aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* HTTPS one last URL (#4522)Alex Gaynor2018-10-251-1/+1
|
* add _create_asn1_time (#4524)Paul Kehrer2018-10-241-12/+10
|
* ignore new W504 from flake8/pycodestyle (#4521)Paul Kehrer2018-10-242-0/+6
| | | | | | * ignore new W504 from flake8/pycodestyle * allow josepy to fail for the moment
* OpenPGP's website is also HTTPS! (#4518)Alex Gaynor2018-10-241-1/+1
|
* refactor set_asn1_time to take a datetime (#4516)Paul Kehrer2018-10-231-14/+7
|
* oss-security page is https too! (#4517)Alex Gaynor2018-10-241-1/+1
|
* Colin's website went HTTPS! (#4515)Alex Gaynor2018-10-242-3/+3
|
* bind a constant for an error check (#4514)Paul Kehrer2018-10-231-0/+1
| | | I hate it when we have to do this.
* next_update is not a required field on OCSP responses (#4513)Paul Kehrer2018-10-234-2/+14
|
* Another URL goes https! (#4512)Alex Gaynor2018-10-241-1/+1
|
* Update the linkcheck ignores (#4511)Alex Gaynor2018-10-241-2/+5
| | | | | | | | * Update the linkcheck ignores * Hack? * Ok, this should work
* blacklist latest hypothesis and pytest (#4510)Paul Kehrer2018-10-231-2/+2
| | | | | | | | * ci is suffering again, is it the new pytest or hypothesis? * now try 3.79.2 hypothesis * it's a blacklist party
* Fixes #4500 -- use O_CLOEXEC when opening the /dev/urandom file descriptor ↵Alex Gaynor2018-10-231-9/+2
| | | | | | | | (#4507) * Fixes #4500 -- use O_CLOEXEC when opening the /dev/urandom file descriptor * Unused variable
* add note about dropping LibreSSL 2.4.x support (#4506)Paul Kehrer2018-10-191-0/+1
|
* Remove branch for old libressl versions that we don't support any more (#4505)Alex Gaynor2018-10-201-2/+1
|
* Add testing with LibreSSL 2.8.2 (#4501)Alex Gaynor2018-10-201-2/+2
| | | | | | * Add testing with LibreSSL 2.8.2 * Drop librsesl 2.4.5
* blacklist some pytests (#4502)Paul Kehrer2018-10-191-1/+1
|
* Enhance info on pip requirements intallation (#4499)André Almeida2018-10-191-0/+4
| | | | | | | | | | * Enhance info on pip requirements intallation * Remove virtualenv files from remote * Fix "pacakges" typo * Removing trailling whitespaces
* Add definitions that help with hostname checking (#4492)Kai Engert2018-10-103-0/+56
| | | | | | | | | | | | | | * Add definitions for SSL_get0_param and X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS * remove unnecessary parameter name * Add version conditionals and more flags * extend cryptography_has_102_verification_params * X509_CHECK_FLAG_NEVER_CHECK_SUBJECT only available with openssl 1.1.0+ * add missing declaration
* simplify some language (#4495)Paul Kehrer2018-10-101-2/+7
| | | | | | | | | | | | * simplify some language * Update reference.rst * wrap * remove trailing whitespace the github web editor is bad and should feel bad
* Style nits for docs (#4494)Alex Gaynor2018-10-101-5/+5
|
* Use our cryptography-specific warning class (#4493)Alex Gaynor2018-10-101-1/+1
|
* Add a tutorial explaining how to check the signature of a certificate (#4478)g_goessel2018-10-101-0/+68
|
* Fixes #4459 -- switch all our builds to xenial on travis (#4486)Alex Gaynor2018-10-092-15/+22
| | | | | | | | | | | | | | * Fixes #4459 -- switch all our builds to xenial on travis * Attempt to fix tests * Try disabling sudo? * typo * try this? * shellcheck
* OCSP response serialization (#4482)Paul Kehrer2018-10-063-0/+40
| | | | | | * support OCSP response serialization * empty commit, good times
* support extensions in the OCSP request builder (#4481)Paul Kehrer2018-10-066-6/+100
| | | | | | | | | | * support extensions in the OCSP request builder * cover a missed branch * refactor to use new func * review feedback
* Cleanup _encode_asn1_str_gc: don't require the length as an argument (#4484)Alex Gaynor2018-10-072-15/+11
| | | | | | * Cleanup _encode_asn1_str_gc: don't require the length as an argument * Apply the same cleanup to _encode_asn1_str
* add OCSP basic response extension parsing (#4479)Paul Kehrer2018-10-065-1/+43
| | | | | | | | | | * add OCSP basic response extension parsing Just nonce for now. This does not support SINGLERESP extension parsing. * also raises on extensions for non-successful * empty commit
* consolidate the duplicate extension check (#4483)Paul Kehrer2018-10-061-19/+11
|
* additional OCSP bindings for the response builder (#4480)Paul Kehrer2018-10-061-3/+5
| | | | | | * additional OCSP bindings for the response builder * use the OCSP extension funcs that match the rest of x509
* support OCSP response parsing (#4452)Paul Kehrer2018-10-015-4/+420
| | | | | | | | | | | | * support OCSP response parsing * move the decorator to make pep8 happy * add some missing docs * review feedback * more review feedback
* add ed25519 bindings (#4476)Paul Kehrer2018-09-264-0/+50
| | | | | | * add ed25519 bindings * var name
* Remove conditionals for OpenSSL 1.1.1 pre-releases (#4467)Alex Gaynor2018-09-152-8/+3
|
* Move linkcheck tox env to use setup.py to get docs dependencies (#4473)Alex Gaynor2018-09-141-2/+1
|
* a few docs fixes and language improvements (#4472)Paul Kehrer2018-09-144-13/+11
|
* block sphinx 1.8.0 since it fails our docs job (#4469)Paul Kehrer2018-09-141-1/+1
|
* 1.1.1 is out! (#4466)Alex Gaynor2018-09-111-2/+2
|
* OCSP request extension parsing (#4464)Paul Kehrer2018-09-0912-5/+152
| | | | | | | | | | * add OCSP request parsing support with OCSPNonce * add docs * reprs man * make extensions a cached property
* refactor asn1_time_set to be useful in a future PR (#4465)Paul Kehrer2018-09-091-27/+27
|
* add OCSP request with a request extension (nonce) (#4462)Paul Kehrer2018-09-072-0/+2
|
* update pytest config (#4463)Paul Kehrer2018-09-064-12/+13
| | | | | | | | | | | | | | * update pytest config pytest 3.8.0 was just released and officially deprecates some of the way we do pytest marks. They introduced a new way to do this in 3.6 so this PR switches to that mechanism and updates our minimum pytest requirement * update the stubs * also update wycheproof test config to remove deprecated paths * don't need this any more
* Add flags to error on compile with incompatible pointer type (#4455)Paul Kehrer2018-09-057-29/+42
| | | | | | | | | | | | | | | | * try something a bit different. * newer compiler plz * permute * fix some warnings * fix getters on OpenSSL < 1.1.0 * this is getting involved * given our compiler flags we can't have SSL_CTX_set_cookie_verify_cb
* don't sort the serial numbers in a parsed CRL (#4457)Paul Kehrer2018-09-042-2/+41
| | | | | | | | | | | * don't sort the serial numbers in a parsed CRL OpenSSL sorts them in place and this breaks the signature and more. fixes #4456 * cache the sorted CRL (but create it lazily) * use the cache decorator
* unpin coverage (#4458)Paul Kehrer2018-09-043-6/+6
| | | of course, if this works it might just be luck
* document that OCSPResponse attributes can raise valuerror (#4453)Paul Kehrer2018-09-011-0/+48
|
* More OCSP vectors (#4451)Paul Kehrer2018-09-013-0/+5
| | | | | | | | * yet another ocsp response vector. and yet there will be at least one more after this * add one more
* add LE subordinate certificate to test vectors (#4450)Paul Kehrer2018-09-012-0/+29
|
* OCSP bindings (#4449)Paul Kehrer2018-09-012-0/+97
| | | | | | | | | | | | | | | * add many OCSP bindings Much of OCSP was opaqued in 1.1.0 so this also adds a bunch of getters for older OpenSSL. However, 1.1.0 itself made it impossible to access certain fields in the opaque struct, so we're forced to de-opaque them for 1.1.0 through 1.1.0i as well as 1.1.1-pre1 through 1.1.1-pre9. There is a patch (openssl/openssl#7082) that fixes this and should be in 1.1.0j and 1.1.1-pre10 (or 1.1.1 final, whichever they choose to issue) * backslashes are sometimes useful * comments
* initial OCSP response docs (#4448)Paul Kehrer2018-09-011-0/+179
|
* small refactor of OCSP request parsing (#4447)Paul Kehrer2018-09-011-38/+54
| | | | This allows us to reuse these functions in the OCSPResponse object in the future
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-05 13:48:33 +0000