aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* add ellipticcurvepublicnumbers reprPaul Kehrer2015-10-281-0/+6
|
* Merge pull request #2447 from reaperhulk/encode-decode-pointAlex Gaynor2015-10-272-2/+30
|\ | | | | add support for encoding/decoding elliptic curve points
| * address review feedbackPaul Kehrer2015-10-281-5/+2
| |
| * modify approach to use EllipticCurvePublicNumbers methodsPaul Kehrer2015-10-272-34/+28
| |
| * remove support for null points, improve docsPaul Kehrer2015-10-271-4/+4
| |
| * add support for encoding/decoding elliptic curve pointsPaul Kehrer2015-10-262-2/+39
| | | | | | | | Based on the work of @ronf in #2346.
* | Merge pull request #2435 from reaperhulk/fix-2407Alex Gaynor2015-10-271-6/+8
|\ \ | | | | | | encode countryName with PrintableString
| * | update comment to include a bit more detailPaul Kehrer2015-10-271-2/+2
| | |
| * | encode countryName with PrintableStringPaul Kehrer2015-10-201-6/+8
| | | | | | | | | | | | | | | | | | | | | This commit adds a dependency on asn1crypto for testing purposes to parse the certificate and confirm that countryName is encoded with PrintableString while other fields are UTF8String. This is a test only dep.
* | | Merge pull request #2446 from reaperhulk/init-locksAlex Gaynor2015-10-262-2/+8
|\ \ \ | |_|/ |/| | move lock initialization to during binding import
| * | modify sadness prosePaul Kehrer2015-10-271-3/+5
| | |
| * | expand commentPaul Kehrer2015-10-241-1/+3
| | |
| * | move lock initialization to during binding importPaul Kehrer2015-10-242-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | Previously we attempted to register our openssl locks only if the backend was initialized, but we should really just do it immediately. Consumers like PyOpenSSL already call init_static_locks after importing the binding and if a library wants to replace the locks with something else they can do so themselves.
* | | Merge pull request #2220 from reaperhulk/encode-cpAlex Gaynor2015-10-241-0/+90
|\ \ \ | |/ / |/| | support encoding certificate policies in CertificateBuilder
| * | use new ExtensionOIDPaul Kehrer2015-10-241-1/+1
| | |
| * | one more assertPaul Kehrer2015-10-241-1/+1
| | |
| * | convert asserts to openssl_assertPaul Kehrer2015-10-241-10/+10
| | |
| * | support encoding certificate policies in CertificateBuilderPaul Kehrer2015-10-241-0/+90
| | |
* | | Merge pull request #2293 from reaperhulk/idempotent-engine-addAlex Gaynor2015-10-242-6/+9
|\ \ \ | |/ / |/| | idempotent engine add
| * | address review commentsPaul Kehrer2015-10-241-5/+2
| | |
| * | make engine addition idempotentPaul Kehrer2015-10-212-5/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Threading issues keep cropping up. ENGINE_add already acquires a lock at the C layer via CRYPTO_w_lock (provided you have registered the locking callbacks) so let's try to use that. As part of this we'll try to init the openssl locks, but of course there's potentially a race there as well. Clearly this isn't the real fix but it might improve the situation while we try to determine what to do.
* | | Fixed #2444 -- added an __hash__ to x509 NamesAlex Gaynor2015-10-241-0/+8
| | |
* | | update a commentPaul Kehrer2015-10-221-2/+3
| | |
* | | pep8!Paul Kehrer2015-10-211-1/+1
| | |
* | | AES keywrap supportPaul Kehrer2015-10-212-1/+85
|/ /
* | hoist a dict up to module scope so we don't recreate it every callPaul Kehrer2015-10-211-12/+15
| |
* | Merge pull request #2315 from etrauschke/crl_ossl_backendPaul Kehrer2015-10-215-22/+263
|\ \ | | | | | | OpenSSL backend code for CRLs
| * | remove convenience functions for revoked extensionsErik Trauschke2015-10-211-30/+0
| | | | | | | | | | | | fix docs regarding CRL PEM format
| * | add commentsErik Trauschke2015-10-202-26/+37
| | |
| * | Merge branch 'master' into crl_ossl_backendErik Trauschke2015-10-2011-23/+102
| |\ \
| * \ \ Merge branch 'crl_ossl_backend' of github.com:etrauschke/cryptography into ↵Erik Trauschke2015-10-206-22/+282
| |\ \ \ | | | | | | | | | | | | | | | crl_ossl_backend
| | * | | removing caching mechanism for x509 propertiesErik Trauschke2015-10-154-76/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | undo name change of CRLExtensionOID use custom parsing mechanism for certIssuer entry extension add new crl to vectors for testing invalid certIssuer entry ext
| | * | | import fixErik Trauschke2015-10-141-2/+2
| | | | |
| | * | | use X509ExtensionParser for Revoked extensionsErik Trauschke2015-10-144-113/+88
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | remove revoked_certificates property from RevokedCertificate class CRLExtensions should actually be RevokedExtensions doctest cleanup for RevokedCertificate
| | * | | fix indentationsErik Trauschke2015-10-131-68/+65
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | change docs to indicate CRL objects are iterable fix docs for revoked certs make _decode_crl_reason more readable add __getitem__ method to CRL object remove double underscores
| | * | | use openssl assertErik Trauschke2015-09-281-22/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | change _build* to _decode* make CRLs into iterators various fixes
| | * | | Merge branch 'master' into crl_ossl_backendErik Trauschke2015-09-286-44/+22
| | |\ \ \
| | * \ \ \ Merge branch 'crl_ossl_backend' of github.com:etrauschke/cryptography into ↵Erik Trauschke2015-09-285-4/+312
| | |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | crl_ossl_backend
| | | * \ \ \ Merge branch 'master' into crl_ossl_backendErik Trauschke2015-09-251-153/+172
| | | |\ \ \ \
| | | * \ \ \ \ Merge branch 'master' into crl_ossl_backendErik Trauschke2015-09-251-0/+70
| | | |\ \ \ \ \
| | | * | | | | | OpenSSL backend code for CRLsErik Trauschke2015-09-245-4/+312
| | | | | | | | |
* | | | | | | | | Remove long comments and workarounds, use new cffi syntaxAlex Gaynor2015-10-212-36/+2
| |_|_|_|_|_|/ / |/| | | | | | |
* | | | | | | | add __repr__ to x509.ExtensionsPaul Kehrer2015-10-201-0/+5
| |_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | fix #2434
* | | | | | | Merge pull request #2427 from alex/ecdhPaul Kehrer2015-10-196-0/+56
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | ECDH take 4
| * | | | | | | better document hte ifaceAlex Gaynor2015-10-171-0/+7
| | | | | | | |
| * | | | | | | unused importAlex Gaynor2015-10-171-1/+0
| | | | | | | |
| * | | | | | | a refactor to the APIAlex Gaynor2015-10-175-43/+35
| | | | | | | |
| * | | | | | | Add an Elliptic Curve Key Exchange Algorithm(ECDH)Simo Sorce2015-10-175-0/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ECDH Key Exchange algorithm as standardized in NIST publication 800-56A Revision 2 Includes tests with vectors from NIST. Signed-off-by: Simo Sorce <simo@redhat.com>
* | | | | | | | Fix wrong mention of class in docstring.Terry Chia2015-10-181-1/+1
|/ / / / / / /
* | | | | | | Kill Key Exchange as a separate interfaceSimo Sorce2015-10-151-18/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ultimately it was decided that ECDH and the others can be implemented as simple classes without the overhead of an interface. So ... let's kill it, it was a fun process. Signed-off-by: Simo Sorce <simo@redhat.com>
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-08 11:09:47 +0000