aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* blacklist yet another version of sphinx (#3940)Alex Gaynor2017-09-261-1/+1
|
* FreshestCRL extension support (#3937)Paul Kehrer2017-09-238-7/+344
| | | | | | | | | | * add freshest CRL support * add tests * add changelog * add tests for FreshestCRL generation
* support delta crl indicator extension (#3936)Paul Kehrer2017-09-2210-5/+121
| | | This is an extension for CRLs
* refactor rsa signature/verification logic to remove duplication (#3903)Paul Kehrer2017-09-211-91/+34
|
* parametrize a bunch of x509 extension tests that were identical (#3931)Paul Kehrer2017-09-211-377/+139
|
* docs for what bytes means for DNSName, URI, and RFC822Name (#3904)Paul Kehrer2017-09-202-9/+41
|
* add Freshest CRL and Delta CRL Indicator test vectors (#3932)Paul Kehrer2017-09-203-0/+34
|
* Mark our custom sphinx extension as parallel safe (#3935)Alex Gaynor2017-09-201-0/+4
|
* correct the docs for CRLReason (#3930)Paul Kehrer2017-09-201-2/+1
|
* Switch NIST PDFs from nvlpubs to csrc which is HTTPS (#3929)Alex Gaynor2017-09-205-8/+8
|
* disable travis mac builders and add a mac jenkins build (#3933)Paul Kehrer2017-09-202-41/+41
| | | | we'll re-enable mac builders when travis recovers and remove the jenkins build
* Update the rest of the NIST urls to their new HTTPS homes (#3928)Alex Gaynor2017-09-203-4/+4
|
* add unique identifier test vector (#3925)Paul Kehrer2017-09-192-2/+15
| | | | | | * add unique identifier test vector * wrap a line I didn't even touch...
* remove py26 windows and macOS wheels (#3921)Paul Kehrer2017-09-191-5/+3
| | | The wheel package is starting to drop support and download counts for them represent less than .02% of downloads for the month.
* Update PKITS link (#3923)Alex Gaynor2017-09-201-1/+1
|
* Update NIST CAVP url (#3922)Alex Gaynor2017-09-191-1/+1
|
* bump libressl version (#3920)Alex Gaynor2017-09-151-1/+1
|
* add chacha20 test vectors from RFC 7539 (#3918)Paul Kehrer2017-09-142-0/+24
|
* implement __hash__ on DistributionPoint and CRLDistributionPoints (#3915)Paul Kehrer2017-09-132-0/+90
|
* add __hash__ to GeneralNames, SAN, IAN, and CertificateIssuer (#3916)Paul Kehrer2017-09-132-0/+46
|
* add __hash__ to PolicyConstraints and Extension (#3917)Paul Kehrer2017-09-132-0/+34
|
* implement __hash__ on KeyUsage and ExtendedKeyUsage (#3913)Paul Kehrer2017-09-132-0/+60
| | | | | | * implement __hash__ on KeyUsage and ExtendedKeyUsage * properly use private values and alter test to catch that bug
* implement __hash__ on CertificatePolicies and its child classes (#3914)Paul Kehrer2017-09-132-0/+62
|
* add aki hash (#3910)Paul Kehrer2017-09-132-1/+19
| | | | | | | | | | * Implement __hash__ on AuthorityKeyIdentifier * Adding dirname to fix build issue on AuthorityKeyIdentifier test * .authority_cert_issuer to str * use a tuple and not a str repr
* name constraints __hash__ (#3912)Paul Kehrer2017-09-132-0/+34
|
* AIA hashing (#3911)Paul Kehrer2017-09-132-0/+37
|
* remove u-label conversion during general name decode (#3905)Paul Kehrer2017-09-131-49/+4
| | | | We support directly passing bytes now and these code paths are duplicated in the deprecated value attributes.
* fix a bug with URI value when parsing a string with no hostname (#3909)Paul Kehrer2017-09-133-6/+9
| | | | | strings of the form "scheme:///anything" would incorrectly have two slashes dropped. This is fixed in two code paths in this PR but one of those code paths will be entirely removed in a followup PR.
* implement __hash__ on all GeneralName types (#3907)Paul Kehrer2017-09-132-2/+58
| | | Needed to implement __hash__ on AuthorityKeyIdentifier
* coverage pin test part deux (#3908)Paul Kehrer2017-09-123-1/+6
| | | | | | * we pinned coverage for xml generation...let's try everywhere * add so many comments
* compare against bytes values, not the U-label decoded ones (#3906)Paul Kehrer2017-09-122-2/+7
| | | | We need to add one small test to cover a case that is no longer covered with this switch.
* add a faq note about having a compiler that is too old (#3902)Paul Kehrer2017-09-111-0/+9
| | | | | | | | | * add a faq note about having a compiler that is too old Also add a bit of text explaining what to do on OpenBSD 6.1 and earlier since that is the most likely place this will occur. * I always forget it spell checks titles
* refactor AES keywrap into a wrap core and unwrap core (#3901)Paul Kehrer2017-09-111-23/+30
| | | | | | | | * refactor AES keywrap into a wrap core and unwrap core This refactor makes adding AES keywrap with padding much simpler. * remove an unneeded arg
* [WIP] add support for the TLSFeature extension in x509 (#3899)Paul Kehrer2017-09-109-10/+258
| | | | | | | | | | | | | | | | | | * add support for the TLSFeature extension in x509 This extension is used for OCSP Must-Staple. * fix changelog link * pep8 * refactor to support the sequence properly and add status_request_v2 * update some language * add test vector, implement eq/ne/hash on TLSFeature * address review comments
* RSA OAEP label support for OpenSSL 1.0.2+ (#3897)Paul Kehrer2017-09-085-18/+153
| | | | | | | | | | * RSA OAEP label support for OpenSSL 1.0.2+ * changelog * move around tests, address review feedback, use backend supported method * unsupported padding catches this now
* add X509 test vector with a TLS Feature (RFC 7633) extension (#3898)Paul Kehrer2017-09-082-0/+36
|
* oaep label vector (#3895)Paul Kehrer2017-09-072-0/+10
| | | | | | | | | | * oaep label vector * add count so we can use the nist vector loader * add RSA key from the boring vectors as well https://boringssl.googlesource.com/boringssl/+/ce3773f9fe25c3b54390bc51d72572f251c7d7e6/crypto/evp/evp_tests.txt#8
* add initial OCSP request test vector (#3890)Paul Kehrer2017-09-072-0/+5
|
* add set0_rsa_oaep_label binding (#3894)Paul Kehrer2017-09-072-0/+17
|
* move x509 tests into a module (#3889)Paul Kehrer2017-09-066-12/+12
| | | | | | | | | | | * move x509 tests into a module This is just to make grouping things like test_ocsp, etc a bit simpler in the future * fix path * pep8
* add OCSP binding for obtaining information from CertID structure (#3888)Paul Kehrer2017-09-061-0/+2
| | | | | | * add OCSP binding for obtaining information from CertID structure * empty commit
* send a few more variables to distinguish our jobs in codecov (#3892)Paul Kehrer2017-09-061-3/+3
| | | | | | * send a few more variables to distinguish our jobs in codecov * put the labels in the right places
* added binding support for rfc 5705 (#3878)Kelby Ludwig2017-08-291-0/+2
| | | | | | | | | | | | | | * added binding support for rfc 5705 * WIP: testing some cffi updates * added openssl version check * updated cffi defs to align with pep8 * removed superfluous version checks * remove more unecessary boilerplate
* Switch to using the other style of environment markers (#3796)Alex Gaynor2017-08-242-11/+9
| | | | | | | | * Switch to using the other style of environment markers * We don't do py3.3 any more! * changelog
* Document that we care about our infrastructure's security as well (#3874)Alex Gaynor2017-08-241-0/+8
|
* add blake2b/blake2s support for hmac (#3873)Paul Kehrer2017-08-223-5/+35
| | | | | | | | | | * add blake2b/blake2s support for hmac This was a bug, but it turns out the noise protocol suggests using the HMAC construction with BLAKE2 (rather than BLAKE2's own keyed functionality) for a few reasons, so we should support it. * actually test the thing
* Remove branches for 1.0.2 betas. (#3870)Alex Gaynor2017-08-203-8/+6
| | | There's no sense in which we actually support them
* Fix `load_rsa_public_numbers` documentation (#3871)David Sanders2017-08-201-1/+1
|
* Fix mistake in `RSAPublicKey.verify` documentation (#3872)David Sanders2017-08-201-1/+1
|
* add test vector with invalid basicconstraints (#3866)Paul Kehrer2017-08-153-0/+38
| | | | | | * add test vector with invalid basicconstraints * sigh
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-30 03:51:17 +0000