| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
| |
* update pythons and pypy, a little prep for pypy3 in CI again
* slightly renamed
* oops
* pypy renames all around
|
| |
|
| |
fixes #3704
|
| |
|
| |
Fix misworded guidance for how to serialize a private key to bytes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* early days
* sort of working
* more things
* remove private_bytes
* public bytes, interface fix
* load public keys
* x25519 support basically done now
* private_bytes is gone
* some reminders
* doctest this too
* remove a thing that doesn't matter
* x25519 supported checks
* libressl has the NID, but a different API, so check for OpenSSL
* pep8
* add missing coverage
* update to use reasons
* expand test a little
* add changelog entry
* review feedback
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* chacha20poly1305 support
* add chacha20poly1305 backend and some fixes
* refactor
* forgot to remove this
* pep8
* review feedback and a lot of type/value checking
* review feedback
* raise unsupportedalgorithm when creating a ChaCha20Poly1305 object
if it's not supported.
* switch to ciphertext||tag
* typo
* remove a branch we don't need
* review feedback
* decrypts is *also* a word
* use reasons
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* compile all our mac builds against 1.1.0 in travis
* Just install
* try this why not
* ...
* of course
* upgrade the existing openssl
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* bind even more evp
* oops
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* add EVP_PKEY_keygen and EVP_PKEY_keygen_init for x25519/ed25519
* add a few more bindings we'll need for X25519
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* document invalidtag
* move invalidtag
|
| |
|
|
|
|
|
|
| |
* add ChaCha20Poly1305 test vectors from OpenSSL/RFC7539
* add the boringssl tests as well
* highlight the lines
|
| | |
|
| |
|
| |
I have no idea what this meant
|
| |
|
|
| |
the release script (#3671)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Stub API for SCTs, feedback wanted
* grr, flake8
* finish up the __init__
* Initial implementation and tests
* write a test. it fails because computer
* get the tests passing and fix some TODOs
* changelog entry
* This can go now
* Put a skip in this test
* grump
* Removed unreachable code
* moved changelog to the correct section
* Use the deocrator for expressing requirements
* This needs f for the right entry_type
* coverage
* syntax error
* tests for coverage
* better sct eq tests
* docs
* technically correct, the most useless kind of correct
* typo and more details
* bug
* drop __eq__
|
| |
|
|
| |
generation section (#3669)
|
| |
|
|
|
|
| |
* deprecate signer/verifier on asymmetric keys
* review feedback, switch deprecated_call to work around a bug
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* Revert "Attempted workaround for intermittent coverage issues (#3661)"
This reverts commit 84a634c1e7645970382a3a271dfae9ef95685e7a.
* pin coverage to 4.3.4
|
| |
|
| |
The root cause is https://bitbucket.org/ned/coveragepy/issues/578/incomplete-file-path-in-xml-report
|
| | |
|
| |
|
|
|
|
| |
* make signature and verification contexts error better re: prehashed
* code review feedback
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* runtime detection of getentropy for macOS via weak-linking
In the before time, in the long long ago, there was a desire to use
getentropy on macOS. So some code was written and it detected getentropy
support by seeing if SYS_getentropy was available in the headers. But
lo, it turns out Apple ships headers for different SDK versions and
users on < 10.12 were getting headers that had SYS_getentropy even
though their OS did not support it. There was much wailing and
gnashing of teeth, but the frustrated developers remembered that Apple
wants their developers to use weak linking. With weak linking the mighty
developer can specify a minimum version and any symbol that was added
after that version will be weakly linked. Then, at runtime, the dynamic
linker will make unavailable symbols thus marked into NULLs. So, the
developer need only alter their code to do runtime detection of weakly
linked symbols and then a single binary may be compiled that will
correctly select getentropy or /dev/urandom at runtime. Hallelujah!
* oops
* separate the enum
* okay just apple
|
| | |
|
| | |
|
| | |
|
| |
|
| |
turns out new jenkins changed its JSON a bit.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* update to new CI server for wheels + switch to using a job token
* avoid slash folding
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* add a jenkinsfile for building wheels
* remove scripts we don't need now
* still do the list of installed items on the mac builder
* build 2.6, don't bother with 2.7 ucs4 on mac, simplify batch
|
| |
|
|
|
|
|
|
|
| |
The OpenSSL manual recommends a buffer size of 80 for OBJ_oid2txt:
https://www.openssl.org/docs/crypto/OBJ_nid2ln.html#return_values.
But OIDs longer than this occur in real life (e.g. Active Directory
makes some very long OIDs). If the length of the stringified OID
exceeds the buffer size, allocate a new buffer that is big enough to
hold the stringified OID, and re-do the conversion into the new
buffer.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* move MACContext to mac.py and eliminate interfaces.py finally
* improve title
* re-add and deprecate interfaces.MACContext
* use pytest.warns instead of deprecated_call
The pytest docs insist that deprecation warnings are handled differently
and that you should use deprecated_call, but this works so okay then
|
| | |
|
| | |
|
| | |
|
| | |
|
