aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #2427 from alex/ecdhPaul Kehrer2015-10-196-0/+56
|\ | | | | ECDH take 4
| * better document hte ifaceAlex Gaynor2015-10-171-0/+7
| |
| * unused importAlex Gaynor2015-10-171-1/+0
| |
| * a refactor to the APIAlex Gaynor2015-10-175-43/+35
| |
| * Add an Elliptic Curve Key Exchange Algorithm(ECDH)Simo Sorce2015-10-175-0/+58
| | | | | | | | | | | | | | | | | | The ECDH Key Exchange algorithm as standardized in NIST publication 800-56A Revision 2 Includes tests with vectors from NIST. Signed-off-by: Simo Sorce <simo@redhat.com>
* | Fix wrong mention of class in docstring.Terry Chia2015-10-181-1/+1
|/
* Kill Key Exchange as a separate interfaceSimo Sorce2015-10-151-18/+0
| | | | | | | | Ultimately it was decided that ECDH and the others can be implemented as simple classes without the overhead of an interface. So ... let's kill it, it was a fun process. Signed-off-by: Simo Sorce <simo@redhat.com>
* add binding for d2i_GENERAL_NAMES()Erik Trauschke2015-10-151-0/+2
|
* extend pkcs7 openssl bindingsDominic Chen2015-10-132-2/+32
|
* Catch Invalid X or Y points and raise a ValueErrorSimo Sorce2015-10-121-2/+6
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Merge pull request #2402 from ddcc/patch-1Paul Kehrer2015-10-111-2/+7
|\ | | | | minor fix to handle malformed certificates without hostname
| * fix to handle malformed certificates without hostnameDominic Chen2015-10-101-2/+7
| |
* | typoAlex Gaynor2015-10-111-1/+1
| |
* | handle errorsAlex Gaynor2015-10-101-0/+2
| |
* | Fixed #2404 -- handle a certificate with an unknown public keyAlex Gaynor2015-10-101-1/+3
|/
* Introduce Key Exchange Agreements interfaceSimo Sorce2015-10-071-0/+18
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Change '!=' to 'is not'Manoel Domingues Junior2015-10-011-1/+1
|
* Handling path_length when ca is TrueManoel Domingues Junior2015-10-011-1/+1
| | | | | | Using CertificateBuilder: builder = builder.add_extension(x509.BasicConstraints(ca=True,path_length=None), critical=True) return TypeError in line 792 because None can't be converted to hex. In https://tools.ietf.org/html/rfc5280.html#section-4.2.1.9: CAs MUST NOT include the pathLenConstraint field unless the cA boolean is asserted and the key usage extension asserts the keyCertSign bit.
* flake8Alex Gaynor2015-09-291-0/+1
|
* sigh, fixAlex Gaynor2015-09-291-1/+1
|
* use signature so stuff works on 3.6 -- fixes #2382Alex Gaynor2015-09-291-3/+8
|
* unused importAlex Gaynor2015-09-261-3/+1
|
* Use InternalError for stuffAlex Gaynor2015-09-266-41/+21
|
* fix the testsAlex Gaynor2015-09-261-4/+4
|
* flake8 itAlex Gaynor2015-09-261-6/+4
|
* Convert asserts in bindings as wellAlex Gaynor2015-09-262-36/+49
|
* converted a few more assertsAlex Gaynor2015-09-263-3/+3
|
* move two asserts much closer to call sitePaul Kehrer2015-09-251-2/+2
|
* convert the rest of the openssl backend to using openssl_assertPaul Kehrer2015-09-258-87/+90
|
* remove unnecessary checkPaul Kehrer2015-09-251-1/+0
|
* change some asserts back since they're not openssl specificPaul Kehrer2015-09-251-18/+19
| | | | plus bonus better exception msg
* start converting asserts to a function callPaul Kehrer2015-09-251-166/+185
| | | | | This prevents situations where asserts are bypassed when running python with -O.
* Add X963KDF from ANSI X9.63:2001Simo Sorce2015-09-241-0/+70
| | | | | | | | | | The implemention allows the use a Hash function to implement a KDF very similar to ConcatKDFHash, just different enough to require a separate derivation function. Closes #2203 Signed-off-by: Simo Sorce <simo@redhat.com>
* should have _asn1_* utility functions in a common placeErik Trauschke2015-09-242-73/+63
|
* Made import order alphabetical.Predrag Gruevski2015-09-231-1/+1
|
* SubjectKeyIdentifier equality now uses constant-time digest comparison.Predrag Gruevski2015-09-231-4/+2
|
* Merge branch 'master' into add_name_to_oidsBrendan McCollam2015-09-075-11/+46
|\
| * Merge branch 'master' into static-linking-osxPaul Kehrer2015-09-042-7/+6
| |\
| | * Resolve an unusual test bug related to initializing the bindingsPaul Kehrer2015-08-292-7/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To make calls against the "SSL" parts of OpenSSL you need to call SSL_library_init. There are multiple ways this can be called: * If you're using the same OpenSSL in cryptography as you are in your Python then Python will call it for you. * If you import the openssl backend. These tests need SSL_library_init to be called. When run in our CI SSL_library_init is called because during the parametrization step the OpenSSL backend is imported (thus triggering it). However, you can also run tests directly via py.test and without this change py.test tests/hazmat/bindings/test_openssl.py would crash if you had cryptography linked against a different OpenSSL than your Python used.
| * | rename env var to CRYPTOGRAPHY_OSX_NO_LINK_FLAGSPaul Kehrer2015-08-311-1/+1
| | |
| * | no need for NonePaul Kehrer2015-08-291-1/+1
| | |
| * | add support for static linking of the openssl backend on OS XPaul Kehrer2015-08-291-3/+16
| |/
| * Removed SSL_renegotiate_abbreviated bindingkjav2015-08-281-1/+0
| | | | | | As this is not supported in OpenSSL < 1.01
| * Added bindings for SSL_renegotiate_<pending/abbreviated>kjav2015-08-281-0/+2
| |
| * Add SSL_renegotiate binding.Terry Chia2015-08-281-0/+1
| |
| * add conditional removal for SET_CERT_CBPaul Kehrer2015-08-251-1/+5
| |
| * add set_cert_cbMaximilian Hils2015-08-251-0/+17
| |
* | Adds _name property to ObjectIdentifierBrendan McCollam2015-09-061-1/+5
|/
* set the default stringmask to utf8Paul Kehrer2015-08-221-0/+6
| | | | | This corrects a problem where older OpenSSL versions don't do this by default. fixes #2291
* libre doesn't have these fields (and might only be used in sslv2 anyway)Paul Kehrer2015-08-191-2/+0
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-23 14:43:52 +0000