aboutsummaryrefslogtreecommitdiffstats
path: root/src/cryptography/hazmat/bindings
Commit message (Collapse)AuthorAgeFilesLines
* add SSL_CTX_(get|set)_keylog_callback (#5187)Maximilian Hils2020-04-111-0/+8
| | | | | | | * add SSL_CTX_(get|set)_keylog_callback * For travis Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* Drop support for OpenSSL 1.0.1 (#5178)Alex Gaynor2020-04-042-100/+2
|
* add SSL_CTX_get0_param (#5070)Maximilian Hils2019-11-221-0/+1
|
* Fixes #5018 -- break users on OpenSSL 1.0.1 (#5022)Alex Gaynor2019-10-181-6/+14
| | | | | | | | | | | | * Fixes #5018 -- break users on OpenSSL 1.0.1 * Grammar * Syntax error * Missing import * Missing import
* it's called FIPS_mode_set, not FIPS_set_mode (#4988)Paul Kehrer2019-09-091-1/+1
|
* Add SSL_get0_verified_chain to cffi lib (#4965)arjenzorgdoc2019-08-141-0/+7
| | | | | | | | * Add SSL_get0_verified_chain to cffi lib OpenSSL 1.1.0 supports SSL_get0_verified_chain. This gives the full chain from the peer cert including your trusted CA cert. * Work around no support for #if in cdef in old cffi
* Refs #4923; deprecate OpenSSL 1.0.1 (#4924)Alex Gaynor2019-06-151-1/+1
| | | | | | * Refs #4923; deprecate OpenSSL 1.0.1 * changelog
* add poly1305 NID/EVP, and EVP_DigestSign{Update,Final} for incremental (#4799)Paul Kehrer2019-03-071-0/+8
|
* remove unused locking functions (#4780)Paul Kehrer2019-02-261-5/+0
| | | | | | | | * remove unused locking functions we do all this in C when necessary * oops, need this
* Polish off removal of unused engine bindings (#4769)Alex Gaynor2019-02-251-3/+0
|
* reduce our engine bindings even more (#4768)Paul Kehrer2019-02-251-23/+0
|
* support NO_ENGINE (#4763)Paul Kehrer2019-02-252-2/+45
| | | | | | | | * support OPENSSL_NO_ENGINE * support some new openssl config args * sigh
* why did we have these variables (#4764)Paul Kehrer2019-02-241-2/+0
|
* encode the package version in the shared object (#4756)Paul Kehrer2019-02-201-0/+24
| | | | | | | | | | * encode the package version in the shared object * review feedback * move into build_ffi so the symbol is in all shared objects * review feedback
* bind EVP_R_MEMORY_LIMIT_EXCEEDED and update a test (#4726)Paul Kehrer2019-01-211-0/+9
| | | | | | | | | | | * bind EVP_R_MEMORY_LIMIT_EXCEEDED and update a test This will allow OpenSSL 1.1.1 on 32-bit (including our Windows 32-bit builders) to fail as expected. Technically this isn't a malloc error, but rather failing because the allocation requested is larger than 32-bits, but raising a MemoryError still seems appropriate * what you want an endif too?
* add EVPDigestFinalXOF for extendable output functions (#4589)Paul Kehrer2018-11-131-0/+9
|
* Ed bindings (#4586)Paul Kehrer2018-11-131-0/+9
| | | | | | * add evp_pkey_ed25519 * ed448 bindings
* add bindings for early data (#4582)Paul Kehrer2018-11-121-0/+4
| | | | | | * add bindings for early data * remove final var name
* x448 bindings (#4577)Paul Kehrer2018-11-121-0/+8
|
* add EVP raw key bindings (#4578)Paul Kehrer2018-11-121-0/+10
|
* add various new TLS bindings (#4555)Paul Kehrer2018-11-031-0/+12
| | | | | | | | | | * add SSL_OP_NO_TLSv1_3 * compiling now * bind SSL_CTX_set_ciphersuites as well * add some more
* add SCT_get0_signature (#4540)Paul Kehrer2018-10-281-0/+1
|
* Add definitions that help with hostname checking (#4492)Kai Engert2018-10-101-0/+15
| | | | | | | | | | | | | | * Add definitions for SSL_get0_param and X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS * remove unnecessary parameter name * Add version conditionals and more flags * extend cryptography_has_102_verification_params * X509_CHECK_FLAG_NEVER_CHECK_SUBJECT only available with openssl 1.1.0+ * add missing declaration
* Use our cryptography-specific warning class (#4493)Alex Gaynor2018-10-101-1/+1
|
* add ed25519 bindings (#4476)Paul Kehrer2018-09-261-0/+17
| | | | | | * add ed25519 bindings * var name
* Fixes #3460 -- deprecate OpenSSL 1.0.1 (#4427)Alex Gaynor2018-08-311-0/+16
| | | | | | | | | | | | * Fixes #3460 -- deprecate OpenSSL 1.0.1 * We need to import warnings * flake8 * words are hard * rephrase
* 1.1.0 locks (#4420)Paul Kehrer2018-08-292-1/+3
| | | | | | | | | | | | * Do conditional compiling of Cryptography_setup_ssl_threads * Check Cryptography_HAS_LOCKING_CALLBACKS before initing static locks Check if compiling and initing locking callbacks is necessary PEP8 fix * Make test_crypto_lock_init more complete
* add bindings for SCT creation (#4407)Paul Kehrer2018-08-201-0/+7
|
* Add more SSL_CIPHER_* functions, necessary to implement ctx.get_ciphers() in ↵Amaury Forgeot d'Arc2018-07-231-0/+11
| | | | | | | | | | | | | | | | PyPy (#4364) * Add more SSL_CIPHER_* functions, necessary to implement ctx.get_ciphers() added by Python 3.6.1. * Add placeholders for other versions * Remove parameter names * LibreSSL 2.7 has the new functions * Add entries in _conditional.py * SSL_CIPHER_get_id returns int, not char*
* Make our locking setup function compy with our style guide (#4316)Alex Gaynor2018-07-061-1/+1
| | | And not expose an unprefixed name to anyone who dlopens us.
* Perform an OPENSSL_cleanup before checking the heap in our memleak tests (#4293)Alex Gaynor2018-06-201-0/+7
| | | | | | | | | | * Perform an OPENSSL_cleanup before checking the heap in our memleak tests * Make this binding conditional * typo * need to put this call before we reset the function ptrs
* Clean up unused EC bindings. (#4225)David Benjamin2018-05-141-4/+0
| | | | | | | | | | | | | | | | | | | | | | | * Clean up unused EC bindings. A lot of these are really OpenSSL internals, like the EC_METHOD business, support for custom curves which are a bad idea, and weird non-standard serializations like taking the usual point serialization and treating it as a single BIGNUM. I also didn't remove things when they're arguably part of a set. E.g. EC_POINT_add is used, but EC_POINT_dbl isn't. However, they both set at the same abstraction level (basic point operations), so it's strange to have one without the other. I also kept EC_POINT_is_on_curve because, although it is not used, OpenSSL prior to 1.1.0 doesn't perform this important check in EC_POINT_set_affine_coordinates_GFp (though it does in some of the functions which ultimately call it, like EC_KEY_set_public_key_affine_coordinates, what cryptography.io actually uses), so one should not expose the latter without the former. * Fix build issue.
* add custom extensions functions for openssl >=1.0.2 (#4202)Denis Lila2018-04-211-0/+9
| | | | | | * add custom extensions functions for openssl >=1.0.2 * Fix style problems
* remove cms bindings we don't use (#4131)Paul Kehrer2018-03-051-35/+0
|
* Add bindings for DTLS support (#4089)gesslerpd2018-01-231-0/+2
| | | | | | | | | | | | | | | | * + more DTLS bindings * + BIO_CTRL_DGRAM* * + read ahead functions * rm BIO_CTRL_DGRAM_SET_PEEK_MODE * rm BIO_CTRL_DGRAM_SET_DONT_FRAG * + link mtu conditional logic * rm some BIO_CTRL_DGRAM* bindings
* Add bindings for PSK (#4084)gesslerpd2018-01-181-0/+9
| | | | | | | | | | * + PSK function bindings * + PSK conditional * trigger CI * trigger CI
* Add bindings for SSL_OP_NO_DTLS* (#4079)gesslerpd2018-01-161-0/+2
| | | | | | | | * + bindings for SSL_OP_NO_DTLS* * + conditional for not HAS_GENERIC_DTLS_METHOD * flag SSL_OP_NO_DTLS* for unsupported deletion
* just a quick confirmation that it really is an x25519 evp key (#4070)Paul Kehrer2018-01-051-0/+1
| | | | | | * just a quick confirmation that it really is an x25519 evp key * openssl assert. take that python -O
* Fixed #4006 -- bind functions for dealing with sigalgs (#4063)Alex Gaynor2017-12-261-0/+8
| | | | | | * Fixed #4006 -- bind functions for dealing with sigalgs * oops
* Fixed #4058 -- use the thread-safe API from OpenSSL, not the danger one (#4059)Alex Gaynor2017-12-181-3/+4
|
* Expose FIPS funcs for OpenSSL. (#3939)Scott Sturdivant2017-09-271-0/+8
| | | | | | | | | | | | | * Expose FIPS funcs for OpenSSL. * Remove FIPS customization / conditionals. It seems that the FIPS functions are always defined, regardless of if the FIPS module is present. * Do not include FIPS_selftest_check func. * Libressl does not have FIPS.
* add set0_rsa_oaep_label binding (#3894)Paul Kehrer2017-09-071-0/+7
|
* remove egd (#3771)Paul Kehrer2017-07-081-9/+0
| | | | | | | | | | | * remove egd * oops * keep Cryptography_HAS_EGD for compat just in case This shouldn't really be necessary but maybe we can fully remove it in 2018 or 2019...
* remove cryptodev (#3770)Paul Kehrer2017-07-081-7/+0
| | | | | | * remove cryptodev * oops
* Attempt to use coverage to quantify how many of the CONDITIONAL_NAMES we ↵Alex Gaynor2017-07-082-65/+185
| | | | | | | | | | | | | | | | | | really use (#3763) * Attempt to use coverage to quantify how many of the CONDITIONAL_NAMES we really use * rewrite file to improve coverage * Write it this way so we can use line coverage * lost this one :-( * fix comment and flake8 * update the docs as well * flake8
* Remove conditionals we never use. (#3766)Alex Gaynor2017-07-081-4/+0
| | | | | | | | * Remove conditionals we never use. Refs #3763 * put this back
* bind DTLS 1.2 methods (#3725)Paul Kehrer2017-06-261-0/+5
| | | | | | * bind DTLS 1.2 methods * remove version specific dtls bindings, rename sentinel value
* bind even more evp (#3684)Paul Kehrer2017-06-061-1/+2
| | | | | | * bind even more evp * oops
* bind EVP_PKEY_get1_tls_encodedpoint because X25519 (#3682)Paul Kehrer2017-06-051-0/+3
|
* fix libressl error/refactor some error handling (#3609)Paul Kehrer2017-05-261-2/+17
| | | | | | | | | | | | | | | | | | | | | | | * add libre so I can see the error * add the libre error needed and refactor error handling a bit We were historically matching on lib + func + reason, but func is somewhat unstable so now we match on lib + reason only. Of course, in this case libressl changed both lib and reason so it wouldn't have mattered. All error handling from the error queue in openssl is an illusion * fix a typo, probably an unneeded branch * review feedback * refactor tests to support libressl insert additional rant about libre here, although admittedly these tests were assuming stability where openssl itself guarantees none * better assert, fix flake8
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-27 10:50:40 +0000