| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
| |
The original source of this vector does not have a space, we added it by accident
|
| | |
|
| | |
|
| |
|
| |
This is sort of a pre-req for #3508 (but not really, because setuptools needs to be this version before setup.py even runs for that PR). Because we still support older setuptools versions in our pkg_resources code, this is mostly a gentle nudge to the ecosystem.
|
| |
|
|
|
|
| |
* Additional SCT bindings
* forgot to conditional these
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* Fixed #3489 -- document that we don't have wheels for pypy
* homebrew is a word
|
| |
|
|
|
|
|
|
|
|
| |
* Fixed #3492 -- use a better API
* More correct types
* Revert "More correct types"
This reverts commit e7412927eccf2b983bbcab2d2864ae1e4e83b56f.
|
| |
|
|
|
|
| |
* Add ASN1_TIME related functions for the relevant PyOpenSSL patch.
* Move ASN1_TIME_check() to MACROS as the argument's constness varies between 1.0.x and 1.1.0~.
|
| |
|
|
|
|
|
|
| |
* minor int_to_bytes performance increase
* why is Python 2.6 supported anyway...
* keep py2k version
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* Attempt to simplify the libressl checing
* SHENANGINS
* Attempted fix
* More simplification
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* Update symmetric-encryption.rst
Import default_backend so the example works out-of-the-box.
* Update symmetric-encryption.rst
* newline nit
|
| |
|
|
|
|
| |
* Two additional bindings for CT
* Grumble
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* First pass at adding bindings for CT functions. No conditionals yet.
* add a stack typedef as well
* Don't try to include this header if we're on an older OpenSSL
* wire up the conditional stuff
* bunch o' nonsense to get it to compile on old openssl
* I hate libressl
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Stub API for SCTs, feedback wanted
* grr, flake8
* port this to being an ABC
* finish up the __init__
* Two necessary enums
* Roll this back
* Wrote some docs
* spell words correctly
* linky
* more details
* use the words UTC
* coverage
* Define MMD for the kids at some
* linky linky
|
| |
|
|
|
|
| |
* Remove API deprecated in 1.6, clean up the legacy deprecations
* flake8, unused import
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add captions to the split toctrees
this will render the table of contents with separators in the RTD
theme. right now, the table of contents is quite confusing on
the [RTD site][] - that is because there are 3 distinct `toctree`
directives, but no `:caption:` field. instead, there are headers in
the `index.rst` but those are not parsed by RTD.
[RTD site]: https://cryptography.io/en/latest/
by moving those headers in the `:caption:` field, we keep the heading,
but it will also be shown in the left table of contents on the RTD
site.
for an example of that pattern, see the [scrapy documentation][]. they
go even further by hiding the `toctree` elements completely and adding
explanations on every section, but this is out of scope here for now.
[scrapy documentation]: https://doc.scrapy.org/en/latest/index.html
* remove spurious backtics in caption
they do not work in that field, apparently.
|
| |
|
|
|
|
| |
* Refs #3461 -- added the OID for the SCT x.509 extension
* Version added
|
| |
|
|
|
|
| |
* Refs #3461 -- added a test vector with SCTs
* timestamp is a word
|
| |
|
|
|
|
|
|
| |
* Include python3.6 in the macOS wheel script
* Pull in changes from Jenkins
* For Windows as well
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Bind a pair of mem functions.
* do the conditional correctly
* move to the right section
* Get the code basically working
* flake8
* say the correct incantation
* WOrkaround for hilarity
* Revert "WOrkaround for hilarity"
This reverts commit 37b9f3b4ed4063eef5add3bb5d5dd592a007d439.
* Swap out these functions for the originals
* nonsense for windows
* try writing this all out for windows
* Debugging utility
* Avoid this mess, don't dlopen anything
* Throw away this FFI entirely
* first pass at some x.509 memleak tests
* TODO and fix
* Get the tests to passing
* String formatting is nasty
* some fixes because rebasing
* fix for the name API, always use the OpenSSL backend
|
| |
|
|
|
|
|
|
|
| |
* Improvements to the memleak tests
* Support passing args
* Do more initialization before looking for at the heap
* Don't use default_backend for something OpenSSL specific
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* We always have EC
* We always have ECDH
* We always have ECDSA
* We always have EC codes
* This can go as well
* And this
* unused import
|
| |
|
|
|
|
| |
* Be on brand: it's macOS
* line wrap
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* CMAC is always supported
* TLSv1.2 is always supported
* Releasing buffers is always supported
* Nonsense IE SSLv2 nonsens is always supported
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Bind a pair of mem functions.
* make these conditional
* do the conditional correctly
* move to the right section
* I'm not saying libressl should be illegal, but it is annoying
* sigh, typo
* first cut at memleak tests. doesn't work
* hack around the previous error, onto the next one
* drop the pointless restoration of the original functions
* Don't try to use the previous malloc functions.
The default malloc is CRYPTO_malloc which calls the custom ptr you provided, so it just recurses forever.
* flake8
* Get the code basically working
* flake8
* say the correct incantation
* Don't try to run on old OpenSSL
* Flushing this is a good idea
* Fixed a py2.7+ism
* GRRRRR
* WOrkaround for hilarity
* Revert "WOrkaround for hilarity"
This reverts commit 37b9f3b4ed4063eef5add3bb5d5dd592a007d439.
* Swap out these functions for the originals
* py3k fix
* flake8
* nonsense for windows
* py3k
* seperate stdout and stderr because py26 has a warning on stderr
* try writing this all out for windows
* useful error messages
* Debugging utility
* Avoid this mess, don't dlopen anything
* consistency
* Throw away this FFI entirely
* some useful comments
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* it's called macOS and let's document openssl 1.1.0 installation on mac
* wrap that line
|
| |
|
| |
Also updates the doing a release documentation
|
| | |
|
| |
|
|
|
| |
Trying to be too specific about why key loading fails is very difficult
when you're using the same logic across DH, EC, RSA, and DSA. This makes
it less fancy.
|
| |
|
|
|
|
|
|
|
|
| |
* Refs #3430 -- fixed a memory leak in extension parsing for CRL dp
* same fix for policy info
* make this private
* consistency cleanup
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Support DH q (subgroup order)
* Change RFC5114.txt to NIST format
* Add tests for DH q
* Update docs for DH q
* Fix pep8
* Improve test covergae for DH q
* Create _dh_params_dup that copy q if DHparams_dup don't
On OpenSSL < 1.0.2 DHparams_dup don't copy q. _dh_params_dup
call DHparams_dup and if the version is smaller than 1.0.2
copy q manually
* Copy q manually on libressl
* Add to test vectors serialized RFC5114 2048 bit DH parameters with 224 bit subgroup
* Support serialization of DH with q
* Add tests for serialization of DH with q
* Support DH serialization with q only if Cryptography_HAS_EVP_PKEY_DHX is true
* Raise exception when trying to serialize DH X9.42 when not supported
* raise unsupported key type when deserilizing DH X9.42 if not supported
* pep8 fixes
* Fix test_serialization
* Add dhx_serialization_supported method to DHBacked
* document q in dh_parameters_supported
* Rename dhx_serialization_supported to dh_x942_serialization_supported
|
