pyca · alex · Nov 17, 2024 · Nov 17, 2024
diff --git a/src/cryptography/hazmat/bindings/_rust/x509.pyi b/src/cryptography/hazmat/bindings/_rust/x509.pyi
@@ -6,9 +6,13 @@ import datetime
 import typing
 
 from cryptography import x509
-from cryptography.hazmat.primitives import hashes
+from cryptography.hazmat.primitives import hashes, serialization
+from cryptography.hazmat.primitives.asymmetric.ec import ECDSA
 from cryptography.hazmat.primitives.asymmetric.padding import PSS, PKCS1v15
-from cryptography.hazmat.primitives.asymmetric.types import PrivateKeyTypes
+from cryptography.hazmat.primitives.asymmetric.types import (
+    CertificatePublicKeyTypes,
+    PrivateKeyTypes,
+)
 
 def load_pem_x509_certificate(
     data: bytes, backend: typing.Any = None
@@ -53,7 +57,51 @@ def create_x509_crl(
 ) -> x509.CertificateRevocationList: ...
 
 class Sct: ...
-class Certificate: ...
+
+class Certificate:
+    def fingerprint(self, algorithm: hashes.HashAlgorithm) -> bytes: ...
+    @property
+    def serial_number(self) -> int: ...
+    @property
+    def version(self) -> x509.Version: ...
+    def public_key(self) -> CertificatePublicKeyTypes: ...
+    @property
+    def public_key_algorithm_oid(self) -> x509.ObjectIdentifier: ...
+    @property
+    def not_valid_before(self) -> datetime.datetime: ...
+    @property
+    def not_valid_before_utc(self) -> datetime.datetime: ...
+    @property
+    def not_valid_after(self) -> datetime.datetime: ...
+    @property
+    def not_valid_after_utc(self) -> datetime.datetime: ...
+    @property
+    def issuer(self) -> x509.Name: ...
+    @property
+    def subject(self) -> x509.Name: ...
+    @property
+    def signature_hash_algorithm(
+        self,
+    ) -> hashes.HashAlgorithm | None: ...
+    @property
+    def signature_algorithm_oid(self) -> x509.ObjectIdentifier: ...
+    @property
+    def signature_algorithm_parameters(
+        self,
+    ) -> None | PSS | PKCS1v15 | ECDSA: ...
+    @property
+    def extensions(self) -> x509.Extensions: ...
+    @property
+    def signature(self) -> bytes: ...
+    @property
+    def tbs_certificate_bytes(self) -> bytes: ...
+    @property
+    def tbs_precertificate_bytes(self) -> bytes: ...
+    def __eq__(self, other: object) -> bool: ...
+    def __hash__(self) -> int: ...
+    def public_bytes(self, encoding: serialization.Encoding) -> bytes: ...
+    def verify_directly_issued_by(self, issuer: Certificate) -> None: ...
+
 class RevokedCertificate: ...
 class CertificateRevocationList: ...
 class CertificateSigningRequest: ...

diff --git a/src/cryptography/x509/base.py b/src/cryptography/x509/base.py
@@ -160,166 +160,7 @@ def __init__(self, msg: str, parsed_version: int) -> None:
         self.parsed_version = parsed_version
 
 
-class Certificate(metaclass=abc.ABCMeta):
-    @abc.abstractmethod
-    def fingerprint(self, algorithm: hashes.HashAlgorithm) -> bytes:
-        """
-        Returns bytes using digest passed.
-        """
-
-    @property
-    @abc.abstractmethod
-    def serial_number(self) -> int:
-        """
-        Returns certificate serial number
-        """
-
-    @property
-    @abc.abstractmethod
-    def version(self) -> Version:
-        """
-        Returns the certificate version
-        """
-
-    @abc.abstractmethod
-    def public_key(self) -> CertificatePublicKeyTypes:
-        """
-        Returns the public key
-        """
-
-    @property
-    @abc.abstractmethod
-    def public_key_algorithm_oid(self) -> ObjectIdentifier:
-        """
-        Returns the ObjectIdentifier of the public key.
-        """
-
-    @property
-    @abc.abstractmethod
-    def not_valid_before(self) -> datetime.datetime:
-        """
-        Not before time (represented as UTC datetime)
-        """
-
-    @property
-    @abc.abstractmethod
-    def not_valid_before_utc(self) -> datetime.datetime:
-        """
-        Not before time (represented as a non-naive UTC datetime)
-        """
-
-    @property
-    @abc.abstractmethod
-    def not_valid_after(self) -> datetime.datetime:
-        """
-        Not after time (represented as UTC datetime)
-        """
-
-    @property
-    @abc.abstractmethod
-    def not_valid_after_utc(self) -> datetime.datetime:
-        """
-        Not after time (represented as a non-naive UTC datetime)
-        """
-
-    @property
-    @abc.abstractmethod
-    def issuer(self) -> Name:
-        """
-        Returns the issuer name object.
-        """
-
-    @property
-    @abc.abstractmethod
-    def subject(self) -> Name:
-        """
-        Returns the subject name object.
-        """
-
-    @property
-    @abc.abstractmethod
-    def signature_hash_algorithm(
-        self,
-    ) -> hashes.HashAlgorithm | None:
-        """
-        Returns a HashAlgorithm corresponding to the type of the digest signed
-        in the certificate.
-        """
-
-    @property
-    @abc.abstractmethod
-    def signature_algorithm_oid(self) -> ObjectIdentifier:
-        """
-        Returns the ObjectIdentifier of the signature algorithm.
-        """
-
-    @property
-    @abc.abstractmethod
-    def signature_algorithm_parameters(
-        self,
-    ) -> None | padding.PSS | padding.PKCS1v15 | ec.ECDSA:
-        """
-        Returns the signature algorithm parameters.
-        """
-
-    @property
-    @abc.abstractmethod
-    def extensions(self) -> Extensions:
-        """
-        Returns an Extensions object.
-        """
-
-    @property
-    @abc.abstractmethod
-    def signature(self) -> bytes:
-        """
-        Returns the signature bytes.
-        """
-
-    @property
-    @abc.abstractmethod
-    def tbs_certificate_bytes(self) -> bytes:
-        """
-        Returns the tbsCertificate payload bytes as defined in RFC 5280.
-        """
-
-    @property
-    @abc.abstractmethod
-    def tbs_precertificate_bytes(self) -> bytes:
-        """
-        Returns the tbsCertificate payload bytes with the SCT list extension
-        stripped.
-        """
-
-    @abc.abstractmethod
-    def __eq__(self, other: object) -> bool:
-        """
-        Checks equality.
-        """
-
-    @abc.abstractmethod
-    def __hash__(self) -> int:
-        """
-        Computes a hash.
-        """
-
-    @abc.abstractmethod
-    def public_bytes(self, encoding: serialization.Encoding) -> bytes:
-        """
-        Serializes the certificate to PEM or DER format.
-        """
-
-    @abc.abstractmethod
-    def verify_directly_issued_by(self, issuer: Certificate) -> None:
-        """
-        This method verifies that certificate issuer name matches the
-        issuer subject name and that the certificate is signed by the
-        issuer's private key. No other validation is performed.
-        """
-
-
-# Runtime isinstance checks need this since the rust class is not a subclass.
-Certificate.register(rust_x509.Certificate)
+Certificate = rust_x509.Certificate
 
 
 class RevokedCertificate(metaclass=abc.ABCMeta):