Renames sign_509_request to create_x509_csr.
diff --git a/src/cryptography/hazmat/backends/interfaces.py b/src/cryptography/hazmat/backends/interfaces.py
index eca7ddf..512cb6e 100644
--- a/src/cryptography/hazmat/backends/interfaces.py
+++ b/src/cryptography/hazmat/backends/interfaces.py
@@ -274,6 +274,12 @@
Load an X.509 CSR from PEM encoded data.
"""
+ @abc.abstractmethod
+ def create_x509_csr(self, builder, private_key, algorithm):
+ """
+ Create and sign an X.509 CSR from a CSR buidler object.
+ """
+
@six.add_metaclass(abc.ABCMeta)
class DHBackend(object):
diff --git a/src/cryptography/hazmat/backends/multibackend.py b/src/cryptography/hazmat/backends/multibackend.py
index 784ab84..6e911fd 100644
--- a/src/cryptography/hazmat/backends/multibackend.py
+++ b/src/cryptography/hazmat/backends/multibackend.py
@@ -342,3 +342,12 @@
"This backend does not support X.509.",
_Reasons.UNSUPPORTED_X509
)
+
+ def create_x509_csr(self, builder, private_key, algorithm):
+ for b in self._filtered_backends(X509Backend):
+ return b.create_x509_csr(builder, private_key, algorithm)
+
+ raise UnsupportedAlgorithm(
+ "This backend does not support X.509.",
+ _Reasons.UNSUPPORTED_X509
+ )
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index bf838ea..b8b2ab6 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -784,7 +784,7 @@
def create_cmac_ctx(self, algorithm):
return _CMACContext(self, algorithm)
- def sign_x509_request(self, builder, private_key, algorithm):
+ def create_x509_csr(self, builder, private_key, algorithm):
# TODO: check type of private key parameter.
if not isinstance(algorithm, hashes.HashAlgorithm):
raise TypeError('Algorithm must be a registered hash algorithm.')
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 012c13b..2ee1c3e 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -1484,4 +1484,4 @@
"""
Signs the request using the requestor's private key.
"""
- return backend.sign_x509_request(self, private_key, algorithm)
+ return backend.create_x509_csr(self, private_key, algorithm)
diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index 5871e6c..3c05cdf 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -203,6 +203,9 @@
def load_der_x509_csr(self, data):
pass
+ def create_x509_csr(self, builder, private_key, algorithm):
+ pass
+
class TestMultiBackend(object):
def test_ciphers(self):
@@ -480,6 +483,7 @@
backend.load_der_x509_certificate(b"certdata")
backend.load_pem_x509_csr(b"reqdata")
backend.load_der_x509_csr(b"reqdata")
+ backend.create_x509_csr(object(), b"privatekey", hashes.SHA1())
backend = MultiBackend([])
with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_X509):
@@ -490,3 +494,5 @@
backend.load_pem_x509_csr(b"reqdata")
with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_X509):
backend.load_der_x509_csr(b"reqdata")
+ with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_X509):
+ backend.create_x509_csr(object(), b"privatekey", hashes.SHA1())