From e7dbca62602ea0c1c0a3aa92664d92eee63df1e0 Mon Sep 17 00:00:00 2001 From: William Woodruff Date: Thu, 9 Nov 2023 17:43:03 -0500 Subject: [PATCH] verification: add missing max_chain_depth kwargs (#9847) Missed these on the original PR. Signed-off-by: William Woodruff --- docs/x509/verification.rst | 6 ++++++ src/cryptography/x509/verification.py | 12 ++++++++++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/docs/x509/verification.rst b/docs/x509/verification.rst index 8979618b2..273cd3030 100644 --- a/docs/x509/verification.rst +++ b/docs/x509/verification.rst @@ -57,6 +57,12 @@ chain building, etc. The verifier's validation time. + .. attribute:: max_chain_depth + + :type: :class:`int` + + The verifier's maximum intermediate CA chain depth. + .. attribute:: store :type: :class:`Store` diff --git a/src/cryptography/x509/verification.py b/src/cryptography/x509/verification.py index a91998ed6..06bb42b91 100644 --- a/src/cryptography/x509/verification.py +++ b/src/cryptography/x509/verification.py @@ -38,7 +38,11 @@ class PolicyBuilder: if self._time is not None: raise ValueError("The validation time may only be set once.") - return PolicyBuilder(time=new_time, store=self._store) + return PolicyBuilder( + time=new_time, + store=self._store, + max_chain_depth=self._max_chain_depth, + ) def store(self, new_store: Store) -> PolicyBuilder: """ @@ -48,7 +52,11 @@ class PolicyBuilder: if self._store is not None: raise ValueError("The trust store may only be set once.") - return PolicyBuilder(time=self._time, store=new_store) + return PolicyBuilder( + time=self._time, + store=new_store, + max_chain_depth=self._max_chain_depth, + ) def max_chain_depth(self, new_max_chain_depth: int) -> PolicyBuilder: """