| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
NIST has updated the vectors to cover the bug we had. Let's use those
vectors. Thanks NIST!
|
| | |
|
| |
|
|
| |
https://github.com/awslabs/aws-encryption-sdk-python/pull/46 (#4185)
|
| |
|
| |
So here we need to make sure we don't simply include windows but only the parts that we want
|
| |
|
|
|
|
|
|
| |
* add X509_NAME_print_ex
* Addressing code review
+ removed comment from bindings regarding deprecation of _print_oneline
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Raise a ValueError when conversion to generalizedtime fails
* added test for badasn1time value error
* pep8 compliance
* Addressing code review
+ VE now raises with ```{!r}``` formatting
+ Test now checks that the bad string made it into the VE message
* using ValueError.match
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* Added badtime.pem vector
In connection with forthcoming PR to fix #4158
* shortened line, corrected and->and
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* Add urllib3 to downstream tests
* empty commit
* remove a suffix
|
| | |
|
| |
|
|
|
|
| |
* fix bug with n % 8 length wrapping on AESKWP
* review feedback
|
| |
|
|
|
| |
This breaks the urllib3 tests, as well as several in-the-wild certs
This reverts commit 388d1bd3e9cd953fcc948edbc152d5d140c87eb8.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* 2.2 release!
* also change versions
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* implement AES KW with padding (RFC 5649)
fixes #3791
* oops, 2.2
* make sure this is the right valueerror
* more match
* make key padding easier to read
* review feedback
* review feedback
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* change our manylinux1 and macos wheel builders to build limited api
pip does not currently support the--py-limited-api cli flag that wheel
uses so we have to switch to downloading and then building via
setup.py bdist_wheel for now.
However, we can get rid of everything but the py34 builder on
mac/linux/linux32, saving us 6 wheels now (and soon 9 with the release
of python 3.7)
* some newlines
* review feedback
|
| | |
|
| |
|
|
|
|
|
|
| |
* load Q=224 vectors
* DSA parameters should support 224 for q length
* oxford comma
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* added brainpool ec-curves key_length >= 256bit
* limit brainpool curves to the set that appear required + docs
* oops
* typos all around me
* add brainpool ECDH kex tests
* switch to using rfc 7027 vectors
* review feedback
* empty commits are the best
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* install only the minimum required to build our docs for rtd
We don't need to install sphinxcontrib-spelling or doc8 in rtd.
* move another package
|
| |
|
|
|
|
|
|
| |
The ouput of execstack -q is one line per file, either:
- starting with a '-' (dash) if the file does not require an executable stack
- start with an 'X' if the file *does* require an executable stack
We check there are no files which require an executable stack.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
* Remove unused bindings from asn1.py
This also includes a couple removals from x509v3.py which also reference
ASN1_ITEM_EXP.
* re-add int ASN1_STRING_set_default_mask_asc(char *);
* also re-add static const int MBSTRING_UTF8
|
| |
|
|
|
|
| |
* don't allow GeneralNames to be an empty list
* flake8
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
| |
they're probably important, let's not break them.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently we only expose SSL_get_peer_certificate, which allows you
to retrieve the remote party's certificate. This adds the symetrical
binding to retrieve the local party's certificate.
The motivation for this additional binding is to make it possible to
query the local certificate regardless of the method which was used to
load the certificate into the SSL connection (from a file, from an
in-memory object). An example where this is useful is when negotiating
a DTLS-SRTP connection, the fingerprint of the local certificate needs
to be communicated to the remote party out-of-band via SDP.
This binding can be exposed in pyopenssl as Connection.get_certificate().
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* fix a memory leak in ec derive_private_key
fixes #4095
* pep8!
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* + more DTLS bindings
* + BIO_CTRL_DGRAM*
* + read ahead functions
* rm BIO_CTRL_DGRAM_SET_PEEK_MODE
* rm BIO_CTRL_DGRAM_SET_DONT_FRAG
* + link mtu conditional logic
* rm some BIO_CTRL_DGRAM* bindings
|
| |
|
|
|
|
|
|
|
|
| |
* + PSK function bindings
* + PSK conditional
* trigger CI
* trigger CI
|
| |
|
|
|
|
|
|
| |
* + bindings for SSL_OP_NO_DTLS*
* + conditional for not HAS_GENERIC_DTLS_METHOD
* flag SSL_OP_NO_DTLS* for unsupported deletion
|
| |
|
| |
This avoids reaching into the ASN1_ITEM mess if not necessary.
|
| |
|
|
|
|
| |
* temporarily pin cffi to avoid bug related to virtualenv
* right, don't duplicate the name
|
