aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Move SSH serialization to it's own file (#4607)Alex Gaynor2018-11-244-148/+158
| | | | | | * Move SSH serialization to it's own file * flake8
* refactor serialization module into package (#4606)Paul Kehrer2018-11-233-11/+35
| | | | | | * refactor serialization into a package so we can add a pkcs12 module * oops
* Added comments reminding us to improve this code when we go 1.1.1+ only (#4605)Alex Gaynor2018-11-231-0/+4
|
* X448 support (#4580)Paul Kehrer2018-11-223-0/+145
| | | | | | | | | | | | | | | | | | | | * x448 support This work was originally authored by derwolfe * update docs to have a more useful derived key length * error if key is not a valid length in from_public_bytes * one more * switch to using evp_pkey_keygen_gc for x448 keygen * review feedback * switch to using evp_pkey_derive * nit fix
* refactor x25519 exchange into utils (#4603)Paul Kehrer2018-11-222-24/+27
|
* Import idna lazily to reduce our memory consumption (#4601)Alex Gaynor2018-11-231-2/+12
| | | We only use idna in deprecated paths at this point, so we shouldn't make people pay for it.
* add sha3 support (#4573)Paul Kehrer2018-11-221-0/+24
| | | | | | | | * add sha3 support * missed versionadded * add prose, remove block_size
* Adjust DTLS check (#4593)Rosen Penev2018-11-191-1/+1
| | | OpenSSL defines these even with OPENSSL_NO_DTLS.
* add EVPDigestFinalXOF for extendable output functions (#4589)Paul Kehrer2018-11-132-0/+14
|
* refactor x25519 keygen into evp_pkey_keygen (#4587)Paul Kehrer2018-11-131-7/+7
| | | this allows us to use the same code for ed25519, x448, and ed448
* Ed bindings (#4586)Paul Kehrer2018-11-133-0/+30
| | | | | | * add evp_pkey_ed25519 * ed448 bindings
* error if the key length for x25519 isn't 32 bytes (#4584)Paul Kehrer2018-11-121-0/+4
| | | | | | * error if the key length for x25519 isn't 32 bytes * also test 33
* add SHA512/224 and SHA512/256 support (#4575)Paul Kehrer2018-11-121-0/+14
| | | | | | * add SHA512/224 and SHA512/256 support * add missing docs
* add bindings for early data (#4582)Paul Kehrer2018-11-122-0/+13
| | | | | | * add bindings for early data * remove final var name
* add a little bit of x25519 interface docs we missed (#4574)Paul Kehrer2018-11-121-3/+9
|
* x448 bindings (#4577)Paul Kehrer2018-11-123-0/+24
|
* add EVP raw key bindings (#4578)Paul Kehrer2018-11-122-0/+28
|
* add a few more EC OIDs (#4572)Paul Kehrer2018-11-111-0/+13
| | | | | | * add a few more EC OIDs * spaces matter
* Remove unnecessary use of six.binary_type (#4569)Jon Dufresne2018-11-111-1/+1
| | | | | All supported Pythons have type bytes. On Python 2, it is an alias of str, same as six.binary_type. Makes the code slightly more forward compatible and removes some indirection.
* reopen master for 2.5 development (#4571)Paul Kehrer2018-11-111-1/+1
|
* Revert O_CLOEXEC change to fix builds (#4570)Alex Gaynor2018-11-112-3/+10
|
* bump versions and update changelog for 2.4 release (#4568)Paul Kehrer2018-11-111-1/+1
|
* add various new TLS bindings (#4555)Paul Kehrer2018-11-032-0/+31
| | | | | | | | | | * add SSL_OP_NO_TLSv1_3 * compiling now * bind SSL_CTX_set_ciphersuites as well * add some more
* add EC OIDs (#4435)Paul Kehrer2018-10-301-0/+10
| | | | | | * add EC OIDs * move ec oid docs to bottom
* move ObjectIdentifier to break an upcoming import cycle (#4550)Paul Kehrer2018-10-302-59/+68
|
* Add eq/ne/hash to PrecertificateSignedCertificateTimestamps (#4534)Paul Kehrer2018-10-292-0/+35
| | | | | | | | | | | | | | * Add eq/ne/hash to PrecertificateSignedCertificateTimestamps This requires adding it to SignedCertificateTimestamps as well * slightly more consistent * right, these need to be conditional * compare by signature * don't use private API
* do not pass conversion on Solaris (#4545)Bernát Gábor2018-10-301-1/+1
|
* create & use _evp_md_from_algorithm and _evp_md_non_null_from_algorithm (#4542)Paul Kehrer2018-10-294-47/+37
| | | | | | * create & use _evp_md_from_algorithm and _evp_md_non_null_from_algorithm * remove unused import
* add SCT_get0_signature (#4540)Paul Kehrer2018-10-282-0/+4
|
* OCSP response builder (#4485)Paul Kehrer2018-10-283-10/+279
| | | | | | | | * ocsp response builder * better prose * review changes
* add IDP OID and docs (#4533)Paul Kehrer2018-10-281-0/+4
|
* refactor _decode_dist_points (#4536)Paul Kehrer2018-10-281-64/+67
| | | | | | | | | | | * separate refactor _decode_dist_points We need to be able to parse reasons and distpoint for the CRL extension IssuingDistributionPoint * move comment, rename a variable * review feedback
* add bindings for supporting the issuing distribution point CRL extension (#4532)Paul Kehrer2018-10-271-0/+12
|
* add _create_asn1_time (#4524)Paul Kehrer2018-10-241-12/+10
|
* refactor set_asn1_time to take a datetime (#4516)Paul Kehrer2018-10-231-14/+7
|
* bind a constant for an error check (#4514)Paul Kehrer2018-10-231-0/+1
| | | I hate it when we have to do this.
* next_update is not a required field on OCSP responses (#4513)Paul Kehrer2018-10-231-2/+4
|
* Fixes #4500 -- use O_CLOEXEC when opening the /dev/urandom file descriptor ↵Alex Gaynor2018-10-231-9/+2
| | | | | | | | (#4507) * Fixes #4500 -- use O_CLOEXEC when opening the /dev/urandom file descriptor * Unused variable
* Remove branch for old libressl versions that we don't support any more (#4505)Alex Gaynor2018-10-201-2/+1
|
* Add definitions that help with hostname checking (#4492)Kai Engert2018-10-103-0/+56
| | | | | | | | | | | | | | * Add definitions for SSL_get0_param and X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS * remove unnecessary parameter name * Add version conditionals and more flags * extend cryptography_has_102_verification_params * X509_CHECK_FLAG_NEVER_CHECK_SUBJECT only available with openssl 1.1.0+ * add missing declaration
* Use our cryptography-specific warning class (#4493)Alex Gaynor2018-10-101-1/+1
|
* OCSP response serialization (#4482)Paul Kehrer2018-10-061-0/+13
| | | | | | * support OCSP response serialization * empty commit, good times
* support extensions in the OCSP request builder (#4481)Paul Kehrer2018-10-063-6/+37
| | | | | | | | | | * support extensions in the OCSP request builder * cover a missed branch * refactor to use new func * review feedback
* Cleanup _encode_asn1_str_gc: don't require the length as an argument (#4484)Alex Gaynor2018-10-072-15/+11
| | | | | | * Cleanup _encode_asn1_str_gc: don't require the length as an argument * Apply the same cleanup to _encode_asn1_str
* add OCSP basic response extension parsing (#4479)Paul Kehrer2018-10-063-1/+23
| | | | | | | | | | * add OCSP basic response extension parsing Just nonce for now. This does not support SINGLERESP extension parsing. * also raises on extensions for non-successful * empty commit
* consolidate the duplicate extension check (#4483)Paul Kehrer2018-10-061-19/+11
|
* additional OCSP bindings for the response builder (#4480)Paul Kehrer2018-10-061-3/+5
| | | | | | * additional OCSP bindings for the response builder * use the OCSP extension funcs that match the rest of x509
* support OCSP response parsing (#4452)Paul Kehrer2018-10-013-4/+262
| | | | | | | | | | | | * support OCSP response parsing * move the decorator to make pep8 happy * add some missing docs * review feedback * more review feedback
* add ed25519 bindings (#4476)Paul Kehrer2018-09-264-0/+50
| | | | | | * add ed25519 bindings * var name
* Remove conditionals for OpenSSL 1.1.1 pre-releases (#4467)Alex Gaynor2018-09-152-8/+3
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-02 10:44:52 +0000