aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | | | Merge pull request #2187 from reaperhulk/csr-decode-all-extsAlex Gaynor2015-08-011-23/+21
|\ \ \ \ | | | | | | | | | | allow certificate and CSR to both parse the same set of extensions
| * | | | allow certificate and CSR to both parse the same set of extensionsPaul Kehrer2015-08-011-23/+21
| |/ / /
* | | | Merge pull request #2186 from reaperhulk/handle-corrupt-extensionsAlex Gaynor2015-08-014-1/+40
|\ \ \ \ | | | | | | | | | | Handle invalid x509 extension payloads
| * | | | corrupt -> invalidPaul Kehrer2015-08-012-2/+3
| | | | |
| * | | | check if the extension decoded to internal openssl reprPaul Kehrer2015-08-012-1/+21
| | | | | | | | | | | | | | | | | | | | ...and if not, raise an error (plus consume the error stack)
| * | | | add test vector from #2183Paul Kehrer2015-08-012-0/+18
| |/ / /
* | | | Merge pull request #2184 from reaperhulk/remove-more-branchesAlex Gaynor2015-08-015-17/+27
|\ \ \ \ | |/ / / |/| | | Branch coverage to 100%
| * | | add test to cover partial branch in load_kasvs_ecdh_vectorsPaul Kehrer2015-08-011-0/+4
| | | | | | | | | | | | | | | | The loop to find supported parameter sets is partially covered otherwise
| * | | remove some more branching in the vector loadersPaul Kehrer2015-08-011-7/+4
| | | |
| * | | add a line for the ecdh vector loader to cover a missed branchPaul Kehrer2015-08-011-0/+1
| | | |
| * | | Remove elifs and replace with else + assertPaul Kehrer2015-08-013-10/+18
| | |/ | |/| | | | | | | This is kind of ugly, but resolves many partial branch coverage issues.
* | | Merge pull request #2185 from reaperhulk/simplify-x509-decodeAlex Gaynor2015-08-011-73/+28
|\ \ \ | | | | | | | | simplify x509 extension decoding
| * | | simplify x509 extension decodingPaul Kehrer2015-08-011-73/+28
| |/ /
* | | Merge pull request #2181 from reaperhulk/move-urandom-testAlex Gaynor2015-08-012-30/+27
|\ \ \ | |/ / |/| | move urandom engine test
| * | this is gonna be unicode nowPaul Kehrer2015-08-011-3/+3
| | |
| * | move urandom engine testPaul Kehrer2015-08-012-30/+27
|/ / | | | | | | | | | | | | | | | | | | This test was in the bindings dir, which is incorrect. We do not set the urandom engine to default unless the openssl backend is loaded. The reason the test wasn't failing (even in the random test case) is that the backends are loaded during pytest_generate_tests by a call to _available_backends. So no matter what order it occurred in the engine was already set to default. I discovered this when I tried to run the test_openssl.py bindings tests directly via pytest. Hooray global state.
* | Merge pull request #2177 from reaperhulk/cp-bindingsAlex Gaynor2015-07-271-0/+21
|\ \ | | | | | | add many bindings we'll need to encode a certificate policies extension
| * | add many bindings we'll need to encode a certificate policies extensionPaul Kehrer2015-07-261-0/+21
| | |
* | | Merge pull request #2175 from reaperhulk/csr-better-err-msgAlex Gaynor2015-07-253-1/+19
|\ \ \ | |/ / |/| | handle RSA key too small and consume errors on CSR signature failure
| * | openssl error codes are clearly not considered part of the api contractPaul Kehrer2015-07-251-5/+2
| | |
| * | py3 fixin'Paul Kehrer2015-07-251-1/+1
| | |
| * | extra parensPaul Kehrer2015-07-251-5/+3
| | |
| * | == instead of inPaul Kehrer2015-07-251-2/+2
| | |
| * | handle RSA key too small and consume errors on CSR signature failurePaul Kehrer2015-07-253-1/+24
|/ /
* | Merge pull request #2174 from reaperhulk/remove-windows-link-typeAlex Gaynor2015-07-242-31/+9
|\ \ | | | | | | remove windows link type, update docs
| * | remove windows link type, update docsPaul Kehrer2015-07-242-31/+9
|/ /
* | Merge pull request #2171 from reaperhulk/refactor-gn-encodingAlex Gaynor2015-07-241-83/+88
|\ \ | | | | | | refactor general name encoding to its own function
| * | refactor general name encoding to its own functionPaul Kehrer2015-07-241-83/+88
| | |
* | | Merge pull request #2170 from reaperhulk/crl-encode-bindingsAlex Gaynor2015-07-241-0/+8
|\ \ \ | |/ / |/| | bindings for CRL encoding
| * | let's also add the binding to make a new GENERAL_SUBTREE stackPaul Kehrer2015-07-241-0/+1
| | |
| * | bindings for CRL encodingPaul Kehrer2015-07-241-0/+7
|/ /
* | Merge pull request #2169 from reaperhulk/encode-ekuAlex Gaynor2015-07-236-2/+59
|\ \ | | | | | | Support encoding ExtendedKeyUsage into certificate signing requests
| * | Support encoding ExtendedKeyUsage into certificate signing requestsPaul Kehrer2015-07-236-2/+59
|/ /
* | Merge pull request #2168 from reaperhulk/encode-kuAlex Gaynor2015-07-235-2/+109
|\ \ | | | | | | Support encoding KeyUsage into certificate signing requests
| * | Support encoding KeyUsage into certificate signing requestsPaul Kehrer2015-07-235-2/+109
| | |
* | | Merge pull request #2166 from reaperhulk/fix-multi-extension-bugAlex Gaynor2015-07-232-1/+26
|\| | | | | | | | when building a CSR adding > 1 extension would trigger a bug
| * | when building a CSR adding > 1 extension would trigger a bugPaul Kehrer2015-07-232-1/+26
|/ / | | | | | | | | | | We were checking sk_X509_EXTENSION_push for a value == 1, but in reality it returns the number of extensions on the stack. We now assert >= 1 and added a test.
| * Add test coverage for MultiBackend.sign_x509_certificateIan Cordasco2015-08-021-0/+8
| |
| * Use :doc: instead of :ref: for random-numbersIan Cordasco2015-08-022-4/+1
| |
| * Add sign_x509_certificate to MultiBackendIan Cordasco2015-08-022-0/+51
| | | | | | | | Add example of CertificateBuilder to the reference documentation
| * Add note to serial_number parameter about entropyIan Cordasco2015-08-024-15/+17
| | | | | | | | | | | | | | | | | | | | - Add reference to random-numbers.rst for easy intra-linking - Document critical parameter of CertificateBuilder.add_extension - Support InhibitAnyPolicy in the CertificateBuilder frontend but not in the backend - Slim down more tests - Fix up test that asserts the backend does not allow for unsupported extensions
| * Check for subject alternative name in testIan Cordasco2015-08-021-5/+18
| | | | | | | | Slim RSA key too small test
| * Update the docs to be more accurateIan Cordasco2015-08-021-3/+7
| |
| * Add some extra test coverageIan Cordasco2015-08-011-0/+19
| |
| * Slim tests by removing extra NameAttributesIan Cordasco2015-08-011-32/+0
| |
| * Minor pep8 and doc fixesIan Cordasco2015-08-012-3/+3
| |
| * Add _encode_asn1_int_gcIan Cordasco2015-08-011-1/+7
| | | | | | | | Ensure the certificate serial number is freed
| * Fix up parameter names in the docsIan Cordasco2015-08-011-4/+4
| |
| * Add check for an RSA Key being too smallIan Cordasco2015-08-013-15/+8
| | | | | | | | | | - Remove outdated/unnecessary/illegitimate TODOs - Fix up test for an RSA key that is too small
| * Document other two parameters from sign methodIan Cordasco2015-07-312-11/+32
| | | | | | | | | | | | | | - Remove incorrect CertificateBuilder doc-string - Check that serial numbers are non-negative and < 160 bits - Check that dates passed aren't earlier than the unix epoch - Remove version from CertificateBuilder.__init__ and version method
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-10 14:45:33 +0000