| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* Replace legacy file handling with a context manager.
* flake8 fix
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* drop python 3.4 support
Our dependencies have started dropping support so it is becoming
difficult to test. Additionally, Python 3.4 represents <2% of our
downloads, so taking on a large maintenance burden to maintain support
isn't a good use of limited time. Accordingly, we're dropping testing
infrastructure and migrating our abi3 wheels to py35+.
* use removed instead of dropped
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* add single_extensions to OCSPResponse (#4753)
* new vector, updateed docs, more stringent parser, changelog, etc
* simplify PR (no SCT for now)
* add a comment
* finish pulling out the sct stuff so tests might actually run
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Support ed25519 in csr/crl creation
* Tests for ed25519/x509
* Support ed448 in crt/csr/crl creation
* Tests for ed448/x509
* Support ed25519/ed448 in OCSPResponseBuilder
* Tests for eddsa in OCSPResponseBuilder
* Builder check missing in create_x509_csr
* Documentation update for ed25519+ed448 in x509
|
| |
|
|
|
|
|
|
|
|
| |
* fix coverage by adding two artificial DSA public keys
One key removes the optional parameters from the structure to cover a
branch conditional, and the other key has its BITSTRING padding value
set to a non-zero value.
* lexicographic? never heard of it
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* more ed25519 vectors, better description of RFC 8410 vector
* typo
* oops, doc'd wrong
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* add RSA PSS certificate
* i still maintain that 257 is slightly better than 256
|
| |
|
|
|
|
| |
* Refs #4830 -- added a vector of an x.509 certificate with a negative serial number
* Line wrap
|
| | |
|
| |
|
|
|
|
| |
* add ed25519 PKCS8 and subjectPublicKeyInfo vectors
* line length fix
|
| | |
|
| |
|
| |
Which, despite supporting HTTPS, is non-deterministically providing 404s and DigiCert has asserted that http is the only "supported" protocol.
|
| |
|
|
|
|
| |
* consistently linky RFC in the docs
* oops
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* add signature_hash_algorithm to OCSPResponse
* fix pointless asserts
|
| | |
|
| |
|
|
|
|
| |
* Sphinx's website is now https
* Sphinx's website is now https
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* another pkcs12 vector
also fixed the pathing to be consistent in the docs for PKCS12 vectors
* add a cert with no key pkcs12 as well
|
| | |
|
| |
|
|
|
|
| |
* add pkcs12 test vectors
* add more explanatino
|
| | |
|
| |
|
|
|
|
| |
* add a new SCT vector
* ridiculous
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* Enhance info on pip requirements intallation
* Remove virtualenv files from remote
* Fix "pacakges" typo
* Removing trailling whitespaces
|
| | |
|
| |
|
|
|
|
|
|
| |
* yet another ocsp response vector.
and yet there will be at least one more after this
* add one more
|
| | |
|
| |
|
|
|
|
| |
* add more OCSP response vectors
* another vector and better docs
|
| |
|
|
|
|
|
|
|
|
| |
* OCSP response vector
* oops, wrong name
* move ocsp response vector docs
* make alex happy
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix encoding errors in RSA test keys.
enc-rsa-pkcs8.pem and unenc-rsa-pkcs8.pem did not encode the RSA key
correctly. Per RFC 8017, appendix A.1:
The object identifier rsaEncryption identifies RSA public and private
keys as defined in Appendices A.1.1 and A.1.2. The parameters field
has associated with this OID in a value of type AlgorithmIdentifier
SHALL have a value of type NULL.
rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 }
unenc-rsa-pkcs8.pem, however, was missing that NULL, which was, in turn,
carried into the encrypted payload of enc-rsa-pkcs8.pem. The DER
version, enc-rsa-pkcs8.der, carries this mistake too. Interestingly,
unenc-rsa-pkcs8.der does *not* have it. I'm guessing it was converted
with the openssl command-line tool which fixed the encoding in
conversion.
Current versions of OpenSSL are lax and ignore the parameters field, but
it's best to test against spec-compliant inputs. Fix unenc-rsa-pkcs8.pem
to match unenc-rsa-pkcs8.der and then refresh enc-rsa-pkcs8.{der,pem}
with the new encoding but otherwise the same encryption parameters.
I've refreshed the dumpasn1 (at least that's what it looks like)
preamble at the top of each file, but the current version of dumpasn1
appears to have changed the spacing slightly, so there's some whitespace
diff noise.
* Update test-vectors.rst.
|
| | |
|
| |
|
|
|
|
|
|
| |
* Document wycheproof revision we're current as of
* Wycheproof is a real word!
* line length
|
| | |
|
