Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Refs #3461 -- parse SCTs from x.509 extension (#3480) | Alex Gaynor | 2017-06-04 | 2 | -3/+29 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Stub API for SCTs, feedback wanted * grr, flake8 * finish up the __init__ * Initial implementation and tests * write a test. it fails because computer * get the tests passing and fix some TODOs * changelog entry * This can go now * Put a skip in this test * grump * Removed unreachable code * moved changelog to the correct section * Use the deocrator for expressing requirements * This needs f for the right entry_type * coverage * syntax error * tests for coverage * better sct eq tests * docs * technically correct, the most useless kind of correct * typo and more details * bug * drop __eq__ | ||||
* | add some explicit instructions on determining key type in a cert (#3596) | Paul Kehrer | 2017-05-24 | 1 | -0/+17 |
| | | | | | | * add some explicit instructions on determining key type in a cert * can't call it a CSR | ||||
* | Don't raise an UnsupportedExtension for critical extensions. (#3550) | Alex Gaynor | 2017-05-20 | 1 | -21/+2 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Don't raise an UnsupportedExtension for critical extensions. Fixes #2903 Fixes #2901 Fixes #3325 * Don't link * Revert "Don't link" This reverts commit 4fe847f91d9dd45cdc28a4984c4e44aad62a5de6. * fix * Revert "Revert "Don't link"" This reverts commit 856031b5a1fbad04ac218fa94ebf37dcd402f3ed. * fix * Deprecate this * Better changelog entry | ||||
* | Interfaces for SCTs, feedback wanted (#3467) | Alex Gaynor | 2017-03-22 | 2 | -0/+80 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Stub API for SCTs, feedback wanted * grr, flake8 * port this to being an ABC * finish up the __init__ * Two necessary enums * Roll this back * Wrote some docs * spell words correctly * linky * more details * use the words UTC * coverage * Define MMD for the kids at some * linky linky | ||||
* | Refs #3461 -- added the OID for the SCT x.509 extension (#3464) | Alex Gaynor | 2017-03-20 | 1 | -0/+6 |
| | | | | | | * Refs #3461 -- added the OID for the SCT x.509 extension * Version added | ||||
* | Update tutorial.rst (#3394) | AlexanderWeyman | 2017-02-13 | 1 | -2/+2 |
| | | | eliminated inconsitency of variable name in sample code | ||||
* | add a SAN to the certificatebuilder example (#3353) | Paul Kehrer | 2017-01-18 | 1 | -0/+6 |
| | | | | Evidently users copy/paste these examples so adding a SAN here will help people screw up less. Fixes #3314 | ||||
* | add a few more OIDs (#3259) | Paul Kehrer | 2016-11-19 | 1 | -0/+18 |
| | | | pulled from #3244 | ||||
* | Add a bytes method to get the DER ASN.1 encoding of an X509 name. (#3236) | Paul Kehrer | 2016-11-13 | 1 | -0/+10 |
| | | | | | | | | | | * Add a bytes method to get the DER ASN.1 encoding of an X509 name. This is useful for creating an OpenSSL style subject_name_hash (#3011) * add to backend interface and update multibackend * bytes -> public_bytes | ||||
* | Turns out we shouldn't call it uniqueIdentifier (#3234) | Paul Kehrer | 2016-11-12 | 1 | -1/+1 |
| | | | http://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.tec465360.html | ||||
* | add some new oids (#3233) | Paul Kehrer | 2016-11-11 | 1 | -0/+12 |
| | | | | | | * add some new oids * As Alex pointed out, it's streetAddress | ||||
* | Name: add support for multi-value RDNs (#3202) | Fraser Tweedale | 2016-11-11 | 1 | -1/+20 |
| | | | | | | | | Update the Name class to accept and internally store a list of RelativeDistinguishedName objects. Add the 'rdns' attribute to give access to the RDNs. Update ASN.1 routines to correctly decode and encode multi-value RDNs. Fixes: https://github.com/pyca/cryptography/issues/3199 | ||||
* | Make DistributionPoint relative_name a set of NameAttribute (#3210) | Fraser Tweedale | 2016-11-07 | 1 | -1/+20 |
| | | | | | | | | | | | * Add RelativeDistinguishedName class * Make relative_name a RelativeDistinguishedName DistributionPoint relative_name is currently a Name but RFC 5280 defines it as RelativeDistinguishedName, i.e. a non-empty SET OF name attributes. Change the DistributionPoint relative_name attribute to be a RelativeDistinguishedName. | ||||
* | Fixed #3143 -- added the mandatory serial number parameter (#3144) | Alex Gaynor | 2016-09-09 | 1 | -0/+2 |
| | |||||
* | support random_serial_number in the CertificateBuilder (#3132) | Paul Kehrer | 2016-09-03 | 1 | -8/+21 |
| | | | | | | | | | | * support random_serial_number in the CertificateBuilder * turns out pytest's monkeypatch has an undo * random_serial_number now a function * just certs | ||||
* | add support for signature_algorithm_oid to cert, CSR, and CRL (#3124) | Paul Kehrer | 2016-08-31 | 1 | -0/+46 |
| | | | | | | * add support for signature_algorithm_oid to cert, CSR, and CRL * refactor _SIG_OIDS_TO_HASH to use ObjectIdentifiers and use that | ||||
* | Remove provider language from docs (#3072) | Gabriel Orisaka | 2016-07-31 | 1 | -2/+2 |
| | |||||
* | Add alias for Certificate serial as serial number (#2950) | Chelsea Winfree | 2016-06-02 | 1 | -4/+4 |
| | | | | | | | | * Add alias for Certificate serial as serial number * Adding deprecation to utils * Now with catch warnings and proper vers | ||||
* | Fixed #2871 -- position docs next to the fucntion they are for (#2924) | Alex Gaynor | 2016-05-29 | 1 | -26/+26 |
| | |||||
* | rephrase | Alex Gaynor | 2016-03-14 | 1 | -1/+2 |
| | |||||
* | typo fix | Alex Gaynor | 2016-03-14 | 1 | -1/+1 |
| | |||||
* | Fixes #2301 -- write a tutorial on generating self-signed certificates | Alex Gaynor | 2016-03-14 | 1 | -0/+67 |
| | |||||
* | add some notes about when to use these classmethods | Paul Kehrer | 2016-03-12 | 1 | -0/+12 |
| | |||||
* | Add AuthorityKeyIdentifier.from_issuer_subject_key_identifier | Paul Kehrer | 2016-03-11 | 1 | -0/+26 |
| | |||||
* | Merge pull request #2670 from joernheissler/x509_req_verify | Paul Kehrer | 2016-03-06 | 1 | -0/+6 |
|\ | | | | | Add verify method on CertificateSigningRequest | ||||
| * | Change method to property | Joern Heissler | 2016-01-18 | 1 | -5/+2 |
| | | |||||
| * | Add verify method on CertificateSigningRequest | Joern Heissler | 2016-01-13 | 1 | -0/+9 |
| | | |||||
* | | Merge pull request #2733 from reaperhulk/policy-constraints | Alex Gaynor | 2016-02-26 | 1 | -0/+44 |
|\ \ | | | | | | | add policy constraints class | ||||
| * | | try to improve the language | Paul Kehrer | 2016-02-26 | 1 | -10/+8 |
| | | | |||||
| * | | fix docs | Paul Kehrer | 2016-02-26 | 1 | -1/+1 |
| | | | |||||
| * | | add the oid required by the extensiontype interface | Paul Kehrer | 2016-02-26 | 1 | -0/+6 |
| | | | |||||
| * | | add policy constraints class | Paul Kehrer | 2016-02-26 | 1 | -0/+40 |
| |/ | |||||
* | | line length | Alex Gaynor | 2016-02-10 | 1 | -2/+2 |
| | | |||||
* | | Fix what appears to be a typo | Alex Gaynor | 2016-02-10 | 1 | -1/+1 |
|/ | |||||
* | backticks | Paul Kehrer | 2015-12-30 | 1 | -1/+1 |
| | |||||
* | support unrecognized extensions in x509 | Paul Kehrer | 2015-12-30 | 1 | -1/+2 |
| | |||||
* | language update | Paul Kehrer | 2015-12-30 | 1 | -1/+1 |
| | |||||
* | add UnrecognizedExtension class | Paul Kehrer | 2015-12-30 | 1 | -0/+21 |
| | |||||
* | support CRL entry extension encoding in the RevokedCertificateBuilder | Paul Kehrer | 2015-12-27 | 1 | -0/+12 |
| | |||||
* | add invaliditydate class for crl entry extensions | Paul Kehrer | 2015-12-26 | 1 | -1/+26 |
| | |||||
* | switch CRLReason to use a class | Paul Kehrer | 2015-12-26 | 1 | -1/+23 |
| | |||||
* | start switching the CRL entry extensions to be full-fledged classes | Paul Kehrer | 2015-12-25 | 1 | -0/+34 |
| | | | | first up: CertificateIssuer | ||||
* | Merge pull request #2574 from reaperhulk/rename-crlextension | Alex Gaynor | 2015-12-25 | 1 | -0/+16 |
|\ | | | | | rename CRLExtensionOID to CRLEntryExtensionOID | ||||
| * | rename CRLExtensionOID to CRLEntryExtensionOID | Paul Kehrer | 2015-12-25 | 1 | -0/+16 |
| | | |||||
* | | support revoked certificates in CertificateRevocationListBuilder | Paul Kehrer | 2015-12-25 | 1 | -2/+17 |
|/ | |||||
* | RevokedCertificateBuilder | Paul Kehrer | 2015-12-25 | 1 | -0/+48 |
| | |||||
* | add extension support to the CRLBuilder | Paul Kehrer | 2015-12-25 | 1 | -0/+10 |
| | |||||
* | update docs with review feedback | Paul Kehrer | 2015-12-24 | 1 | -12/+12 |
| | |||||
* | CertificateRevocationListBuilder | Paul Kehrer | 2015-12-24 | 1 | -0/+82 |
| | | | | | RSA keys only. Currently does not support CRL extensions or CRLEntry extensions. | ||||
* | update the language | Paul Kehrer | 2015-12-22 | 1 | -5/+4 |
| |