aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* | check that required fields are present in builder when signingPaul Kehrer2015-08-041-0/+18
|/
* Merge pull request #2180 from reaperhulk/easy-conditional-fixDonald Stufft2015-08-0444-515/+432
|\ | | | | create a ConditionalLibrary and remove unsupported items
| * change approach for pypy performance reasonsPaul Kehrer2015-08-041-12/+13
| |
| * only copy the attrs we know should exist (courtesy dstufft)Paul Kehrer2015-08-031-7/+9
| |
| * remove commoncrypto CONDITIONAL_NAMESPaul Kehrer2015-08-0312-25/+0
| |
| * remove openssl CONDITIONAL_NAMESPaul Kehrer2015-08-0330-489/+0
| |
| * pass in the imports to make it a bit clearer what's going onPaul Kehrer2015-08-031-3/+3
| |
| * move the attr setting to the __init__ of _ConditionalLibraryPaul Kehrer2015-08-031-12/+10
| |
| * create a ConditionalLibrary and remove unsupported itemsPaul Kehrer2015-08-012-1/+431
| |
* | Merge pull request #2193 from reaperhulk/encode-aiaAlex Gaynor2015-08-033-0/+40
|\ \ | | | | | | Support AuthorityInformationAccess in CertificateBuilder
| * | add support for AIA to CertificateBuilder and OpenSSL backendPaul Kehrer2015-08-032-1/+11
| | |
| * | encode authority information accessPaul Kehrer2015-08-032-0/+30
| | |
* | | Fixes #2199 -- allow SSH keys to have spaces in their commentsAlex Gaynor2015-08-031-2/+2
| | |
* | | support keyusage and extendedkeyusage in certificatebuilderPaul Kehrer2015-08-032-0/+8
|/ /
* | reorder CertificateBuilder sign argumentsPaul Kehrer2015-08-031-1/+1
| |
* | Add sign_x509_certificate to X509Backend interfaceIan Cordasco2015-08-031-0/+6
| | | | | | | | Add note about CertificateBuilder to the changelog
* | Merge remote-tracking branch 'upstream/master' into cert-builderIan Cordasco2015-08-039-204/+276
|\ \
| * \ Merge pull request #2187 from reaperhulk/csr-decode-all-extsAlex Gaynor2015-08-011-23/+21
| |\ \ | | | | | | | | allow certificate and CSR to both parse the same set of extensions
| | * | allow certificate and CSR to both parse the same set of extensionsPaul Kehrer2015-08-011-23/+21
| | | |
| * | | Merge pull request #2186 from reaperhulk/handle-corrupt-extensionsAlex Gaynor2015-08-011-1/+7
| |\ \ \ | | | | | | | | | | Handle invalid x509 extension payloads
| | * | | corrupt -> invalidPaul Kehrer2015-08-011-1/+2
| | | | |
| | * | | check if the extension decoded to internal openssl reprPaul Kehrer2015-08-011-1/+6
| | |/ / | | | | | | | | | | | | ...and if not, raise an error (plus consume the error stack)
| * | | Merge pull request #2184 from reaperhulk/remove-more-branchesAlex Gaynor2015-08-013-10/+18
| |\ \ \ | | |/ / | |/| | Branch coverage to 100%
| | * | Remove elifs and replace with else + assertPaul Kehrer2015-08-013-10/+18
| | |/ | | | | | | | | | This is kind of ugly, but resolves many partial branch coverage issues.
| * / simplify x509 extension decodingPaul Kehrer2015-08-011-73/+28
| |/
| * Merge pull request #2177 from reaperhulk/cp-bindingsAlex Gaynor2015-07-271-0/+21
| |\ | | | | | | add many bindings we'll need to encode a certificate policies extension
| | * add many bindings we'll need to encode a certificate policies extensionPaul Kehrer2015-07-261-0/+21
| | |
| * | openssl error codes are clearly not considered part of the api contractPaul Kehrer2015-07-251-5/+2
| | |
| * | extra parensPaul Kehrer2015-07-251-5/+3
| | |
| * | == instead of inPaul Kehrer2015-07-251-2/+2
| | |
| * | handle RSA key too small and consume errors on CSR signature failurePaul Kehrer2015-07-252-1/+11
| |/
| * remove windows link type, update docsPaul Kehrer2015-07-241-14/+1
| |
| * Merge pull request #2171 from reaperhulk/refactor-gn-encodingAlex Gaynor2015-07-241-83/+88
| |\ | | | | | | refactor general name encoding to its own function
| | * refactor general name encoding to its own functionPaul Kehrer2015-07-241-83/+88
| | |
| * | let's also add the binding to make a new GENERAL_SUBTREE stackPaul Kehrer2015-07-241-0/+1
| | |
| * | bindings for CRL encodingPaul Kehrer2015-07-241-0/+7
| |/
| * Support encoding ExtendedKeyUsage into certificate signing requestsPaul Kehrer2015-07-235-2/+36
| |
| * Support encoding KeyUsage into certificate signing requestsPaul Kehrer2015-07-234-0/+45
| |
| * when building a CSR adding > 1 extension would trigger a bugPaul Kehrer2015-07-231-1/+1
| | | | | | | | | | | | We were checking sk_X509_EXTENSION_push for a value == 1, but in reality it returns the number of extensions on the stack. We now assert >= 1 and added a test.
* | Add sign_x509_certificate to MultiBackendIan Cordasco2015-08-021-0/+9
| | | | | | | | Add example of CertificateBuilder to the reference documentation
* | Add note to serial_number parameter about entropyIan Cordasco2015-08-021-0/+2
| | | | | | | | | | | | | | | | | | | | - Add reference to random-numbers.rst for easy intra-linking - Document critical parameter of CertificateBuilder.add_extension - Support InhibitAnyPolicy in the CertificateBuilder frontend but not in the backend - Slim down more tests - Fix up test that asserts the backend does not allow for unsupported extensions
* | Add _encode_asn1_int_gcIan Cordasco2015-08-011-1/+7
| | | | | | | | Ensure the certificate serial number is freed
* | Add check for an RSA Key being too smallIan Cordasco2015-08-012-3/+5
| | | | | | | | | | - Remove outdated/unnecessary/illegitimate TODOs - Fix up test for an RSA key that is too small
* | Document other two parameters from sign methodIan Cordasco2015-07-311-11/+21
| | | | | | | | | | | | | | - Remove incorrect CertificateBuilder doc-string - Check that serial numbers are non-negative and < 160 bits - Check that dates passed aren't earlier than the unix epoch - Remove version from CertificateBuilder.__init__ and version method
* | Check result of setting the serial numberIan Cordasco2015-07-241-2/+14
| | | | | | | | | | - Add checks for private key types - Add tests around new checks for types of private keys
* | Remove CertificateBuilder.versionIan Cordasco2015-07-241-19/+2
| | | | | | | | Default CertificateBuilder to Version.v3
* | Use correct exception class in openssl backendIan Cordasco2015-07-201-1/+1
| |
* | Remove unnecessary type checkIan Cordasco2015-07-191-2/+0
| |
* | Handle SubjectAlternativeName extensions in the backendIan Cordasco2015-07-191-0/+2
| | | | | | | | They are handled in cryptography.x509 so they need to be handled here
* | Construct extensions like a CSRIan Cordasco2015-07-191-6/+9
| | | | | | | | | | | | - Use _encode_basic_constraints appropriately - Create an appropriate object from the oid dotted string - Create the X509 Extension appropriately
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-02 22:12:16 +0000