acme: use kluge to avoid much newer cryptography version

2026-05-28 04:34:11 -04:00 · 2024-03-25 14:51:03 -07:00 · 2024-03-25 14:51:03 -07:00 · 1c0025495a
commit 1c0025495a
parent 0f30c67152
1 changed files with 12 additions and 1 deletions
--- a/acme/acme/crypto_util.py
+++ b/acme/acme/crypto_util.py
@ -22,10 +22,12 @@ import warnings
 from cryptography import x509
 from cryptography.hazmat.primitives.hashes import SHA256
 from cryptography.hazmat.primitives.asymmetric.dsa import DSAPrivateKey
+from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey
+from cryptography.hazmat.primitives.asymmetric.ed448 import Ed448PrivateKey
+from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey
 from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey
 from cryptography.hazmat.primitives.serialization import Encoding
 from cryptography.hazmat.primitives.serialization import load_pem_private_key
-from cryptography.hazmat.primitives.asymmetric.types import CertificateIssuerPrivateKeyTypes
 import josepy as jose
 from OpenSSL import crypto
 from OpenSSL import SSL
@ -232,6 +234,15 @@ def probe_sni(name: bytes, host: bytes, port: int = 443, timeout: int = 300,  #
    return cert


+CertificateIssuerPrivateKeyTypes = Union[
+    Ed25519PrivateKey,
+    Ed448PrivateKey,
+    RSAPrivateKey,
+    DSAPrivateKey,
+    EllipticCurvePrivateKey,
+]
+
+
 def make_csr(private_key_pem: bytes, domains: Optional[Union[Set[str], List[str]]] = None,
             must_staple: bool = False,
             ipaddrs: Optional[List[Union[ipaddress.IPv4Address, ipaddress.IPv6Address]]] = None