| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | encode countryName with PrintableString | Paul Kehrer | 2015-10-20 | 1 | -6/+8 |
| | | | | | | | | This commit adds a dependency on asn1crypto for testing purposes to parse the certificate and confirm that countryName is encoded with PrintableString while other fields are UTF8String. This is a test only dep. | ||||
| * | Merge pull request #2427 from alex/ecdh | Paul Kehrer | 2015-10-19 | 6 | -0/+56 |
| |\ | | | | | ECDH take 4 | ||||
| | * | better document hte iface | Alex Gaynor | 2015-10-17 | 1 | -0/+7 |
| | | | |||||
| | * | unused import | Alex Gaynor | 2015-10-17 | 1 | -1/+0 |
| | | | |||||
| | * | a refactor to the API | Alex Gaynor | 2015-10-17 | 5 | -43/+35 |
| | | | |||||
| | * | Add an Elliptic Curve Key Exchange Algorithm(ECDH) | Simo Sorce | 2015-10-17 | 5 | -0/+58 |
| | | | | | | | | | | | | | | | | | | | The ECDH Key Exchange algorithm as standardized in NIST publication 800-56A Revision 2 Includes tests with vectors from NIST. Signed-off-by: Simo Sorce <simo@redhat.com> | ||||
| * | | Fix wrong mention of class in docstring. | Terry Chia | 2015-10-18 | 1 | -1/+1 |
| |/ | |||||
| * | Kill Key Exchange as a separate interface | Simo Sorce | 2015-10-15 | 1 | -18/+0 |
| | | | | | | | | | Ultimately it was decided that ECDH and the others can be implemented as simple classes without the overhead of an interface. So ... let's kill it, it was a fun process. Signed-off-by: Simo Sorce <simo@redhat.com> | ||||
| * | add binding for d2i_GENERAL_NAMES() | Erik Trauschke | 2015-10-15 | 1 | -0/+2 |
| | | |||||
| * | extend pkcs7 openssl bindings | Dominic Chen | 2015-10-13 | 2 | -2/+32 |
| | | |||||
| * | Catch Invalid X or Y points and raise a ValueError | Simo Sorce | 2015-10-12 | 1 | -2/+6 |
| | | | | | Signed-off-by: Simo Sorce <simo@redhat.com> | ||||
| * | Merge pull request #2402 from ddcc/patch-1 | Paul Kehrer | 2015-10-11 | 1 | -2/+7 |
| |\ | | | | | minor fix to handle malformed certificates without hostname | ||||
| | * | fix to handle malformed certificates without hostname | Dominic Chen | 2015-10-10 | 1 | -2/+7 |
| | | | |||||
| * | | typo | Alex Gaynor | 2015-10-11 | 1 | -1/+1 |
| | | | |||||
| * | | handle errors | Alex Gaynor | 2015-10-10 | 1 | -0/+2 |
| | | | |||||
| * | | Fixed #2404 -- handle a certificate with an unknown public key | Alex Gaynor | 2015-10-10 | 1 | -1/+3 |
| |/ | |||||
| * | Introduce Key Exchange Agreements interface | Simo Sorce | 2015-10-07 | 1 | -0/+18 |
| | | | | | Signed-off-by: Simo Sorce <simo@redhat.com> | ||||
| * | Change '!=' to 'is not' | Manoel Domingues Junior | 2015-10-01 | 1 | -1/+1 |
| | | |||||
| * | Handling path_length when ca is True | Manoel Domingues Junior | 2015-10-01 | 1 | -1/+1 |
| | | | | | | | Using CertificateBuilder: builder = builder.add_extension(x509.BasicConstraints(ca=True,path_length=None), critical=True) return TypeError in line 792 because None can't be converted to hex. In https://tools.ietf.org/html/rfc5280.html#section-4.2.1.9: CAs MUST NOT include the pathLenConstraint field unless the cA boolean is asserted and the key usage extension asserts the keyCertSign bit. | ||||
| * | flake8 | Alex Gaynor | 2015-09-29 | 1 | -0/+1 |
| | | |||||
| * | sigh, fix | Alex Gaynor | 2015-09-29 | 1 | -1/+1 |
| | | |||||
| * | use signature so stuff works on 3.6 -- fixes #2382 | Alex Gaynor | 2015-09-29 | 1 | -3/+8 |
| | | |||||
| * | unused import | Alex Gaynor | 2015-09-26 | 1 | -3/+1 |
| | | |||||
| * | Use InternalError for stuff | Alex Gaynor | 2015-09-26 | 6 | -41/+21 |
| | | |||||
| * | fix the tests | Alex Gaynor | 2015-09-26 | 1 | -4/+4 |
| | | |||||
| * | flake8 it | Alex Gaynor | 2015-09-26 | 1 | -6/+4 |
| | | |||||
| * | Convert asserts in bindings as well | Alex Gaynor | 2015-09-26 | 2 | -36/+49 |
| | | |||||
| * | converted a few more asserts | Alex Gaynor | 2015-09-26 | 3 | -3/+3 |
| | | |||||
| * | move two asserts much closer to call site | Paul Kehrer | 2015-09-25 | 1 | -2/+2 |
| | | |||||
| * | convert the rest of the openssl backend to using openssl_assert | Paul Kehrer | 2015-09-25 | 8 | -87/+90 |
| | | |||||
| * | remove unnecessary check | Paul Kehrer | 2015-09-25 | 1 | -1/+0 |
| | | |||||
| * | change some asserts back since they're not openssl specific | Paul Kehrer | 2015-09-25 | 1 | -18/+19 |
| | | | | | plus bonus better exception msg | ||||
| * | start converting asserts to a function call | Paul Kehrer | 2015-09-25 | 1 | -166/+185 |
| | | | | | | This prevents situations where asserts are bypassed when running python with -O. | ||||
| * | Add X963KDF from ANSI X9.63:2001 | Simo Sorce | 2015-09-24 | 1 | -0/+70 |
| | | | | | | | | | | | The implemention allows the use a Hash function to implement a KDF very similar to ConcatKDFHash, just different enough to require a separate derivation function. Closes #2203 Signed-off-by: Simo Sorce <simo@redhat.com> | ||||
| * | should have _asn1_* utility functions in a common place | Erik Trauschke | 2015-09-24 | 2 | -73/+63 |
| | | |||||
| * | Made import order alphabetical. | Predrag Gruevski | 2015-09-23 | 1 | -1/+1 |
| | | |||||
| * | SubjectKeyIdentifier equality now uses constant-time digest comparison. | Predrag Gruevski | 2015-09-23 | 1 | -4/+2 |
| | | |||||
| * | Merge branch 'master' into add_name_to_oids | Brendan McCollam | 2015-09-07 | 5 | -11/+46 |
| |\ | |||||
| | * | Merge branch 'master' into static-linking-osx | Paul Kehrer | 2015-09-04 | 2 | -7/+6 |
| | |\ | |||||
| | | * | Resolve an unusual test bug related to initializing the bindings | Paul Kehrer | 2015-08-29 | 2 | -7/+6 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To make calls against the "SSL" parts of OpenSSL you need to call SSL_library_init. There are multiple ways this can be called: * If you're using the same OpenSSL in cryptography as you are in your Python then Python will call it for you. * If you import the openssl backend. These tests need SSL_library_init to be called. When run in our CI SSL_library_init is called because during the parametrization step the OpenSSL backend is imported (thus triggering it). However, you can also run tests directly via py.test and without this change py.test tests/hazmat/bindings/test_openssl.py would crash if you had cryptography linked against a different OpenSSL than your Python used. | ||||
| | * | | rename env var to CRYPTOGRAPHY_OSX_NO_LINK_FLAGS | Paul Kehrer | 2015-08-31 | 1 | -1/+1 |
| | | | | |||||
| | * | | no need for None | Paul Kehrer | 2015-08-29 | 1 | -1/+1 |
| | | | | |||||
| | * | | add support for static linking of the openssl backend on OS X | Paul Kehrer | 2015-08-29 | 1 | -3/+16 |
| | |/ | |||||
| | * | Removed SSL_renegotiate_abbreviated binding | kjav | 2015-08-28 | 1 | -1/+0 |
| | | | | | | | As this is not supported in OpenSSL < 1.01 | ||||
| | * | Added bindings for SSL_renegotiate_<pending/abbreviated> | kjav | 2015-08-28 | 1 | -0/+2 |
| | | | |||||
| | * | Add SSL_renegotiate binding. | Terry Chia | 2015-08-28 | 1 | -0/+1 |
| | | | |||||
| | * | add conditional removal for SET_CERT_CB | Paul Kehrer | 2015-08-25 | 1 | -1/+5 |
| | | | |||||
| | * | add set_cert_cb | Maximilian Hils | 2015-08-25 | 1 | -0/+17 |
| | | | |||||
| * | | Adds _name property to ObjectIdentifier | Brendan McCollam | 2015-09-06 | 1 | -1/+5 |
| |/ | |||||
| * | set the default stringmask to utf8 | Paul Kehrer | 2015-08-22 | 1 | -0/+6 |
| | | | | | | This corrects a problem where older OpenSSL versions don't do this by default. fixes #2291 | ||||
 |
index : cloud-email/cryptography | |
| python cryptography | James |
| aboutsummaryrefslogtreecommitdiffstats |