :raises ValueError: If ``response_status`` is not
             :class:`~cryptography.x509.ocsp.OCSPResponseStatus.SUCCESSFUL`.
 
+    .. attribute:: signature_hash_algorithm
+
+        .. versionadded:: 2.5
+
+        :type: :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
+
+        Returns the
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` which
+        was used in signing this response.
+
     .. attribute:: signature
 
         :type: bytes
commit	60f264b0f293bfded7a0b4395715669d355a6185	[log] [tgz]
author	Paul Kehrer <paul.l.kehrer@gmail.com>	Thu Jan 10 15:37:03 2019 -0800
committer	Alex Gaynor <alex.gaynor@gmail.com>	Thu Jan 10 18:37:03 2019 -0500
tree	a8fdf4f17f20115063e557eebf36b0f9dd1b7a63
parent	90a557764542f2d939a8b0a61c74b299870fca6c [diff]