Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 99d0f90ff256b540acb007458bbb07c467642368^! / .
commit99d0f90ff256b540acb007458bbb07c467642368[log] [tgz]
authorAndre Caron <andre.l.caron@gmail.com>Mon Jun 01 08:36:59 2015 -0400
committerIan Cordasco <graffatcolmingov@gmail.com>Wed Jun 24 13:35:49 2015 -0500
tree00f52208f7707dd1b4b469cc310d6ccd828dbbdc
parent0fdf009ea0dc96a1d70ab0cded11d5846b03d4e2 [diff]
Removes CSR builder version setter.

diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index a6acb07..c32b527 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py

@@ -819,7 +819,7 @@
         assert x509_req != self._ffi.NULL
 
         # Set x509 version.
-        res = self._lib.X509_REQ_set_version(x509_req, builder._version.value)
+        res = self._lib.X509_REQ_set_version(x509_req, x509.Version.v1.value)
         assert res == 1
 
         # Set subject name.

diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index c59de60..b1aa067 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py

@@ -1445,33 +1445,20 @@
 
 
 class CertificateSigningRequestBuilder(object):
-    def __init__(self, version=Version.v1, subject_name=None, extensions=[]):
+    def __init__(self, subject_name=None, extensions=[]):
         """
         Creates an empty X.509 certificate request (v1).
         """
-        self._version = Version.v1
         self._subject_name = subject_name
         self._extensions = extensions[:]
 
-    def set_version(self, version):
-        """
-        Sets the X.509 version.
-        """
-        if not isinstance(version, Version):
-            raise TypeError('Expecting x509.Version object.')
-        return CertificateSigningRequestBuilder(
-            version, self._subject_name, self._extensions
-        )
-
     def set_subject_name(self, name):
         """
         Sets the certificate requestor's distinguished name.
         """
         if not isinstance(name, Name):
             raise TypeError('Expecting x509.Name object.')
-        return CertificateSigningRequestBuilder(
-            self._version, name, self._extensions
-        )
+        return CertificateSigningRequestBuilder(name, self._extensions)
 
     def add_extension(self, extension):
         """
@@ -1483,7 +1470,7 @@
             if e.oid == extension.oid:
                 raise ValueError('This extension has already been set.')
         return CertificateSigningRequestBuilder(
-            self._version, self._subject_name, self._extensions + [extension]
+            self._subject_name, self._extensions + [extension]
         )
 
     def sign(self, backend, private_key, algorithm):

diff --git a/tests/test_x509.py b/tests/test_x509.py
index 981ad52..aadbed0 100644
--- a/tests/test_x509.py
+++ b/tests/test_x509.py

@@ -699,15 +699,15 @@
             backend=backend,
         )
 
-        request = x509.CertificateSigningRequestBuilder().set_version(
-            x509.Version.v3
-        ).set_subject_name(x509.Name([
-            x509.NameAttribute(x509.OID_COUNTRY_NAME, 'US'),
-            x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, 'Texas'),
-            x509.NameAttribute(x509.OID_LOCALITY_NAME, 'Austin'),
-            x509.NameAttribute(x509.OID_ORGANIZATION_NAME, 'PyCA'),
-            x509.NameAttribute(x509.OID_COMMON_NAME, 'cryptography.io'),
-        ])).add_extension(x509.Extension(
+        request = x509.CertificateSigningRequestBuilder().set_subject_name(
+            x509.Name([
+                x509.NameAttribute(x509.OID_COUNTRY_NAME, 'US'),
+                x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, 'Texas'),
+                x509.NameAttribute(x509.OID_LOCALITY_NAME, 'Austin'),
+                x509.NameAttribute(x509.OID_ORGANIZATION_NAME, 'PyCA'),
+                x509.NameAttribute(x509.OID_COMMON_NAME, 'cryptography.io'),
+            ])
+        ).add_extension(x509.Extension(
             x509.OID_BASIC_CONSTRAINTS,
             True,
             x509.BasicConstraints(True, 2),
@@ -740,15 +740,15 @@
             backend=backend,
         )
 
-        request = x509.CertificateSigningRequestBuilder().set_version(
-            x509.Version.v3
-        ).set_subject_name(x509.Name([
-            x509.NameAttribute(x509.OID_COUNTRY_NAME, 'US'),
-            x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, 'Texas'),
-            x509.NameAttribute(x509.OID_LOCALITY_NAME, 'Austin'),
-            x509.NameAttribute(x509.OID_ORGANIZATION_NAME, 'PyCA'),
-            x509.NameAttribute(x509.OID_COMMON_NAME, 'cryptography.io'),
-        ])).add_extension(x509.Extension(
+        request = x509.CertificateSigningRequestBuilder().set_subject_name(
+            x509.Name([
+                x509.NameAttribute(x509.OID_COUNTRY_NAME, 'US'),
+                x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, 'Texas'),
+                x509.NameAttribute(x509.OID_LOCALITY_NAME, 'Austin'),
+                x509.NameAttribute(x509.OID_ORGANIZATION_NAME, 'PyCA'),
+                x509.NameAttribute(x509.OID_COMMON_NAME, 'cryptography.io'),
+            ])
+        ).add_extension(x509.Extension(
             x509.OID_BASIC_CONSTRAINTS,
             True,
             x509.BasicConstraints(False, None),
@@ -799,11 +799,6 @@
         with pytest.raises(TypeError):
             builder.set_subject_name('NotAName')
 
-    def test_set_invalid_version(self, backend):
-        builder = x509.CertificateSigningRequestBuilder()
-        with pytest.raises(TypeError):
-            builder.set_version('NotAVersion')
-
     def test_add_unsupported_extension(self, backend):
         private_key = rsa.generate_private_key(
             public_exponent=65537,