aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Update NIST urls in docs (#3418)Alex Gaynor2017-02-273-4/+4
|
* SHA-1 is broken, run for the hills (#3417)Alex Gaynor2017-02-231-15/+16
|
* Use HTTPS urls for a few more websites (#3416)Alex Gaynor2017-02-232-3/+3
|
* Add ASN1_F_ASN1_CHECK_TLEN (#3414)Aviv Palivoda2017-02-211-0/+1
|
* Fixes #3409 -- bump idna dep to a version with massively improved ↵Alex Gaynor2017-02-201-1/+1
| | | | performance/memory usage (#3411)
* This is HTTPS now (#3407)Alex Gaynor2017-02-182-2/+2
|
* use official API for unreachable C code (#3404)Alex Gaynor2017-02-181-3/+3
|
* Two random grammar fixes (#3402)Alex Gaynor2017-02-182-2/+2
|
* Fixed #3398 -- document the serial deprecation in the changelog (#3401)Alex Gaynor2017-02-171-0/+3
| | | | | | | | * Fixed #3398 -- document the serial deprecation in the changelog * fix * sigh, fix
* add support for update_into on CipherContext (#3190)Paul Kehrer2017-02-169-6/+316
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add support for update_into on CipherContext This allows you to provide your own buffer (like recv_into) to improve performance when repeatedly calling encrypt/decrypt on large payloads. * another skip_if * more skip_if complexity * maybe do this right * correct number of args * coverage for the coverage gods * add a cffi minimum test tox target and travis builder This tests against macOS so we capture some commoncrypto branches * extra arg * need to actually install py35 * fix * coverage for GCM decrypt in CC * no longer relevant * 1.8 now * pep8 * dramatically simplify * update docs * remove unneeded test * changelog entry * test improvements * coverage fix * add some comments to example * move the comments to their own line * fix and move comment
* bump openssl for tests to 1.1.0e (#3399)Alex Gaynor2017-02-161-2/+2
|
* Refactor binding initialization to allow specified errors (#3278)Paul Kehrer2017-02-132-2/+19
| | | | | | | | | If pyca/cryptography sees any errors on the error stack during its own initialization it immediately raises InternalError and refuses to proceed. This was a safety measure since we weren't sure if it was safe to proceed. However, reality has intervened and we have to bow to the god of pragmatism and just clear the error queue. In practice this is safe since we religiously check the error queue in operation.
* switch the PEM password callback to a C implementation (#3382)Paul Kehrer2017-02-134-136/+81
| | | | | | | | | | | | | | | * switch the PEM password callback to a C implementation Calling from C to Python is fraught with edge cases, especially in subinterpreter land. This commit moves the PEM password callback logic into a small C function and then removes all the infrastructure for the cffi callbacks (as we no longer have any) * review feedback and update tests * rename the struct * aaand one more fix
* faq entry for setuptools_ext issues (#3393)Paul Kehrer2017-02-131-0/+5
|
* Update tutorial.rst (#3394)AlexanderWeyman2017-02-131-2/+2
| | | eliminated inconsitency of variable name in sample code
* Add EVP_PKEY_DHX (#3388)Aviv Palivoda2017-02-132-0/+12
| | | | | | * Add EVP_PKEY_DHX * Add Cryptography_HAS_EVP_PKEY_DHX to _conditional.py
* bump our latest pypy builds to use the latest pypy (#3391)Paul Kehrer2017-02-111-2/+2
|
* Bump openssl on travis (#3390)Alex Gaynor2017-02-121-2/+2
|
* Fixed #3306 -- changelog entry for linking against OpenSSL 1.1.0 (#3389)Alex Gaynor2017-02-111-0/+1
|
* support defining which windows libraries to link with an env var (#3356)Paul Kehrer2017-02-092-2/+17
| | | | | | | | | | | | * support defining which windows libraries to link with an env var CRYPTOGRAPHY_WINDOWS_LIBRARIES is your new friend * add some docs * change to CRYPTOGRAPHY_WINDOWS_LINK_OPENSSL110 * lib prefixing is not a thing msvc does, right
* enforce password must be bytes when loading PEM/DER asymmetric keys (#3383)Paul Kehrer2017-02-084-2/+47
| | | | | | | | | | * enforce password must be bytes when loading PEM/DER asymmetric keys Previously we were using an ffi.buffer on the Python string, which was allowing text implicitly, but our documentation explicitly requires bytes. * add changelog entry
* replace pyasn1 with asn1crypto (#3361)Ofek Lev2017-02-086-66/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | * replace pyasn1 with asn1crypto * allow trailing bytes * fix x509 test * update CHANGELOG.rst * fix assert * make asn1crypto code more idiomatic * find tag * final clean-up * leave trailing byte logic unchanged * document dependency change * spelling * fix spelling
* Dh serialization changelog (#3385)Aviv Palivoda2017-02-082-0/+11
| | | | | | * Add CHANGELOG entries for DH serialization * update AUTHORS
* DH serialization (#3297)Aviv Palivoda2017-02-0712-8/+393
| | | | | | | | | | | | | | | | | | * DH keys support serialization * Add DH serialization documentation * Add tests for DH keys serialization in DER encoding * update version to 1.8 * Allow only SubjectPublicKeyInfo serialization * Remove support in TraditionalOpenSSL format * Fix pep8 * Refactor dh serialization tests
* Backport DH_check from OpenSSL 1.1.0. (#3375)Mark Williams2017-02-032-3/+116
| | | | | | | | | | | | | | | | | | | * Backport DH_check from OpenSSL 1.1.0. OpenSSL 1.0.2's DH_check considers the q parameter, allowing it validate more generators and primes; however, OpenSSL 1.1.0's DH_check includes code to handle errors in BN functions, so it's preferred. * Wrap DH_Check when using OpenSSL 1.1.0 or higher. * Adding DH_CHECK_* values missing from older OpenSSLs * Defensively guard DH_CHECK_* definitions with ifndef. This will prevent duplicate definitions when LibreSSL supports a version of DH_check that can return these. * Document the OpenSSL of origin for the DH_check code
* make cryptography fallback to /dev/urandom on mac on macOS < 10.12 (#3354)Paul Kehrer2017-01-311-2/+6
|
* port 1.7.2 changelog (#3371)Paul Kehrer2017-01-281-0/+5
|
* Point people to python3-dev if needed (#3359)Alex Gaynor2017-01-211-2/+4
| | | | | | | | * Point people to python3-dev if needed * oops, syntax fix * Fedora/RHEL as well
* Removed dead link from docs (#3360)Alex Gaynor2017-01-211-3/+2
|
* Use static callbacks with Python 3.x again (#3350)Christian Heimes2017-01-181-4/+1
| | | | | | | | | | | | | | | | * Use static callbacks with Python 3.x again Static callbacks were disabled for Python 3.5+ to work around an issue with subinterpreters, locking callbacks and osrandom engine. Locking callback and osrandom engine were replaced with a C implementations in version 1.6 and 1.7. https://github.com/pyca/cryptography/issues/2970 Closes: #3348 Signed-off-by: Christian Heimes <christian@python.org> * remove unused import
* add a SAN to the certificatebuilder example (#3353)Paul Kehrer2017-01-181-0/+6
| | | | Evidently users copy/paste these examples so adding a SAN here will help people screw up less. Fixes #3314
* update comment to be more descriptive (#3349)Paul Kehrer2017-01-181-2/+3
|
* fix #3308 (#3352)Paul Kehrer2017-01-181-3/+1
|
* Move pkg_resources import location. (#3347)Dan Sully2017-01-171-2/+4
|
* add memory limit check for scrypt (#3328)Paul Kehrer2017-01-053-5/+34
| | | | | | | | | | * add memory limit check for scrypt fixes #3323 * test a pass * move _MEM_LIMIT to the scrypt module
* It is 2017, in UTC (#3342)Alex Gaynor2016-12-313-3/+3
|
* openssl backend: s/unserialize/deserialize/ in exception messages (#3339)Jan-Philip Gehrcke2016-12-281-2/+2
|
* Inline a pair of functions that became trivial post-1.0.0 (#3336)Alex Gaynor2016-12-251-7/+1
|
* Fixed #3334 -- added Python 3.6 support (#3335)Alex Gaynor2016-12-236-3/+16
| | | | | | | | | | * Fixed #3334 -- added Python 3.6 support * install py36 * empty commit to retrigger travis * this is an impressively dumb typo
* add openssl_version_number & doc openssl_version_text (#3329)Paul Kehrer2016-12-213-0/+20
| | | | | | | | | | * add openssl_version_number & doc openssl_version_text fixes #3315 * more docs + actually assert on the test... * text
* DTLS bindings (#3309)Paul Kehrer2016-12-192-0/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add DTLSv1_2 methods * add binding to DTLSv1_get_timeout() and DTLSv1_handle_timeout() * fix: PEP8 failed fix the following error: ./src/_cffi_src/openssl/ssl.py:728:80: E501 line too long (80 > 79 characters) see https://jenkins.cryptography.io/job/cryptography-pr-pep8/1954/ * Revert "add DTLSv1_2 methods" This reverts commit e4a9150b12ddb4790159a5835f1d1136cb1b996e. * replace 'long int' by 'long' To be more consistent with the naming convention cf https://github.com/pyca/cryptography/pull/3286/files/8dde92aad5db97fa176bf164783bdf9ba242edf4#r90153970 * wrap with braces cf https://github.com/pyca/cryptography/pull/3286/files/8dde92aad5db97fa176bf164783bdf9ba242edf4#r90154057 * conditionally bind all DTLS * rebase error * rename wrapped function
* We test the latest version of 1.1.0 (#3327)Alex Gaynor2016-12-181-1/+1
|
* Add d2i_DHparams_bio, i2d_DHparams_bio bindings (#3322)Aviv Palivoda2016-12-181-0/+2
|
* 1.7.1 changelog port (#3320)Paul Kehrer2016-12-141-0/+5
| | | | | | * 1.7.1 changelog port * vim stop indenting when I don't want you to
* restore this constant, pyopenssl needs it (#3321)Alex Gaynor2016-12-141-0/+3
|
* Drop 1.0.0 (#3312)Alex Gaynor2016-12-1324-574/+49
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * delete the 1.0.0 support * drop the version check * drop the AES-CTR stuff * Update the example * openssl truncates for us now * delete unused test * unused imports * Remove a bunch of conditional bindings for NPN * no more 1.0.0 builders * libressl fix * update the docs * remove dead branches * oops * this is a word, damnit * spelling * try removing this * this test is not needed * unused import
* fix a regression in int_from_bytes (#3316)Paul Kehrer2016-12-132-1/+13
| | | | | | * fix a regression in int_from_bytes * add a new test file
* no-ssl3, and some hacks (#3313)Alex Gaynor2016-12-123-4/+4
|
* 1.8 begins (#3311)Paul Kehrer2016-12-123-2/+8
|
* 1.7 changelog date and version bump (#3310)Paul Kehrer2016-12-123-6/+4
| | | | | | * 1.7 changelog date and version bump * no wait the 12th
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-16 13:21:56 +0000