Update documentation for move to asn1crypto

[skip ci]
pyauth · Sep 4, 2017 · c6d442d · c6d442d
1 parent 886ff57
commit c6d442d
Show file tree

Hide file tree

Showing 5 changed files with 20 additions and 22 deletions.
diff --git a/docs/applied.rst b/docs/applied.rst
@@ -321,7 +321,8 @@ PEM
 a standard for handling cryptographic objects. It is a base64 encoded version
 of the binary DER object. The label indicates the type of object, and thus
 what ASN.1 model to use. `python-pkcs11` does not include PEM parsing,
-you should include another package if required.
+you should include another package if required. :mod:`asn1crypto.pem` is a
+dependency of `python-pkcs11`.
 
 Getting a Session
 -----------------
@@ -656,17 +657,16 @@ Both specifications are specified using the same `attribute`:
     public, private = parameters.generate_keypair()
 
 
-Named curves (e.g. `prime256v1`) can be specified like this:
+Named curves (e.g. `secp256r1`) can be specified like this:
 
 ::
 
     from pkcs11 import Attribute
     from pkcs11.util.ec import encode_named_curve_parameters
-    from pyasn1_modules.rfc3279 import prime256v1
 
 
     parameters = session.create_domain_parameters(KeyType.EC, {
-        Attribute.EC_PARAMS: encode_named_curve_parameters(prime256v1)
+        Attribute.EC_PARAMS: encode_named_curve_parameters('secp256r1')
     }, local=True)
 
 Key pairs can be generated from the domain parameters:
@@ -702,11 +702,10 @@ DER-encoded into attributes that can be used with
 .. note::
 
     PEM certificates are base64-encoded versions of the canonical DER-encoded
-    forms used in `python-pkcs11`. Converting between PEM and DER is beyond the
-    scope of `python-pkcs11`.
+    forms used in `python-pkcs11`. Conversion between PEM and DER can be
+    achieved using `asn1crypto.pem
+    <https://github.com/wbond/asn1crypto/blob/master/docs/pem.md>`_.
 
-    :mod:`pyasn1` and :mod:`pyasn1_modules` are required to import and export
-    DER-encoded objects.
 
 AES/DES
 ~~~~~~~

diff --git a/docs/opensc.rst b/docs/opensc.rst
@@ -73,12 +73,10 @@ EC
 
 ::
 
-    from pyasn1_modules.rfc3279 import prime256v1
-
     with token.open(user_pin='1234', rw=True) as session:
         ecparams = session.create_domain_parameters(
             pkcs11.KeyType.EC, {
-                pkcs11.Attribute.EC_PARAMS: pkcs11.util.ec.encode_named_curve_parameters(prime256v1),
+                pkcs11.Attribute.EC_PARAMS: pkcs11.util.ec.encode_named_curve_parameters('secp256r1'),
             }, local=True)
 
         pub, priv = ecparams.generate_keypair(store=True,

diff --git a/pkcs11/constants.py b/pkcs11/constants.py
@@ -256,20 +256,20 @@ class Attribute(IntEnum):
     """
     DER-encoded ANSI X9.62 Elliptic-Curve domain parameters (:class:`bytes`).
 
-    These can be output by OpenSSL (for named curves):
+    These can packed using :mod:`pkcs11.util.ec.encode_named_curve_parameters`:
 
     ::
 
-        openssl ecparam -outform der -name <curve name> | base64
+        from pkcs11.util.ec import encode_named_curve_parameters
+
+        ecParams = encode_named_curve_parameters('secp256r1')
 
-    Or packed using :mod:`pyasn1`:
+    Or output by OpenSSL:
 
     ::
 
-        from pyasn1_modules.rfc3279 import prime256v1
-        from pkcs11.ecutils import encode_named_curve_parameters
+        openssl ecparam -outform der -name <curve name> | base64
 
-        ecParams = encode_named_curve_parameters(prime256v1)
     """
 
     EC_POINT = 0x00000181

diff --git a/pkcs11/util/__init__.py b/pkcs11/util/__init__.py
@@ -1,13 +1,13 @@
 def biginteger(value):
     """
     Returns a PKCS#11 biginteger bytestream from a Python integer or
-    similar type (e.g. :class:`pyasn1.type.univ.Integer`).
+    similar type (e.g. :class:`asn1crypto.core.Integer`).
 
     :param int value: Value
     :rtype: bytes
     """
 
-    value = int(value)  # In case it's a PyASN1 type or similar
+    value = int(value)  # In case it's a asn1 type or similar
 
     return value.to_bytes((value.bit_length() + 7) // 8,
                           byteorder='big')
diff --git a/pkcs11/util/ec.py b/pkcs11/util/ec.py
@@ -20,10 +20,11 @@ def encode_named_curve_parameters(oid):
     """
     Return DER-encoded ANSI X.62 EC parameters for a named curve.
 
-    Curve names are given by object identifier and can be found in
-    :mod:`pyasn1_modules.rfc3279`.
+    Curve names are given by object identifier or common name. Names come
+    from `asn1crypto
+    <https://github.com/wbond/asn1crypto/blob/master/asn1crypto/keys.py#L338>`_.
 
-    :param str curve: named curve
+    :param str oid: OID or named curve
     :rtype: bytes
     """
     return ECDomainParameters(