Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Remove unused constant binding from ecdh.py (#4774) | Alex Gaynor | 2019-02-26 | 1 | -3/+0 |
| | |||||
* | Remove unused constant from ec.py bindings (#4773) | Alex Gaynor | 2019-02-26 | 1 | -3/+0 |
| | |||||
* | Remove unused bindings from aes.py (#4772) | Alex Gaynor | 2019-02-26 | 1 | -7/+1 |
| | |||||
* | Removed unused constant from bindings (#4771) | Alex Gaynor | 2019-02-26 | 1 | -2/+0 |
| | |||||
* | Polish off removal of unused engine bindings (#4769) | Alex Gaynor | 2019-02-25 | 2 | -15/+0 |
| | |||||
* | reduce our engine bindings even more (#4768) | Paul Kehrer | 2019-02-25 | 6 | -110/+47 |
| | |||||
* | support NO_ENGINE (#4763) | Paul Kehrer | 2019-02-25 | 11 | -18/+155 |
| | | | | | | | | * support OPENSSL_NO_ENGINE * support some new openssl config args * sigh | ||||
* | Remove a bunch of unused engine bindings (#4766) | Alex Gaynor | 2019-02-25 | 1 | -61/+0 |
| | |||||
* | why did we have these variables (#4764) | Paul Kehrer | 2019-02-24 | 3 | -10/+8 |
| | |||||
* | add an EC OID to curve dictionary mapping (#4759) | Paul Kehrer | 2019-02-20 | 4 | -1/+57 |
| | | | | | | | | | | * add an EC OID to curve dictionary mapping * oid_to_curve function * changelog and docs fix * rename to get_curve_for_oid | ||||
* | encode the package version in the shared object (#4756) | Paul Kehrer | 2019-02-20 | 3 | -1/+42 |
| | | | | | | | | | | * encode the package version in the shared object * review feedback * move into build_ffi so the symbol is in all shared objects * review feedback | ||||
* | add ed25519 PKCS8 and subjectPublicKeyInfo vectors (#4719) | Paul Kehrer | 2019-02-20 | 7 | -0/+19 |
| | | | | | | * add ed25519 PKCS8 and subjectPublicKeyInfo vectors * line length fix | ||||
* | add ed448 PKCS8 and subjectPublicKeyInfo vectors (#4718) | Paul Kehrer | 2019-02-20 | 7 | -0/+21 |
| | |||||
* | full state or province name (#4758) | itinerarium | 2019-02-20 | 1 | -2/+2 |
| | | | | | | | CA -> California 6.3.5 of ITU-T X.520 (10/2016) provides a spelled out sample state. In other contexts, hints generally suggest the "full name" of a state or province. A spelled out state in the sample code might be more consistent with general usage. | ||||
* | Simplify string formatting (#4757) | Alex Gaynor | 2019-02-20 | 32 | -89/+89 |
| | |||||
* | update the thread link (#4748) | Paul Kehrer | 2019-02-03 | 1 | -10/+9 |
| | | | | | | | | * update the thread link linkcheck doing its job! * update our locking information | ||||
* | concede to digicert's garbage CDN (#4747) | Paul Kehrer | 2019-02-03 | 1 | -1/+1 |
| | | | Which, despite supporting HTTPS, is non-deterministically providing 404s and DigiCert has asserted that http is the only "supported" protocol. | ||||
* | Also suggest cryptopals to learn crypo (#4745) | Alex Gaynor | 2019-02-03 | 1 | -1/+3 |
| | |||||
* | Rename [wheel] section to [bdist_wheel] as the former is legacy (#4743) | Jon Dufresne | 2019-02-03 | 1 | -1/+1 |
| | | | | | | | For additional details, see: https://github.com/pypa/wheel/blob/3dc261abc98a5e43bc7fcf5783d080aaf8f9f0cf/wheel/bdist_wheel.py#L127-L133 http://pythonwheels.com/ | ||||
* | Fixes for the latest pep8-naming (#4744) | Alex Gaynor | 2019-02-02 | 12 | -60/+60 |
| | |||||
* | Run wycheproof RSA tests on LibreSSL>=2.8 (#4737) | Alex Gaynor | 2019-01-24 | 2 | -7/+16 |
| | | | | | | | | * Run wycheproof RSA tests on LibreSSL>=2.8 * Define it this way * These are errors on libressl | ||||
* | Fixes #4734 -- Deal with deprecated things (#4736) | Alex Gaynor | 2019-01-23 | 10 | -79/+26 |
| | | | | | | | | | | * Fixes #4734 -- Deal with deprecated things - Make year based aliases of PersistentlyDeprecated so we can easily assess age - Removed encode/decode rfc6979 signature - Removed Certificate.serial * Unused import | ||||
* | Use O_CLOEXEC when it's available (#4733) | Alex Gaynor | 2019-01-23 | 1 | -10/+16 |
| | | | | | | | | * Use O_CLOEXEC when it's available * Don't have two vars with the same name * A normal person would be emberassed | ||||
* | pypy 5.4+ (#4732) | Paul Kehrer | 2019-01-22 | 1 | -1/+1 |
| | |||||
* | reopen master for 2.6 work (#4730) | Paul Kehrer | 2019-01-22 | 3 | -2/+10 |
| | |||||
* | changelog and version bump for 2.5 (#4729) | Paul Kehrer | 2019-01-22 | 3 | -6/+6 |
| | |||||
* | allow asn1 times of 1950-01-01 and later. (#4728) | Paul Kehrer | 2019-01-22 | 5 | -28/+57 |
| | | | | | | | | * allow asn1 times of 1950-01-01 and later. * add a test * pretty up the test | ||||
* | allow 32-bit platforms to encode certs with dates > unix epoch (#4727) | Paul Kehrer | 2019-01-21 | 2 | -23/+19 |
| | | | | | | | | | | | | | | | | | Previously we used unix timestamps, but now we are switching to using ASN1_TIME_set_string and automatically formatting the string based on the year. The rule is as follows: Per RFC 5280 (section 4.1.2.5.), the valid input time strings should be encoded with the following rules: 1. UTC: YYMMDDHHMMSSZ, if YY < 50 (20YY) --> UTC: YYMMDDHHMMSSZ 2. UTC: YYMMDDHHMMSSZ, if YY >= 50 (19YY) --> UTC: YYMMDDHHMMSSZ 3. G'd: YYYYMMDDHHMMSSZ, if YYYY >= 2050 --> G'd: YYYYMMDDHHMMSSZ 4. G'd: YYYYMMDDHHMMSSZ, if YYYY < 2050 --> UTC: YYMMDDHHMMSSZ Notably, Dates < 1950 are not valid UTCTime. At the moment we still reject dates < Jan 1, 1970 in all cases but a followup PR can fix that. | ||||
* | bind EVP_R_MEMORY_LIMIT_EXCEEDED and update a test (#4726) | Paul Kehrer | 2019-01-21 | 3 | -0/+22 |
| | | | | | | | | | | | * bind EVP_R_MEMORY_LIMIT_EXCEEDED and update a test This will allow OpenSSL 1.1.1 on 32-bit (including our Windows 32-bit builders) to fail as expected. Technically this isn't a malloc error, but rather failing because the allocation requested is larger than 32-bits, but raising a MemoryError still seems appropriate * what you want an endif too? | ||||
* | Updated link to PKCS#3 -- fixes #4671 (#4722) | Alex Gaynor | 2019-01-21 | 1 | -1/+1 |
| | |||||
* | update jenkinsfile to compile openssl 1.1.1 on windows (#4725) | Paul Kehrer | 2019-01-21 | 1 | -1/+1 |
| | |||||
* | See if urllib3 tests pass on xenial nowadays (#4724) | Alex Gaynor | 2019-01-21 | 1 | -3/+0 |
| | |||||
* | Apparently NIST crypto resources are essential to life and property (#4721) | Alex Gaynor | 2019-01-20 | 1 | -2/+0 |
| | |||||
* | deprecate encode_point and migrate all internal callers (#4720) | Paul Kehrer | 2019-01-20 | 6 | -4/+28 |
| | |||||
* | add support for encoding compressed points (#4638) | Paul Kehrer | 2019-01-20 | 10 | -33/+207 |
| | | | | | | * add support for encoding compressed points * review feedback | ||||
* | shake128/256 support (#4611) | Paul Kehrer | 2019-01-19 | 8 | -8/+192 |
| | | | | | | | | | | | | | | * shake128/256 support * remove block_size * doc an exception * change how we detect XOF by adding _xof attribute * interface! * review feedback | ||||
* | expose the ed448 nid (#4717) | Paul Kehrer | 2019-01-19 | 1 | -0/+1 |
| | | | | we already did all the conditional binding, but forgot to actually expose it. | ||||
* | consistently linky RFC in the docs (#4716) | Alex Gaynor | 2019-01-18 | 4 | -9/+8 |
| | | | | | | * consistently linky RFC in the docs * oops | ||||
* | Fixed #4700 -- linkify method in changelog (#4715) | Alex Gaynor | 2019-01-18 | 1 | -4/+6 |
| | | | | | | | | | | * Fixed #4700 -- linkify method in changelog * fixed linkification * oxford comma * line length | ||||
* | Bump this way up and see if it helps (#4713) | Alex Gaynor | 2019-01-17 | 1 | -1/+1 |
| | |||||
* | changelog for byteslike (#4712) | Paul Kehrer | 2019-01-17 | 1 | -0/+3 |
| | | | | | | * changelog for byteslike * bertter prose | ||||
* | support byteslike in KBKDFHMAC (#4711) | Paul Kehrer | 2019-01-17 | 3 | -2/+11 |
| | |||||
* | support byteslike in ConcatKDF{HMAC,Hash}, Scrypt, and X963KDF (#4709) | Paul Kehrer | 2019-01-17 | 8 | -7/+70 |
| | | | | | | | | * byteslike concatkdf * byteslike scrypt * byteslike x963kdf | ||||
* | support byteslike for OTP (#4710) | Paul Kehrer | 2019-01-17 | 3 | -6/+19 |
| | |||||
* | normalize KBKDF tests (#4708) | Paul Kehrer | 2019-01-17 | 1 | -38/+37 |
| | |||||
* | Support byteslike in HKDF and PBKDF2HMAC (#4707) | Paul Kehrer | 2019-01-17 | 6 | -6/+42 |
| | | | | | | | | * support byteslike in HKDF * support byteslike in PBKDF2HMAC * add missing docs | ||||
* | support bytes-like for X25519PrivateKey.from_private_bytes (#4698) | Paul Kehrer | 2019-01-17 | 2 | -6/+40 |
| | | | yuck. | ||||
* | x448 and x25519 should enforce key lengths in backend (#4703) | Paul Kehrer | 2019-01-17 | 5 | -4/+42 |
| | | | | | | | | | | | * x448 and x25519 should enforce key lengths in from_private_bytes they should also check if the algorithm is supported like the public bytes class methods do * oops * move the checks | ||||
* | support byteslike in hmac update (#4705) | Paul Kehrer | 2019-01-17 | 4 | -4/+6 |
| | | | needed for some KDF keying material | ||||
* | support byteslike in hash updates (#4702) | Paul Kehrer | 2019-01-16 | 3 | -2/+17 |
| | | | This is needed to handle keying material in some of the KDFs |