add support for signature_algorithm_oid to cert, CSR, and CRL (#3124)
* add support for signature_algorithm_oid to cert, CSR, and CRL
* refactor _SIG_OIDS_TO_HASH to use ObjectIdentifiers and use that
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst
index ea32c3b..bd88b02 100644
--- a/docs/x509/reference.rst
+++ b/docs/x509/reference.rst
@@ -354,6 +354,22 @@
>>> isinstance(cert.signature_hash_algorithm, hashes.SHA256)
True
+ .. attribute:: signature_algorithm_oid
+
+ .. versionadded:: 1.6
+
+ :type: :class:`ObjectIdentifier`
+
+ Returns the :class:`ObjectIdentifier` of the signature algorithm used
+ to sign the certificate. This will be one of the OIDs from
+ :class:`~cryptography.x509.oid.SignatureAlgorithmOID`.
+
+
+ .. doctest::
+
+ >>> cert.signature_algorithm_oid
+ <ObjectIdentifier(oid=1.2.840.113549.1.1.11, name=sha256WithRSAEncryption)>
+
.. attribute:: extensions
:type: :class:`Extensions`
@@ -464,6 +480,21 @@
>>> isinstance(crl.signature_hash_algorithm, hashes.SHA256)
True
+ .. attribute:: signature_algorithm_oid
+
+ .. versionadded:: 1.6
+
+ :type: :class:`ObjectIdentifier`
+
+ Returns the :class:`ObjectIdentifier` of the signature algorithm used
+ to sign the CRL. This will be one of the OIDs from
+ :class:`~cryptography.x509.oid.SignatureAlgorithmOID`.
+
+ .. doctest::
+
+ >>> crl.signature_algorithm_oid
+ <ObjectIdentifier(oid=1.2.840.113549.1.1.11, name=sha256WithRSAEncryption)>
+
.. attribute:: issuer
:type: :class:`Name`
@@ -711,6 +742,21 @@
>>> isinstance(csr.signature_hash_algorithm, hashes.SHA1)
True
+ .. attribute:: signature_algorithm_oid
+
+ .. versionadded:: 1.6
+
+ :type: :class:`ObjectIdentifier`
+
+ Returns the :class:`ObjectIdentifier` of the signature algorithm used
+ to sign the request. This will be one of the OIDs from
+ :class:`~cryptography.x509.oid.SignatureAlgorithmOID`.
+
+ .. doctest::
+
+ >>> csr.signature_algorithm_oid
+ <ObjectIdentifier(oid=1.2.840.113549.1.1.5, name=sha1WithRSAEncryption)>
+
.. attribute:: extensions
:type: :class:`Extensions`