Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / d2898052ade019788ca146cfcced44c5a6b0e54b^! / .
commitd2898052ade019788ca146cfcced44c5a6b0e54b[log] [tgz]
authorPaul Kehrer <paul.l.kehrer@gmail.com>Tue Nov 03 22:00:41 2015 +0900
committerPaul Kehrer <paul.l.kehrer@gmail.com>Tue Nov 03 22:00:41 2015 +0900
treeb6ebf902f4538e275207fee0a310b61ebcc23b61
parentaa74abbfc3f0656c9ad09b46f7afc37339c9036c [diff]
rename tbs_certificate to tbs_certificate_bytes, add a comment

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 599c8e5..91e2aa3 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst

@@ -8,7 +8,7 @@
 
 * The :class:`~cryptography.x509.Certificate` class now has
   :attr:`~cryptography.x509.Certificate.signature` and
-  :attr:`~cryptography.x509.Certificate.tbs_certificate` attributes.
+  :attr:`~cryptography.x509.Certificate.tbs_certificate_bytes` attributes.
 
 1.1 - 2015-10-28
 ~~~~~~~~~~~~~~~~

diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst
index bac48ab..10ba9ec 100644
--- a/docs/x509/reference.rst
+++ b/docs/x509/reference.rst

@@ -390,7 +390,7 @@
 
         The bytes of the certificate's signature.
 
-    .. attribute:: tbs_certificate
+    .. attribute:: tbs_certificate_bytes
 
         .. versionadded:: 1.2
 

diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py
index 0e5ab91..3afbc40 100644
--- a/src/cryptography/hazmat/backends/openssl/x509.py
+++ b/src/cryptography/hazmat/backends/openssl/x509.py

@@ -327,8 +327,9 @@
         return self._backend._asn1_string_to_bytes(self._x509.signature)
 
     @property
-    def tbs_certificate(self):
+    def tbs_certificate_bytes(self):
         pp = self._backend._ffi.new("unsigned char **")
+        # the X509_CINF struct holds the tbsCertificate data
         res = self._backend._lib.i2d_X509_CINF(self._x509.cert_info, pp)
         self._backend.openssl_assert(res > 0)
         pp = self._backend._ffi.gc(

diff --git a/src/cryptography/x509/base.py b/src/cryptography/x509/base.py
index 53893a1..ad561b9 100644
--- a/src/cryptography/x509/base.py
+++ b/src/cryptography/x509/base.py

@@ -124,7 +124,7 @@
         """
 
     @abc.abstractproperty
-    def tbs_certificate(self):
+    def tbs_certificate_bytes(self):
         """
         Returns the tbsCertificate payload bytes as defined in RFC 5280.
         """

diff --git a/tests/test_x509.py b/tests/test_x509.py
index b85eca3..c445723 100644
--- a/tests/test_x509.py
+++ b/tests/test_x509.py

@@ -354,13 +354,13 @@
         )
         assert len(cert.signature) == cert.public_key().key_size // 8
 
-    def test_tbs_certificate(self, backend):
+    def test_tbs_certificate_bytes(self, backend):
         cert = _load_cert(
             os.path.join("x509", "custom", "post2000utctime.pem"),
             x509.load_pem_x509_certificate,
             backend
         )
-        assert cert.tbs_certificate == binascii.unhexlify(
+        assert cert.tbs_certificate_bytes == binascii.unhexlify(
             b"308202d8a003020102020900a06cb4b955f7f4db300d06092a864886f70d010"
             b"10505003058310b3009060355040613024155311330110603550408130a536f"
             b"6d652d53746174653121301f060355040a1318496e7465726e6574205769646"
@@ -389,7 +389,7 @@
         verifier = cert.public_key().verifier(
             cert.signature, padding.PKCS1v15(), cert.signature_hash_algorithm
         )
-        verifier.update(cert.tbs_certificate)
+        verifier.update(cert.tbs_certificate_bytes)
         verifier.verify()
 
     def test_issuer(self, backend):
@@ -2755,13 +2755,13 @@
         assert r == 215618264820276283222494627481362273536404860490
         assert s == 532023851299196869156027211159466197586787351758
 
-    def test_tbs_certificate(self, backend):
+    def test_tbs_certificate_bytes(self, backend):
         cert = _load_cert(
             os.path.join("x509", "custom", "dsa_selfsigned_ca.pem"),
             x509.load_pem_x509_certificate,
             backend
         )
-        assert cert.tbs_certificate == binascii.unhexlify(
+        assert cert.tbs_certificate_bytes == binascii.unhexlify(
             b"3082051aa003020102020900a37352e0b2142f86300906072a8648ce3804033"
             b"067310b3009060355040613025553310e300c06035504081305546578617331"
             b"0f300d0603550407130641757374696e3121301f060355040a1318496e74657"
@@ -2808,7 +2808,7 @@
         verifier = cert.public_key().verifier(
             cert.signature, cert.signature_hash_algorithm
         )
-        verifier.update(cert.tbs_certificate)
+        verifier.update(cert.tbs_certificate_bytes)
         verifier.verify()
 
     @pytest.mark.parametrize(
@@ -2888,14 +2888,14 @@
             16
         )
 
-    def test_tbs_certificate(self, backend):
+    def test_tbs_certificate_bytes(self, backend):
         _skip_curve_unsupported(backend, ec.SECP384R1())
         cert = _load_cert(
             os.path.join("x509", "ecdsa_root.pem"),
             x509.load_pem_x509_certificate,
             backend
         )
-        assert cert.tbs_certificate == binascii.unhexlify(
+        assert cert.tbs_certificate_bytes == binascii.unhexlify(
             b"308201c5a0030201020210055556bcf25ea43535c3a40fd5ab4572300a06082"
             b"a8648ce3d0403033061310b300906035504061302555331153013060355040a"
             b"130c446967694365727420496e6331193017060355040b13107777772e64696"
@@ -2915,7 +2915,7 @@
         verifier = cert.public_key().verifier(
             cert.signature, ec.ECDSA(cert.signature_hash_algorithm)
         )
-        verifier.update(cert.tbs_certificate)
+        verifier.update(cert.tbs_certificate_bytes)
         verifier.verify()
 
     def test_load_ecdsa_no_named_curve(self, backend):