aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* 1.0.2i changed the way COMP_METHOD is exported if NO_COMP is set (#3162)Paul Kehrer2016-09-223-2/+9
| | | | | | | | | | * 1.0.2i changed the way COMP_METHOD is exported if NO_COMP is set * add a comment explaining why we changed this * 1.0.2i handles NUMERICSTRING properly now so need only test < 1.0.2i * needs to be visible
* fix warnings in cffi 1.8.3 due to wrong buffer types (#3155)Paul Kehrer2016-09-215-6/+6
|
* re-add setuptools resolve vs load workaround (#3150)Paul Kehrer2016-09-141-1/+7
| | | | | | * re-add setuptools resolve vs load workaround * add deprecatedin tag so we can find this easier
* Fixed #3141 -- link some install docs in the readme (#3146)Alex Gaynor2016-09-121-0/+9
|
* Update Python 3s & limit pyenv history cloned (#3145)Hynek Schlawack2016-09-121-5/+5
|
* Fixed #3143 -- added the mandatory serial number parameter (#3144)Alex Gaynor2016-09-091-0/+2
|
* Fix typo in `symmetric-encryption.rst` (#3138)Alex Chan2016-09-041-1/+1
|
* fix memory leak reported in #3134 (#3135)Paul Kehrer2016-09-041-0/+4
|
* Clarified Windows development installation and docd upstream enchant bug (#3128)Nick Badger2016-09-032-6/+17
| | | | | | | | * Clarified Windows development installation and doc'd upstream enchant bug * Fixed whitespace problems * Fixed merge resolution mistake
* make this test assert the right thing. (#3133)Alex Gaynor2016-09-031-1/+2
| | | right now it just always skips
* support random_serial_number in the CertificateBuilder (#3132)Paul Kehrer2016-09-035-8/+47
| | | | | | | | | | * support random_serial_number in the CertificateBuilder * turns out pytest's monkeypatch has an undo * random_serial_number now a function * just certs
* Add bounds checking for Scrypt parameters. (#3130)Terry Chia2016-09-023-0/+30
| | | | | | | | | | * Add bounds checking for Scrypt parameters. * Pep8. * More PEP8. * Change wording.
* fix inconsistency in utilization of block_size in openssl cipher impl (#3131)Paul Kehrer2016-09-021-7/+6
| | | | | | | | | * fix inconsistency in utilization of block_size in openssl cipher impl Previously we over-allocated our buffers because we treated a bit size as bytes. * rename property
* Scrypt Implementation (#3117)Terry Chia2016-09-0111-3/+359
| | | | | | | | | | | | | | | | | | | | | | | | * Scrypt implementation. * Docs stuff. * Make example just an example and not a doctest. * Add changelog entry. * Docs cleanup. * Add more tests. * Add multibackend tests. * PEP8. * Add docs about Scrypt parameters. * Docs cleanup. * Add AlreadyFinalized.
* add support for signature_algorithm_oid to cert, CSR, and CRL (#3124)Paul Kehrer2016-08-316-33/+133
| | | | | | * add support for signature_algorithm_oid to cert, CSR, and CRL * refactor _SIG_OIDS_TO_HASH to use ObjectIdentifiers and use that
* Add myself in the authors file (#3126)Simo Sorce2016-09-011-0/+1
| | | Signed-off-by: Simo Sorce <simo@redhat.com>
* fix an overindented line. not sure why our linters didn't catch this (#3123)Paul Kehrer2016-08-301-1/+1
|
* some docs cleanups + changelog (#3122)Alex Gaynor2016-08-302-3/+4
|
* Add a register_interface_if decorator. (#3120)Terry Chia2016-08-292-1/+36
| | | | | | | | * Add a register_interface_if decorator. * Add tests. * PEP 8.
* Mention that blake2 is not vulnerable to length-extension attacks (#3118)Alex Gaynor2016-08-292-1/+5
| | | | | | | | * Mention that blake2 is not vulnerable to length-extension attacks * SHA is sort of like a word, in the sense that I want the spellcheck to shut up about it * rephrase
* blake2b/blake2s support (#3116)Paul Kehrer2016-08-287-4/+174
| | | | | | | | | | | | | | | | | | | | | | | | | * blake2b/blake2s support Doesn't support keying, personalization, salting, or tree hashes so the API is pretty simple right now. * implement digest_size via utils.read_only_property * un-keyed for spelling's sake * test copying + digest_size checks * unkeyed is too a word * line wrap * reword the docs * use the evp algorithm name in the error This will make BLAKE2 alternate digest size errors a bit less confusing * add changelog entry and docs about supported digest_size
* Scrypt bindings (#3114)Terry Chia2016-08-272-0/+17
| | | | | | | | | | | | | | * Add Scrypt bindings. * Add check for OPENSSL_NO_SCRYPT. * Fix CUSTOMIZATIONS. * Account for LibreSSL. * Remove argument names. * Remove more argument names.
* Refs #3002 -- clearly document that OpenSSL 1.0 support will be removed in ↵Alex Gaynor2016-08-272-4/+4
| | | | the next release. (#3113)
* Reopen master for 1.6 (#3112)Alex Gaynor2016-08-273-2/+7
|
* update changelog and bump version for 1.5 release (#3111)Paul Kehrer2016-08-263-6/+4
|
* OpenSSL 1.1.0 support (#2826)Paul Kehrer2016-08-269-9/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * make pre5 work * add a blank line to make the diff happier * 1.1.0-pre6 working * support the changes since 1.1.0-pre6 * fixes * add 1.1.0 to travis * expose the symbol * better testing for numericstring * handle libre... * actually use the 1.1.0 we compile * cache the ossl-110 dir on travis * add some newlines * changelog entry for 1.1.0 support * note that we test on 1.1.0 * proper skip on this test * reorder
* be a bit more robust about detecting locking callback declarations (#3107)Paul Kehrer2016-08-261-3/+11
|
* remove a few more unneeded and no longer extant functions for 1.1.0 (#3110)Paul Kehrer2016-08-262-3/+0
|
* opaque structs for 1.1.0 compatibility (#3109)Paul Kehrer2016-08-263-48/+9
| | | We're so close.
* Allow passing iterators where collections are expected (#3078)Marti2016-08-264-42/+154
| | | | | | | | | | | | | | Iterators can only be enumerated once, breaking code like this in Python 3 for example: san = SubjectAlternativeName(map(DNSName, lst)) This is also a slight behavior change if the caller modifies the list after passing it to the constructor, because input lists are now copied. Which seems like a good thing. Also: * Name now checks that attributes elements are of type NameAttribute * NoticeReference now allows notice_numbers to be any iterable
* remove two more constants that no longer exist and we don't use (#3101)Paul Kehrer2016-08-252-2/+0
|
* two more functions that became const, one removed that we don't use (#3102)Paul Kehrer2016-08-251-4/+6
|
* constify and reorder getter args (#3103)Paul Kehrer2016-08-242-21/+28
| | | | | | | | | | * constify more things in x509 and reorder a few func args Post pre6 they changed some function argument order... * fix the function arg order where we call it * still need arg names when implementing the function...whoops
* constify x509name functions (#3104)Paul Kehrer2016-08-241-8/+12
|
* const some more ASN1 (#3100)Paul Kehrer2016-08-241-2/+2
|
* Fix docs to clarify the less than 256 limit for Padding(). (#3099)Terry Chia2016-08-241-2/+2
| | | | | | * Fix docs to clarify the less than 256 limit. * Add "inclusive".
* CertificateBuilder accepts aware datetimes for not_valid_after and ↵InvalidInterrupt2016-08-166-0/+130
| | | | | | | | | | | | | | | | | | | not_valid_before (#2920) * CertificateBuilder accepts aware datetimes for not_valid_after and not_valid_before These functions now accept aware datetimes and convert them to UTC * Added pytz to test requirements * Correct pep8 error and improve Changelog wording * Improve tests and clarify changelog message * Trim Changelog line length * Allow RevokedCertificateBuilder and CertificateRevocationListBuilder to accept aware datetimes * Fix accidental changelog entry
* There is no 0.9.8, only Zuul (#3094)Alex Gaynor2016-08-171-1/+0
|
* ERR_load_RAND_strings changed function signature in 1.1.0 (#3093)Paul Kehrer2016-08-161-1/+6
| | | | | | | | * ERR_load_RAND_strings changed function signature in 1.1.0 Here is a hack to avoid breaking pyOpenSSL. * not sure how I managed that. I blame vim
* move functions that were const-ified in 1.1.0-pre6 (#3090)Paul Kehrer2016-08-163-19/+33
|
* OPENSSL_no_config is a macro in 1.1.0 (#3091)Paul Kehrer2016-08-161-1/+2
|
* BIO_set has been removed in 1.1.0 (#3092)Paul Kehrer2016-08-161-1/+0
| | | Since we aren't using it bye bye
* Update example code to use recommended 160 bits (#3088)Dave Brondsema2016-08-161-2/+2
| | | I found the examples with `os.urandom(16)` generated URIs that Google Authenticator and Duo two-factor apps did not even recognize as supported. This increases the key to the recommended 160 bits, and the URIs now work with both of those apps.
* Update installation.rst (#3083)Akan Brown2016-08-081-1/+1
|
* Attempt to debug wacky failures on the docs build on OS X (#3085)Alex Gaynor2016-08-092-0/+8
| | | | | | | | | | | | | | | | * empty commit * only run this one build * try pinning this * why wasn't this installed? * revert this * english, how does it work? * roll back these changes
* Add recommendation about terminology (#3079)Gabriel Orisaka2016-08-021-0/+5
|
* Disallow X509 certificate serial numbers bigger than 159 bits (#3064) (#3067)Коренберг Марк2016-08-023-13/+89
|
* Add code style settings, new excludes, run 'test_x509_ext (Py3)' (#3041)Marti2016-08-022-5/+54
| | | | | | Fix DNSName wildcard encoding for NameConstraints Previously '.example.com' would get normalised to 'example.com', making it impossible to add wildcard NameConstraints.
* Update CHANGELOG.rst with #3063 (#3070)Maximilian Hils2016-07-311-0/+2
|
* Remove provider language from docs (#3072)Gabriel Orisaka2016-07-319-70/+56
|