aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* OpenSSL 1.1.0 support (#2826)Paul Kehrer2016-08-269-9/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * make pre5 work * add a blank line to make the diff happier * 1.1.0-pre6 working * support the changes since 1.1.0-pre6 * fixes * add 1.1.0 to travis * expose the symbol * better testing for numericstring * handle libre... * actually use the 1.1.0 we compile * cache the ossl-110 dir on travis * add some newlines * changelog entry for 1.1.0 support * note that we test on 1.1.0 * proper skip on this test * reorder
* be a bit more robust about detecting locking callback declarations (#3107)Paul Kehrer2016-08-261-3/+11
|
* remove a few more unneeded and no longer extant functions for 1.1.0 (#3110)Paul Kehrer2016-08-262-3/+0
|
* opaque structs for 1.1.0 compatibility (#3109)Paul Kehrer2016-08-263-48/+9
| | | We're so close.
* Allow passing iterators where collections are expected (#3078)Marti2016-08-264-42/+154
| | | | | | | | | | | | | | Iterators can only be enumerated once, breaking code like this in Python 3 for example: san = SubjectAlternativeName(map(DNSName, lst)) This is also a slight behavior change if the caller modifies the list after passing it to the constructor, because input lists are now copied. Which seems like a good thing. Also: * Name now checks that attributes elements are of type NameAttribute * NoticeReference now allows notice_numbers to be any iterable
* remove two more constants that no longer exist and we don't use (#3101)Paul Kehrer2016-08-252-2/+0
|
* two more functions that became const, one removed that we don't use (#3102)Paul Kehrer2016-08-251-4/+6
|
* constify and reorder getter args (#3103)Paul Kehrer2016-08-242-21/+28
| | | | | | | | | | * constify more things in x509 and reorder a few func args Post pre6 they changed some function argument order... * fix the function arg order where we call it * still need arg names when implementing the function...whoops
* constify x509name functions (#3104)Paul Kehrer2016-08-241-8/+12
|
* const some more ASN1 (#3100)Paul Kehrer2016-08-241-2/+2
|
* Fix docs to clarify the less than 256 limit for Padding(). (#3099)Terry Chia2016-08-241-2/+2
| | | | | | * Fix docs to clarify the less than 256 limit. * Add "inclusive".
* CertificateBuilder accepts aware datetimes for not_valid_after and ↵InvalidInterrupt2016-08-166-0/+130
| | | | | | | | | | | | | | | | | | | not_valid_before (#2920) * CertificateBuilder accepts aware datetimes for not_valid_after and not_valid_before These functions now accept aware datetimes and convert them to UTC * Added pytz to test requirements * Correct pep8 error and improve Changelog wording * Improve tests and clarify changelog message * Trim Changelog line length * Allow RevokedCertificateBuilder and CertificateRevocationListBuilder to accept aware datetimes * Fix accidental changelog entry
* There is no 0.9.8, only Zuul (#3094)Alex Gaynor2016-08-171-1/+0
|
* ERR_load_RAND_strings changed function signature in 1.1.0 (#3093)Paul Kehrer2016-08-161-1/+6
| | | | | | | | * ERR_load_RAND_strings changed function signature in 1.1.0 Here is a hack to avoid breaking pyOpenSSL. * not sure how I managed that. I blame vim
* move functions that were const-ified in 1.1.0-pre6 (#3090)Paul Kehrer2016-08-163-19/+33
|
* OPENSSL_no_config is a macro in 1.1.0 (#3091)Paul Kehrer2016-08-161-1/+2
|
* BIO_set has been removed in 1.1.0 (#3092)Paul Kehrer2016-08-161-1/+0
| | | Since we aren't using it bye bye
* Update example code to use recommended 160 bits (#3088)Dave Brondsema2016-08-161-2/+2
| | | I found the examples with `os.urandom(16)` generated URIs that Google Authenticator and Duo two-factor apps did not even recognize as supported. This increases the key to the recommended 160 bits, and the URIs now work with both of those apps.
* Update installation.rst (#3083)Akan Brown2016-08-081-1/+1
|
* Attempt to debug wacky failures on the docs build on OS X (#3085)Alex Gaynor2016-08-092-0/+8
| | | | | | | | | | | | | | | | * empty commit * only run this one build * try pinning this * why wasn't this installed? * revert this * english, how does it work? * roll back these changes
* Add recommendation about terminology (#3079)Gabriel Orisaka2016-08-021-0/+5
|
* Disallow X509 certificate serial numbers bigger than 159 bits (#3064) (#3067)Коренберг Марк2016-08-023-13/+89
|
* Add code style settings, new excludes, run 'test_x509_ext (Py3)' (#3041)Marti2016-08-022-5/+54
| | | | | | Fix DNSName wildcard encoding for NameConstraints Previously '.example.com' would get normalised to 'example.com', making it impossible to add wildcard NameConstraints.
* Update CHANGELOG.rst with #3063 (#3070)Maximilian Hils2016-07-311-0/+2
|
* Remove provider language from docs (#3072)Gabriel Orisaka2016-07-319-70/+56
|
* Add @mhils to AUTHORS.rst (#3071)Maximilian Hils2016-07-311-0/+1
|
* Clarify what to pass to the sign-function (#3066)Loy2016-07-301-1/+1
| | | Sign needs an ECDSA instance and from following the link to EllipticCurveSignatureAlgorithm, that wasn't clear directly.
* disable static callbacks on Python 3.5 (refs #2970) (#3063)Maximilian Hils2016-07-291-1/+4
|
* Fixed openssl binding if no-cmac (#3062)Jeffery To2016-07-271-2/+2
|
* Removed provider language from asymmetric primitives docs (#3052)Gabriel Orisaka2016-07-265-132/+91
| | | | | | * Removed provider language from asymmetric primitives docs * Reverted changes to some examples
* Unconditional SecureTransport bindings, round 2. (#3059)Cory Benfield2016-07-232-0/+309
| | | | | | | | | | | | * Add the unconditional SecureTransport bindings * Looks like the PSK cipher suites got removed in 10.8 * Line-length. * Style. * Remove further troublesome bindings.
* Revert "Add the unconditional SecureTransport bindings" (#3058)Alex Gaynor2016-07-232-314/+0
|
* Add the unconditional SecureTransport bindings (#3054)Cory Benfield2016-07-232-0/+314
| | | | | | | | | | * Add the unconditional SecureTransport bindings * Line-length. * Looks like the PSK cipher suites got removed in 10.8 * Style.
* Add myself to AUTHORS (#3048)Dirkjan Ochtman2016-07-191-0/+1
|
* Enforce that p > q to improve OpenSSL compatibility (fixes #2990) (#3010)Dirkjan Ochtman2016-07-193-3/+6
|
* Removed provider language from backend interfaces (#3047)Gabriel Orisaka2016-07-181-110/+81
|
* A few small cleanups (#3046)Alex Gaynor2016-07-182-11/+11
|
* Add flag to toggle key length check for HOTP and TOTP. (#3012)Terry Chia2016-07-165-6/+34
| | | | | | | | | | * Add an enforce_key_length parameter to HOTP and TOTP. * Document changes in docs. * Add some words to the wordlist. * Add versionadded to docs.
* Add OPENSSL_config binding (#2972) (#2974)Anton2016-07-132-0/+24
| | | | | | | >>> lib.EVP_get_digestbyname(b'md_gost94') <cdata 'EVP_MD *' NULL> >>> lib.OPENSSL_config(ffi.NULL) >>> lib.EVP_get_digestbyname(b'md_gost94') <cdata 'EVP_MD *' 0x10adc7440>
* Use a series of constants for OpenSSL version checks (#3037)Alex Gaynor2016-07-1120-72/+114
| | | | | | | | | | | | | | | | | | | | | | | | * Use a series of constants for OpenSSL version checks. N.B. I removed several qualifiers that were being used to express beta vs. release in OpenSSL version numbers. Reviewers please look closely! * Convert some python as well, also add the file * flake8 * Simplify code, remove functionality that can be expressed more simply * clean up the tests as well * more constants * wrap long lines * reflect feedback * unused * add this back?
* disable blowfish in commoncrypto backend for key lengths under 64-bit (#3040)Paul Kehrer2016-07-102-1/+11
| | | | This is due to a bug in CommonCrypto present in 10.11.x. Filed as radar://26636600
* One shot sign/verification ECDSA (#3029)Aviv Palivoda2016-07-026-5/+95
| | | | | | | | | | | | | | * Add sign and verify methods to ECDSA * Documented ECDSA sign/verify methods * Added CHANGELOG entry * Skipping test verify and sign if curve is not supported * Fixed typo in documentation return type * Removed provider language from EllipticCurvePrivateKey and EllipticCurvePublicKey
* Mark the minimum pytest version in setup.py. (#3035)Alex Gaynor2016-07-011-1/+1
| | | Fixes #3034
* Remove a few SSL fields which are unused (#3032)Alex Gaynor2016-06-301-5/+0
|
* one shot verify documentation fix (#3031)Aviv Palivoda2016-06-302-4/+4
|
* One shot sign/verify DSA (#3003)Aviv Palivoda2016-06-305-0/+100
| | | | | | | | * Add sign and verify methods to DSA * Documented DSA sign/verify methods * Added CHANGELOG entry
* Opaque everything else we can of X509 (#3027)Alex Gaynor2016-06-301-11/+1
|
* change X509V3_EXT_nconf function signature (#3024)Paul Kehrer2016-06-301-1/+2
|
* Opaque another OpenSSL struct (#3025)Alex Gaynor2016-06-291-8/+1
|
* Fixed #3008 -- expose calculate max pss salt length (#3014)Alex Gaynor2016-06-275-15/+43
| | | | | | | | | | | | | | * Fixed #3008 -- expose calculate max pss salt length * Fixed a few mistakes in the docs * move all the code around * oops * write a unit test * versionadded + changelog
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-10 13:13:47 +0000