| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | Reorder this to reflect Alex's Opinions On What Is Good (#4115) | Alex Gaynor | 2018-02-22 | 1 | -2/+2 | |
| | | ||||||
| * | add aws-encryption-sdk as a downstream (#4106) | Paul Kehrer | 2018-02-13 | 1 | -0/+15 | |
| | | | | they're probably important, let's not break them. | |||||
| * | fixed docs with latest sphinx (#4107) | Alex Gaynor | 2018-02-13 | 1 | -2/+1 | |
| | | ||||||
| * | Add binding for SSL_get_certificate (#4100) | Jeremy Lainé | 2018-02-06 | 1 | -0/+1 | |
| | | | | | | | | | | | | | | | Currently we only expose SSL_get_peer_certificate, which allows you to retrieve the remote party's certificate. This adds the symetrical binding to retrieve the local party's certificate. The motivation for this additional binding is to make it possible to query the local certificate regardless of the method which was used to load the certificate into the SSL connection (from a file, from an in-memory object). An example where this is useful is when negotiating a DTLS-SRTP connection, the fingerprint of the local certificate needs to be communicated to the remote party out-of-band via SDP. This binding can be exposed in pyopenssl as Connection.get_certificate(). | |||||
| * | Add myself to AUTHORS.rst (#4101) | Jeremy Lainé | 2018-02-06 | 1 | -0/+1 | |
| | | ||||||
| * | Add bindings for SRTP support (#4099) | Jeremy Lainé | 2018-02-06 | 1 | -0/+3 | |
| | | ||||||
| * | memory leak changelog (#4097) | Paul Kehrer | 2018-02-05 | 1 | -0/+2 | |
| | | ||||||
| * | fix a memory leak in ec derive_private_key (#4096) | Paul Kehrer | 2018-02-04 | 2 | -2/+11 | |
| | | | | | | | | | * fix a memory leak in ec derive_private_key fixes #4095 * pep8! | |||||
| * | Add bindings for DTLS support (#4089) | gesslerpd | 2018-01-23 | 3 | -0/+30 | |
| | | | | | | | | | | | | | | | | | * + more DTLS bindings * + BIO_CTRL_DGRAM* * + read ahead functions * rm BIO_CTRL_DGRAM_SET_PEEK_MODE * rm BIO_CTRL_DGRAM_SET_DONT_FRAG * + link mtu conditional logic * rm some BIO_CTRL_DGRAM* bindings | |||||
| * | Add bindings for PSK (#4084) | gesslerpd | 2018-01-18 | 2 | -1/+53 | |
| | | | | | | | | | | | * + PSK function bindings * + PSK conditional * trigger CI * trigger CI | |||||
| * | Add bindings for SSL_OP_NO_DTLS* (#4079) | gesslerpd | 2018-01-16 | 3 | -1/+7 | |
| | | | | | | | | | * + bindings for SSL_OP_NO_DTLS* * + conditional for not HAS_GENERIC_DTLS_METHOD * flag SSL_OP_NO_DTLS* for unsupported deletion | |||||
| * | Use the real X509_REVOKED_dup when available. (#4080) | David Benjamin | 2018-01-12 | 1 | -0/+4 | |
| | | | | This avoids reaching into the ASN1_ITEM mess if not necessary. | |||||
| * | temporarily pin cffi to avoid bug related to virtualenv (#4083) | Paul Kehrer | 2018-01-12 | 1 | -1/+1 | |
| | | | | | | | * temporarily pin cffi to avoid bug related to virtualenv * right, don't duplicate the name | |||||
| * | Fixes #4076 - simplify the implementation of int_from_bytes on python2 (#4077) | Alex Gaynor | 2018-01-10 | 2 | -2/+3 | |
| | | | | | | | | | * Fixes #4076 - simplify the implementation of int_from_bytes on python2 * whitespace * Added a test | |||||
| * | Add a Versioning section to the API stability docs (#4027) | David Tucker | 2018-01-07 | 2 | -4/+21 | |
| | | ||||||
| * | Fixed import path in go script (#4075) | Alex Gaynor | 2018-01-06 | 1 | -1/+1 | |
| | | ||||||
| * | The HKDF limit is actually 255 * digest_length_in_bytes (#4037) | Paul Kehrer | 2018-01-06 | 3 | -3/+22 | |
| | | | | | | | | | | | | * The HKDF limit is actually 255 * digest_length_in_bytes Previously we had a bug where we divided digest_size by 8...but HashAlgorithm.digest_size is already in bytes. * test longer output * changelog | |||||
| * | add 1200 byte HKDF test vector and a generator/verifier for it (#4074) | Paul Kehrer | 2018-01-06 | 5 | -2/+149 | |
| | | | | | | | | | * add 1200 byte HKDF test vector and a generator/verifier for it * exit non-zero when failing * ugh | |||||
| * | Drop conda workaround from installation docs (#4073) | Alex Gaynor | 2018-01-06 | 1 | -23/+0 | |
| | | | | I don't think it's relevant anymore | |||||
| * | Use `BN_clear_free` in places where `BN_free` is being used (#4072) | Tux | 2018-01-05 | 1 | -2/+2 | |
| | | | | | | | | | | | * Expose BN_clear_free * Use BN_clear_free in test_int_to_bn * Use BN_clear_free in lieu of BN_free * Use BN_free on public values | |||||
| * | Expose `BN_clear_free` in the OpenSSL backend (#4071) | Tux | 2018-01-05 | 2 | -1/+2 | |
| | | | | | | | * Expose BN_clear_free * Use BN_clear_free in test_int_to_bn | |||||
| * | just a quick confirmation that it really is an x25519 evp key (#4070) | Paul Kehrer | 2018-01-05 | 3 | -0/+13 | |
| | | | | | | | * just a quick confirmation that it really is an x25519 evp key * openssl assert. take that python -O | |||||
| * | DH interfaces existed in 0.9 but we didn't implement until 1.7 (#4068) | Paul Kehrer | 2018-01-05 | 1 | -9/+7 | |
| | | | | | | | * DH interfaces existed in 0.9 but we didn't implement until 1.7 * sigh empty | |||||
| * | grammar nit, use a comma here (#4066) | Alex Gaynor | 2017-12-29 | 1 | -1/+1 | |
| | | ||||||
| * | Fixed #4039 -- added a python_requires to setup.py (#4064) | Alex Gaynor | 2017-12-26 | 1 | -0/+2 | |
| | | ||||||
| * | Fixed #4006 -- bind functions for dealing with sigalgs (#4063) | Alex Gaynor | 2017-12-26 | 2 | -0/+23 | |
| | | | | | | | * Fixed #4006 -- bind functions for dealing with sigalgs * oops | |||||
| * | bump libressl version (#4062) | Alex Gaynor | 2017-12-25 | 1 | -1/+1 | |
| | | ||||||
| * | Add import default backend (#4061) | Pablo Lefort | 2017-12-20 | 1 | -0/+1 | |
| | | | | | | | * Add import default backend * Revert blank line in | |||||
| * | Fixed #4058 -- use the thread-safe API from OpenSSL, not the danger one (#4059) | Alex Gaynor | 2017-12-18 | 3 | -7/+7 | |
| | | ||||||
| * | remove whirlpool vectors since we no longer support whirlpool (#4054) | Paul Kehrer | 2017-12-10 | 2 | -73/+0 | |
| | | ||||||
| * | Don't use whirlpool as an example (#4053) | Alex Gaynor | 2017-12-11 | 1 | -1/+1 | |
| | | | | | | Both because it's weirdo crypto, but also because we don't even support it. Adhere to our documented policy of using good crypto for all examples | |||||
| * | Fixed 120 warnings from the RSA tests (#4052) | Alex Gaynor | 2017-12-11 | 1 | -9/+6 | |
| | | | | | | | * Fixed 120 warnings from the RSA tests * typo | |||||
| * | Fixed DSA tests to not emit 200 warnings (#4050) | Alex Gaynor | 2017-12-10 | 1 | -8/+2 | |
| | | ||||||
| * | update the ec tests to not emit 3000 warnings (#4048) | Alex Gaynor | 2017-12-10 | 1 | -11/+12 | |
| | | ||||||
| * | In RSA test vectors, use verify() to avoid warnings (#4047) | Alex Gaynor | 2017-12-10 | 1 | -8/+14 | |
| | | | | | | | * In RSA test vectors, use verify() to avoid warnings * whoops | |||||
| * | Use the latest OpenSSL in travis tests (#4045) | Alex Gaynor | 2017-12-08 | 1 | -3/+3 | |
| | | ||||||
| * | Fixed deprecation warnings in x509 tests (#4040) | Alex Gaynor | 2017-12-04 | 1 | -26/+18 | |
| | | ||||||
| * | Pass the right length of null bytes when no salt is provided to HKDF (#4036) | Paul Kehrer | 2017-12-01 | 1 | -1/+1 | |
| | | | | | | | This bug looks bad but ends up being benign because HMAC is specified to pad null bytes if a key is too short. So we passed too few bytes and then OpenSSL obligingly padded it out to the correct length. However, we should still do the right thing obviously. | |||||
| * | Fix ASN1 string type encoding for several Name OIDs (#4035) | Paul Kehrer | 2017-11-30 | 2 | -23/+150 | |
| | | | | | | | | | | | | | | | | | | | | * Fix ASN1 string type encoding for several Name OIDs When we changed over to the new type encoding system we didn't verify that the new code exactly matched the ASN1 string types that OpenSSL was previously choosing. This caused serialNumber, dnQualifier, emailAddress, and domainComponent to change from their proper encodings to UTF8String as of version 2.1. Now we check to see if there's a sentinel value (indicating no custom type has been passed) and then check if the OID has a different default than UTF8. If it does, we set it. This PR also adds tests for the ASN1 string type of ever supported NameOID. * review feedback | |||||
| * | port changelog for 2.1.4 to master (#4031) | Paul Kehrer | 2017-11-29 | 1 | -0/+7 | |
| | | ||||||
| * | add X509_up_ref (#4028) | Paul Kehrer | 2017-11-28 | 1 | -0/+5 | |
| | | ||||||
| * | pytest 3.3.0 has an issue with parametrized null bytes again (#4026) | Paul Kehrer | 2017-11-28 | 1 | -1/+1 | |
| | | ||||||
| * | fix typo in comment (#4019) | Benjamin Peterson | 2017-11-13 | 1 | -1/+1 | |
| | | ||||||
| * | nit: remove double space in deprecation warning (#4018) | Alex Gaynor | 2017-11-11 | 1 | -2/+2 | |
| | | ||||||
| * | Use a different warning class so users get warnings (#4014) | Alex Gaynor | 2017-11-11 | 7 | -27/+36 | |
| | | | | | | | | | | | | | * Use a different warning class so users get warnings * fixed tests * do our own warning class * typo * flake8 | |||||
| * | nit in LICENSE, itself doesn't make sense here (#4016) | Alex Gaynor | 2017-11-10 | 1 | -2/+1 | |
| | | | | | | | * nit in LICENSE, itself doesn't make sense here * more cleanup | |||||
| * | bump libressl version (#4012) | Alex Gaynor | 2017-11-07 | 1 | -1/+1 | |
| | | ||||||
| * | forward port changelog (#4009) | Alex Gaynor | 2017-11-02 | 1 | -0/+8 | |
| | | ||||||
| * | Fix a few new flake8 issues (#4008) | Alex Gaynor | 2017-11-02 | 3 | -3/+0 | |
| | | ||||||
| * | Link to how to report a security issue in our readme (and therefore on pypi) ↵ | Alex Gaynor | 2017-10-28 | 1 | -0/+7 | |
| | | | | | (#4002) | |||||
 |
index : cloud-email/cryptography | |
| python cryptography | James |
| aboutsummaryrefslogtreecommitdiffstats |