| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
| |
Update openssl https URL, otherwise a 302 result screws up the curl/tar steps and confusion ensues.
|
| |
|
|
|
|
|
|
|
|
| |
* support encoding IPv4Network and IPv6Network, useful for NameConstraints
* add changelog entry
* add more networks with full and no masking (/32, /128, /0)
* parametrize the nc tests to fix coverage
|
| | |
|
| |
|
|
| |
vulnerability (#3177)
|
| | |
|
| |
|
|
|
|
|
|
| |
* Simplify OpenSSL bits in travis
* more simplify
* missed one
|
| | |
|
| |
|
|
|
|
| |
* test against 1.1.0a instead of 1.1.0
* change the dir to foil travis caching
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* first draft of verification and serialization
* tweaks in the RST syntax
* added example of deserialization
* taking into account the returned value, so that doctests pass
* adjusted rst syntax and indentation for code samples
* removed print call
* forgot to actually call splitlines
* added missing argument when loading private key
* added Deserialization to dictionary
* made lines shorter to meet style requirements
* applied requested changes in style
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* update our travis configs to run against 10.10, 10.11, 10.12
Drops 10.9 from Travis. The xcode8 image is also currently not 10.12,
but is planned to become that soon see:
https://blog.travis-ci.com/2016-09-15-new-default-osx-image-coming/
* add output of sw_vers for mac builders on travis
* reorder
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* 1.0.2i changed the way COMP_METHOD is exported if NO_COMP is set
* add a comment explaining why we changed this
* 1.0.2i handles NUMERICSTRING properly now so need only test < 1.0.2i
* needs to be visible
|
| | |
|
| |
|
|
|
|
| |
* re-add setuptools resolve vs load workaround
* add deprecatedin tag so we can find this easier
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* Clarified Windows development installation and doc'd upstream enchant bug
* Fixed whitespace problems
* Fixed merge resolution mistake
|
| |
|
| |
right now it just always skips
|
| |
|
|
|
|
|
|
|
|
| |
* support random_serial_number in the CertificateBuilder
* turns out pytest's monkeypatch has an undo
* random_serial_number now a function
* just certs
|
| |
|
|
|
|
|
|
|
|
| |
* Add bounds checking for Scrypt parameters.
* Pep8.
* More PEP8.
* Change wording.
|
| |
|
|
|
|
|
|
|
| |
* fix inconsistency in utilization of block_size in openssl cipher impl
Previously we over-allocated our buffers because we treated a bit size
as bytes.
* rename property
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Scrypt implementation.
* Docs stuff.
* Make example just an example and not a doctest.
* Add changelog entry.
* Docs cleanup.
* Add more tests.
* Add multibackend tests.
* PEP8.
* Add docs about Scrypt parameters.
* Docs cleanup.
* Add AlreadyFinalized.
|
| |
|
|
|
|
| |
* add support for signature_algorithm_oid to cert, CSR, and CRL
* refactor _SIG_OIDS_TO_HASH to use ObjectIdentifiers and use that
|
| |
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* Add a register_interface_if decorator.
* Add tests.
* PEP 8.
|
| |
|
|
|
|
|
|
| |
* Mention that blake2 is not vulnerable to length-extension attacks
* SHA is sort of like a word, in the sense that I want the spellcheck to shut up about it
* rephrase
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* blake2b/blake2s support
Doesn't support keying, personalization, salting, or tree hashes so
the API is pretty simple right now.
* implement digest_size via utils.read_only_property
* un-keyed for spelling's sake
* test copying + digest_size checks
* unkeyed is too a word
* line wrap
* reword the docs
* use the evp algorithm name in the error
This will make BLAKE2 alternate digest size errors a bit less confusing
* add changelog entry and docs about supported digest_size
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add Scrypt bindings.
* Add check for OPENSSL_NO_SCRYPT.
* Fix CUSTOMIZATIONS.
* Account for LibreSSL.
* Remove argument names.
* Remove more argument names.
|
| |
|
|
| |
the next release. (#3113)
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* make pre5 work
* add a blank line to make the diff happier
* 1.1.0-pre6 working
* support the changes since 1.1.0-pre6
* fixes
* add 1.1.0 to travis
* expose the symbol
* better testing for numericstring
* handle libre...
* actually use the 1.1.0 we compile
* cache the ossl-110 dir on travis
* add some newlines
* changelog entry for 1.1.0 support
* note that we test on 1.1.0
* proper skip on this test
* reorder
|
| | |
|
| | |
|
| |
|
| |
We're so close.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Iterators can only be enumerated once, breaking code like this in
Python 3 for example:
san = SubjectAlternativeName(map(DNSName, lst))
This is also a slight behavior change if the caller modifies the list
after passing it to the constructor, because input lists are now copied.
Which seems like a good thing.
Also:
* Name now checks that attributes elements are of type NameAttribute
* NoticeReference now allows notice_numbers to be any iterable
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* constify more things in x509 and reorder a few func args
Post pre6 they changed some function argument order...
* fix the function arg order where we call it
* still need arg names when implementing the function...whoops
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* Fix docs to clarify the less than 256 limit.
* Add "inclusive".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
not_valid_before (#2920)
* CertificateBuilder accepts aware datetimes for not_valid_after and not_valid_before
These functions now accept aware datetimes and convert them to UTC
* Added pytz to test requirements
* Correct pep8 error and improve Changelog wording
* Improve tests and clarify changelog message
* Trim Changelog line length
* Allow RevokedCertificateBuilder and CertificateRevocationListBuilder to accept aware datetimes
* Fix accidental changelog entry
|
