aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Use utf8 to encode attribute values instead of asciiIan Cordasco2015-06-241-2/+2
|
* Add tests to the CSR Builder for EC and DSA keysIan Cordasco2015-06-241-1/+12
| | | | | | This skips certain tests on certain versions of differences in how X509_REQ_sign works on those versions. A separate pull request will address those differences.
* Address review comments around add_extension methodIan Cordasco2015-06-241-2/+3
| | | | | | | | | - Fix typo in the docs (s/buidlder/builder/) - Remove default from the method declaration and docs - Replace ValueError with NotImpelementedError for unsupported X.509 extensions - Add TODO comment as requested by Alex - Fix test to pass critical=False since it no longer is a default value
* Only allow subject_name to be set once on a BuilderIan Cordasco2015-06-241-0/+2
|
* Unconditionally encode values to asciiIan Cordasco2015-06-241-5/+2
|
* Update registering pp with ffi.gcIan Cordasco2015-06-241-4/+3
| | | | | This makes it more in-line with existing functions, e.g., L40-L47 of src/cryptography/hazmat/backends/openssl/x509.py @ b0e8ffa
* Update CSR tests and implementationIan Cordasco2015-06-242-2/+3
| | | | | | | | | | - Use keyword arguments for x509.BasicConstraints in tests (missed in b790edbdc8fb9a026353d6fb99994326197705c7). - Place X509_request garbage collection under assertion. - Assert that X509 extensions created are not null. - Don't copy the extensions list in CertificateSigningBuilder. They're never appended to, so copying isn't necessary. - Use RSA key fixtures instead of generating new ones on each test run
* Address code review regarding style and gcIan Cordasco2015-06-241-12/+13
| | | | | | | | | - Use keyword arguments for x509.BasicConstraints in several places - Use SHA256 instead of SHA1 in documented examples - Give function variables meaningful names in _encode_asn1_str - Accept a x509.BasicConstraints object in _encode_basic_constraints - Properly garbage-collect some things - Raise a NotImplementedError instead of a ValueError
* Removes set_ prefix on CSR builder method.Andre Caron2015-06-241-1/+1
|
* Changes builder extension API.Andre Caron2015-06-241-3/+5
|
* Removes CSR builder version setter.Andre Caron2015-06-242-17/+4
|
* Fixes memory leak,Andre Caron2015-06-241-0/+6
|
* Extends supported range for integer conversion,Andre Caron2015-06-241-2/+9
|
* Fixes docstring typo.Andre Caron2015-06-241-1/+1
|
* Adds method chaining to CSR builder.Andre Caron2015-06-241-6/+12
|
* Removes OID to txt to OID conversion.Andre Caron2015-06-241-10/+3
|
* Cleans up some GC semantics.Andre Caron2015-06-241-3/+16
|
* Renames sign_509_request to create_x509_csr.Andre Caron2015-06-244-2/+17
|
* Fixes memory allocation.Andre Caron2015-06-241-12/+4
|
* Adds CSR builder.Andre Caron2015-06-242-1/+187
|
* Added teh OID for ECDSA with SHA1.Alex Gaynor2015-06-231-0/+3
| | | | In practice this is rare because the BR requires ECDSA signatures to use SHA256+ (or maybe the requirements for SHA256 just came at the same time as ECDSA, idk)
* fix ec_cdata_to_evp_pkey bugPaul Kehrer2015-06-221-0/+1
| | | | | | We weren't actually returning the object and the tests weren't catching it because we didn't try to use the evp_pkey property in the tests. The added test confirms it actually works.
* remove unused importAlex Gaynor2015-06-221-1/+0
|
* Remove our workarounds for pyasn.1 bugs, a new pyasn.1 is out!Alex Gaynor2015-06-221-5/+0
|
* add name constraints and general subtree struct and macro stack defsPaul Kehrer2015-06-211-0/+25
|
* add eq/ne support to NameConstraintsPaul Kehrer2015-06-211-0/+12
|
* add nameconstraints classesPaul Kehrer2015-06-211-0/+52
|
* Merge pull request #2036 from major/masterAlex Gaynor2015-06-211-0/+3
|\ | | | | Added a repr() method to x509._Certificate
| * Added a repr() method to x509._CertificateMajor Hayden2015-06-211-0/+3
| |
* | Merge pull request #2034 from reaperhulk/windows-flagsAlex Gaynor2015-06-204-8/+20
|\ \ | | | | | | enable ASLR and NX on windows builds (affects 2.x only)
| * | enable ASLR and NX on windows builds (affects 2.x only)Paul Kehrer2015-06-204-8/+20
| | |
* | | Add additional CRL bindingsStephen Holsapple2015-06-201-7/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I sorted the X50_CRL bindings and added two additional bindings: 1. X509_CRL_set_version 2. X509_CRL_sort These two functions are required to make CRL useful in pyOpenSSL re: https://github.com/pyca/pyopenssl/issues/256
* | | Refs #1947 -- add support for IAN to the OpenSSL backendAlex Gaynor2015-06-201-2/+15
| | |
* | | evp_pkey in openssl asymmetric key constructorsPaul Kehrer2015-06-204-76/+75
|/ /
* | Merge pull request #2046 from Ayrx/style-nitsAlex Gaynor2015-06-193-12/+12
|\ \ | | | | | | Change ' to ".
| * | Change ' to ".Terry Chia2015-06-193-12/+12
| | |
* | | inhibit any policy extension support for the openssl backendPaul Kehrer2015-06-171-0/+13
|/ /
* | Merge pull request #2038 from sholsapp/add-x509store-functionsAlex Gaynor2015-06-171-1/+5
|\ \ | | | | | | Add additional X509_STORE functions
| * | Add additional X509_STORE functionsStephen Holsapple2015-06-171-1/+5
| |/ | | | | | | | | | | | | I'm working on https://github.com/pyca/pyopenssl/issues/256 and can't seem to get the X509_STORE_CTX objects to be able to find a CRL. I suspect it is because I'm not adding the CRL to the underlying X509_STORE object, so I'd like to add them.
* / support OCSPNoCheck in the OpenSSL backendPaul Kehrer2015-06-171-0/+2
|/
* Enforce text type of NameAttribute.valueIan Cordasco2015-06-161-0/+5
|
* Merge pull request #2017 from reaperhulk/issuer-alternative-nameAlex Gaynor2015-06-131-0/+26
|\ | | | | issuer alternative name support
| * issuer alternative name supportPaul Kehrer2015-06-071-0/+26
| |
* | Add ConcatKDF from NIST SP 800-56ASimo Sorce2015-06-121-0/+125
| | | | | | | | | | | | | | | | | | The implemention allows the use an HMAC function as per Revision 2 of the document. Conformance of the formatting of the OtherInfo argument is responsability of the calling application. Signed-off-by: Simo Sorce <simo@redhat.com>
* | convert to cffi 1.0 precompile systemPaul Kehrer2015-06-0760-245/+212
|/
* don't double free DSA cdata when verifying thingsPaul Kehrer2015-06-061-4/+1
|
* Merge pull request #1965 from reaperhulk/more-client-bindingsAlex Gaynor2015-06-041-0/+24
|\ | | | | Add more client cert related bindings
| * SSL_CTX_set_client_cert_engine was added in 0.9.8iPaul Kehrer2015-06-021-2/+14
| |
| * add some client cert bindingsPaul Kehrer2015-05-191-0/+12
| |
* | Merge pull request #1990 from tonyseek/key-uriPaul Kehrer2015-06-033-0/+42
|\ \ | | | | | | Add "get_provisioning_uri" utility for HOTP/TOTP.
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-19 14:53:30 +0000