{ca,text}: Fix from_issuer_subject_key_identifier usage.

Resolve deprecation warnings in tests: caucase/ca.py:548: CryptographyDeprecationWarning: Extension objects are deprecated as arguments to from_issuer_subject_key_identifier and support will be removed soon. Please migrate to passing a SubjectKeyIdentifier directly. critical=False, caucase/ca.py:326: CryptographyDeprecationWarning: Extension objects are deprecated as arguments to from_issuer_subject_key_identifier and support will be removed soon. Please migrate to passing a SubjectKeyIdentifier directly. x509.SubjectKeyIdentifier, caucase/test.py:422: CryptographyDeprecationWarning: Extension objects are deprecated as arguments to from_issuer_subject_key_identifier and support will be removed soon. Please migrate to passing a SubjectKeyIdentifier directly. critical=False,

{ca,text}: Fix from_issuer_subject_key_identifier usage.
Resolve deprecation warnings in tests: caucase/ca.py:548: CryptographyDeprecationWarning: Extension objects are deprecated as arguments to from_issuer_subject_key_identifier and support will be removed soon. Please migrate to passing a SubjectKeyIdentifier directly. critical=False, caucase/ca.py:326: CryptographyDeprecationWarning: Extension objects are deprecated as arguments to from_issuer_subject_key_identifier and support will be removed soon. Please migrate to passing a SubjectKeyIdentifier directly. x509.SubjectKeyIdentifier, caucase/test.py:422: CryptographyDeprecationWarning: Extension objects are deprecated as arguments to from_issuer_subject_key_identifier and support will be removed soon. Please migrate to passing a SubjectKeyIdentifier directly. critical=False,
3369b98b · Vincent Pelletier · 4e23cfd6 · 3369b98b · 3369b98b
Commit 3369b98b authored Jun 22, 2020 by Vincent Pelletier
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 25 deletions

caucase/ca.py caucase/ca.py +3 -13

caucase/test.py caucase/test.py +2 -12

No files found.
--- a/caucase/ca.py
+++ b/caucase/ca.py
@@ -324,7 +324,7 @@ class CertificateAuthority(object):
          x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier(
            ca_crt.extensions.get_extension_for_class(
              x509.SubjectKeyIdentifier,
-            ),
+            ).value,
          ),
          critical=False, # "MUST mark this extension as non-critical"
        ),
@@ -523,9 +523,6 @@ class CertificateAuthority(object):
            ),
          ] + self._ca_extension_list
        public_key = private_key.public_key()
-        subject_key_identifier = x509.SubjectKeyIdentifier.from_public_key(
-          public_key,
-        )
        now = datetime.datetime.utcnow()
        crt_builder = x509.CertificateBuilder(
          subject_name=subject,
@@ -536,18 +533,11 @@ class CertificateAuthority(object):
          public_key=public_key,
          extensions=[
            Extension(
-              subject_key_identifier,
+              x509.SubjectKeyIdentifier.from_public_key(public_key),
              critical=False, # "MUST mark this extension as non-critical"
            ),
            Extension(
-              x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier(
+              x509.AuthorityKeyIdentifier.from_issuer_public_key(public_key),
-                # Dummy extension, from_issuer_subject_key_identifier accesses
-                # .data directly
-                Extension(
-                  subject_key_identifier,
-                  critical=False,
-                ),
-              ),
              critical=False, # "MUST mark this extension as non-critical"
            ),
          ],

--- a/caucase/test.py
+++ b/caucase/test.py
@@ -397,9 +397,6 @@ class CaucaseTest(unittest.TestCase):
      ),
    ])
    public_key = private_key.public_key()
-    subject_key_identifier = x509.SubjectKeyIdentifier.from_public_key(
-      public_key,
-    )
    return private_key, x509.CertificateBuilder(
      subject_name=subject,
      issuer_name=subject,
@@ -409,18 +406,11 @@ class CaucaseTest(unittest.TestCase):
      public_key=public_key,
      extensions=[
        Extension(
-          subject_key_identifier,
+          x509.SubjectKeyIdentifier.from_public_key(public_key),
          critical=False, # "MUST mark this extension as non-critical"
        ),
        Extension(
-          x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier(
+          x509.AuthorityKeyIdentifier.from_issuer_public_key(public_key),
-            # Dummy extension, from_issuer_subject_key_identifier accesses
-            # .data directly
-            Extension(
-              subject_key_identifier,
-              critical=False,
-            ),
-          ),
          critical=False, # "MUST mark this extension as non-critical"
        ),
        Extension(