aboutsummaryrefslogtreecommitdiffstats
path: root/docs/x509
Commit message (Collapse)AuthorAgeFilesLines
* Refs #3461 -- parse SCTs from x.509 extension (#3480)Alex Gaynor2017-06-042-3/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Stub API for SCTs, feedback wanted * grr, flake8 * finish up the __init__ * Initial implementation and tests * write a test. it fails because computer * get the tests passing and fix some TODOs * changelog entry * This can go now * Put a skip in this test * grump * Removed unreachable code * moved changelog to the correct section * Use the deocrator for expressing requirements * This needs f for the right entry_type * coverage * syntax error * tests for coverage * better sct eq tests * docs * technically correct, the most useless kind of correct * typo and more details * bug * drop __eq__
* add some explicit instructions on determining key type in a cert (#3596)Paul Kehrer2017-05-241-0/+17
| | | | | | * add some explicit instructions on determining key type in a cert * can't call it a CSR
* Don't raise an UnsupportedExtension for critical extensions. (#3550)Alex Gaynor2017-05-201-21/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | * Don't raise an UnsupportedExtension for critical extensions. Fixes #2903 Fixes #2901 Fixes #3325 * Don't link * Revert "Don't link" This reverts commit 4fe847f91d9dd45cdc28a4984c4e44aad62a5de6. * fix * Revert "Revert "Don't link"" This reverts commit 856031b5a1fbad04ac218fa94ebf37dcd402f3ed. * fix * Deprecate this * Better changelog entry
* Interfaces for SCTs, feedback wanted (#3467)Alex Gaynor2017-03-222-0/+80
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Stub API for SCTs, feedback wanted * grr, flake8 * port this to being an ABC * finish up the __init__ * Two necessary enums * Roll this back * Wrote some docs * spell words correctly * linky * more details * use the words UTC * coverage * Define MMD for the kids at some * linky linky
* Refs #3461 -- added the OID for the SCT x.509 extension (#3464)Alex Gaynor2017-03-201-0/+6
| | | | | | * Refs #3461 -- added the OID for the SCT x.509 extension * Version added
* Update tutorial.rst (#3394)AlexanderWeyman2017-02-131-2/+2
| | | eliminated inconsitency of variable name in sample code
* add a SAN to the certificatebuilder example (#3353)Paul Kehrer2017-01-181-0/+6
| | | | Evidently users copy/paste these examples so adding a SAN here will help people screw up less. Fixes #3314
* add a few more OIDs (#3259)Paul Kehrer2016-11-191-0/+18
| | | pulled from #3244
* Add a bytes method to get the DER ASN.1 encoding of an X509 name. (#3236)Paul Kehrer2016-11-131-0/+10
| | | | | | | | | | * Add a bytes method to get the DER ASN.1 encoding of an X509 name. This is useful for creating an OpenSSL style subject_name_hash (#3011) * add to backend interface and update multibackend * bytes -> public_bytes
* Turns out we shouldn't call it uniqueIdentifier (#3234)Paul Kehrer2016-11-121-1/+1
| | | http://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.tec465360.html
* add some new oids (#3233)Paul Kehrer2016-11-111-0/+12
| | | | | | * add some new oids * As Alex pointed out, it's streetAddress
* Name: add support for multi-value RDNs (#3202)Fraser Tweedale2016-11-111-1/+20
| | | | | | | | Update the Name class to accept and internally store a list of RelativeDistinguishedName objects. Add the 'rdns' attribute to give access to the RDNs. Update ASN.1 routines to correctly decode and encode multi-value RDNs. Fixes: https://github.com/pyca/cryptography/issues/3199
* Make DistributionPoint relative_name a set of NameAttribute (#3210)Fraser Tweedale2016-11-071-1/+20
| | | | | | | | | | | * Add RelativeDistinguishedName class * Make relative_name a RelativeDistinguishedName DistributionPoint relative_name is currently a Name but RFC 5280 defines it as RelativeDistinguishedName, i.e. a non-empty SET OF name attributes. Change the DistributionPoint relative_name attribute to be a RelativeDistinguishedName.
* Fixed #3143 -- added the mandatory serial number parameter (#3144)Alex Gaynor2016-09-091-0/+2
|
* support random_serial_number in the CertificateBuilder (#3132)Paul Kehrer2016-09-031-8/+21
| | | | | | | | | | * support random_serial_number in the CertificateBuilder * turns out pytest's monkeypatch has an undo * random_serial_number now a function * just certs
* add support for signature_algorithm_oid to cert, CSR, and CRL (#3124)Paul Kehrer2016-08-311-0/+46
| | | | | | * add support for signature_algorithm_oid to cert, CSR, and CRL * refactor _SIG_OIDS_TO_HASH to use ObjectIdentifiers and use that
* Remove provider language from docs (#3072)Gabriel Orisaka2016-07-311-2/+2
|
* Add alias for Certificate serial as serial number (#2950)Chelsea Winfree2016-06-021-4/+4
| | | | | | | | * Add alias for Certificate serial as serial number * Adding deprecation to utils * Now with catch warnings and proper vers
* Fixed #2871 -- position docs next to the fucntion they are for (#2924)Alex Gaynor2016-05-291-26/+26
|
* rephraseAlex Gaynor2016-03-141-1/+2
|
* typo fixAlex Gaynor2016-03-141-1/+1
|
* Fixes #2301 -- write a tutorial on generating self-signed certificatesAlex Gaynor2016-03-141-0/+67
|
* add some notes about when to use these classmethodsPaul Kehrer2016-03-121-0/+12
|
* Add AuthorityKeyIdentifier.from_issuer_subject_key_identifierPaul Kehrer2016-03-111-0/+26
|
* Merge pull request #2670 from joernheissler/x509_req_verifyPaul Kehrer2016-03-061-0/+6
|\ | | | | Add verify method on CertificateSigningRequest
| * Change method to propertyJoern Heissler2016-01-181-5/+2
| |
| * Add verify method on CertificateSigningRequestJoern Heissler2016-01-131-0/+9
| |
* | Merge pull request #2733 from reaperhulk/policy-constraintsAlex Gaynor2016-02-261-0/+44
|\ \ | | | | | | add policy constraints class
| * | try to improve the languagePaul Kehrer2016-02-261-10/+8
| | |
| * | fix docsPaul Kehrer2016-02-261-1/+1
| | |
| * | add the oid required by the extensiontype interfacePaul Kehrer2016-02-261-0/+6
| | |
| * | add policy constraints classPaul Kehrer2016-02-261-0/+40
| |/
* | line lengthAlex Gaynor2016-02-101-2/+2
| |
* | Fix what appears to be a typoAlex Gaynor2016-02-101-1/+1
|/
* backticksPaul Kehrer2015-12-301-1/+1
|
* support unrecognized extensions in x509Paul Kehrer2015-12-301-1/+2
|
* language updatePaul Kehrer2015-12-301-1/+1
|
* add UnrecognizedExtension classPaul Kehrer2015-12-301-0/+21
|
* support CRL entry extension encoding in the RevokedCertificateBuilderPaul Kehrer2015-12-271-0/+12
|
* add invaliditydate class for crl entry extensionsPaul Kehrer2015-12-261-1/+26
|
* switch CRLReason to use a classPaul Kehrer2015-12-261-1/+23
|
* start switching the CRL entry extensions to be full-fledged classesPaul Kehrer2015-12-251-0/+34
| | | | first up: CertificateIssuer
* Merge pull request #2574 from reaperhulk/rename-crlextensionAlex Gaynor2015-12-251-0/+16
|\ | | | | rename CRLExtensionOID to CRLEntryExtensionOID
| * rename CRLExtensionOID to CRLEntryExtensionOIDPaul Kehrer2015-12-251-0/+16
| |
* | support revoked certificates in CertificateRevocationListBuilderPaul Kehrer2015-12-251-2/+17
|/
* RevokedCertificateBuilderPaul Kehrer2015-12-251-0/+48
|
* add extension support to the CRLBuilderPaul Kehrer2015-12-251-0/+10
|
* update docs with review feedbackPaul Kehrer2015-12-241-12/+12
|
* CertificateRevocationListBuilderPaul Kehrer2015-12-241-0/+82
| | | | | RSA keys only. Currently does not support CRL extensions or CRLEntry extensions.
* update the languagePaul Kehrer2015-12-221-5/+4
|