| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
| |
This adds the ability to retrieve the selected SRTP protection profile
after the DTLS handshake completes. This is needed to perform the
correct key derivation if multiple profiles were offered.
|
| |
|
|
|
|
| |
* add signature_hash_algorithm to OCSPResponse
* fix pointless asserts
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* HTTPS a bunch of links in random places
* What the heck happened here?
|
| |
|
|
|
|
| |
* Sphinx's website is now https
* Sphinx's website is now https
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Linux (#4656)
* Fixes #4645 -- select() on /dev/random before reading from /dev/urandom on linux
* whoops
* Missing header
* whoops
* Review notes
* Potential uninitialized fix
* Signals are literally impossible
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Improve error message for unsupported ciphers
* fix spacing
* include the openssl version number in the message
* backwards
* pep8
|
| |
|
|
|
|
|
|
| |
* Support compressed points in the wycheproof tests
* Handle entries with no public key
* Ok, let's try this
|
| |
|
|
|
|
| |
* handle empty byte string in from_encoded_point
* move the error
|
| |
|
|
|
|
| |
* Fedora has rev'd it's Python to 3.7
* here too
|
| |
|
|
|
|
| |
RFC 4514 does not explicitly allow whitespace between separators:
https://tools.ietf.org/html/rfc4514
Reported-by: David Arnold <dar@xoe.solutions>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* compressed point support
* refactor to use oct2point directly
* small docs change
* remove deprecation for the moment and a bit of review feedback
* no backend arg, implicitly import it
* missed a spot
* double oops
* remove superfluous call
* use refactored method
* use vector file
* one last item
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* ec key creation by curve name refactored into a method
* typo
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* allow bytearrays for key/iv for symmetric encryption
* bump pypy/cffi requirements
* update docs, fix some tests
* old openssl is naught but pain
* revert a typo
* use trusty for old pypy
* better error msg again
* restore match
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* PoC code for check PEM wrap
* Remove PoC check wrap code
* Add PEM file info to FAQ
* Add FAQ/PEM link in exception message
* Fix flake8 style issues
* refactor, update language
* it's really amazing how bad the spell checker is
* review feedback
* change to etc
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Updated BLAKE2s and BLAKE2b error messages from unsupportedalgorithm exception to an explicit error.
The error is now "ValueError: Digest size must be 32" (or 64 for BLAKE2b)
This was done to give a more contextual error message and should be in place until OpenSSL supports variable lengths.
* Updated if statements in hashes.py so that they no longer wrap to separate line.
Updated test_hashes.py to unclude a test for non 32 or 64 digest_sizes that fall between 0-32/64.
* Removed the new tests in test_hashes.py as the old ones were satisfactory. This also solved misaligned tabs and spaces.
* Removed dead code in hashes.py that could no longer be reached after error message updates.
* pep8 fix
* remove superfluous parens
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Raise MemoryError when backend.derive_scrypt can't malloc enough
* Expose ERR_R_MALLOC_FAILURE and use the reason_match pattern to catch it
* Add test_scrypt_malloc_failure in test_scrypt
* let's see if this passes
* add comment to filippo's blog post about scrypt's params
|
| |
|
|
| |
(#4304)
|
| |
|
|
|
|
|
|
|
|
| |
* remove idna as a primary dependency
* empty commit
* dynamodb test fix (thanks to Matt Bullock)
* review feedback
|
| | |
|
| | |
|
| |
|
| |
this will make life a bit easier when we support bytearrays
|
| |
|
|
|
|
|
|
| |
* switch osrandom engine to blocking mode when getting entropy
* review feedback
* we can remove this too
|
| | |
|
| |
|
|
|
|
|
|
| |
* refactor some code into separate functions in asn1 encode
this will be useful in IDP encoding
* review feedback
|
| |
|
|
| |
RDNs can have multiple values. This allows them in FreshestCRL and
upcoming IssuingDistributionPoint encoding support.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* IssuingDistributionPoint support
h/t to Irina Renteria for the initial work here
* python 2 unfortunately still exists
* py2 repr
* typo caught by flake8
* add docs
* review feedback
* reorder args, other fixes
* use the alex name
* add changelog
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* PKCS12 parsing support
* running all the tests is so gauche
* rename func
* various significant fixes
* dangerous idiot here
* move pkcs12
* docs updates
* a bit more prose
|
| |
|
|
|
|
|
|
| |
* fix certbot downstream, show commit hash for all downstreams
* Update aws-encryption-sdk.sh
* lol
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* Move SSH serialization to it's own file
* flake8
|
| |
|
|
|
|
| |
* refactor serialization into a package so we can add a pkcs12 module
* oops
|
