aboutsummaryrefslogtreecommitdiffstats
path: root/src/cryptography/hazmat
Commit message (Collapse)AuthorAgeFilesLines
...
* | Add sign_x509_certificate to X509Backend interfaceIan Cordasco2015-08-031-0/+6
| | | | | | | | Add note about CertificateBuilder to the changelog
* | Merge remote-tracking branch 'upstream/master' into cert-builderIan Cordasco2015-08-033-190/+234
|\ \
| * \ Merge pull request #2187 from reaperhulk/csr-decode-all-extsAlex Gaynor2015-08-011-23/+21
| |\ \ | | | | | | | | allow certificate and CSR to both parse the same set of extensions
| | * | allow certificate and CSR to both parse the same set of extensionsPaul Kehrer2015-08-011-23/+21
| | | |
| * | | Merge pull request #2186 from reaperhulk/handle-corrupt-extensionsAlex Gaynor2015-08-011-1/+7
| |\ \ \ | | | | | | | | | | Handle invalid x509 extension payloads
| | * | | corrupt -> invalidPaul Kehrer2015-08-011-1/+2
| | | | |
| | * | | check if the extension decoded to internal openssl reprPaul Kehrer2015-08-011-1/+6
| | |/ / | | | | | | | | | | | | ...and if not, raise an error (plus consume the error stack)
| * | | Merge pull request #2184 from reaperhulk/remove-more-branchesAlex Gaynor2015-08-013-10/+18
| |\ \ \ | | |/ / | |/| | Branch coverage to 100%
| | * | Remove elifs and replace with else + assertPaul Kehrer2015-08-013-10/+18
| | |/ | | | | | | | | | This is kind of ugly, but resolves many partial branch coverage issues.
| * / simplify x509 extension decodingPaul Kehrer2015-08-011-73/+28
| |/
| * openssl error codes are clearly not considered part of the api contractPaul Kehrer2015-07-251-5/+2
| |
| * extra parensPaul Kehrer2015-07-251-5/+3
| |
| * == instead of inPaul Kehrer2015-07-251-2/+2
| |
| * handle RSA key too small and consume errors on CSR signature failurePaul Kehrer2015-07-251-1/+10
| |
| * refactor general name encoding to its own functionPaul Kehrer2015-07-241-83/+88
| |
| * Support encoding ExtendedKeyUsage into certificate signing requestsPaul Kehrer2015-07-232-2/+29
| |
| * Support encoding KeyUsage into certificate signing requestsPaul Kehrer2015-07-232-0/+41
| |
| * when building a CSR adding > 1 extension would trigger a bugPaul Kehrer2015-07-231-1/+1
| | | | | | | | | | | | We were checking sk_X509_EXTENSION_push for a value == 1, but in reality it returns the number of extensions on the stack. We now assert >= 1 and added a test.
* | Add sign_x509_certificate to MultiBackendIan Cordasco2015-08-021-0/+9
| | | | | | | | Add example of CertificateBuilder to the reference documentation
* | Add _encode_asn1_int_gcIan Cordasco2015-08-011-1/+7
| | | | | | | | Ensure the certificate serial number is freed
* | Add check for an RSA Key being too smallIan Cordasco2015-08-011-1/+5
| | | | | | | | | | - Remove outdated/unnecessary/illegitimate TODOs - Fix up test for an RSA key that is too small
* | Check result of setting the serial numberIan Cordasco2015-07-241-2/+14
| | | | | | | | | | - Add checks for private key types - Add tests around new checks for types of private keys
* | Use correct exception class in openssl backendIan Cordasco2015-07-201-1/+1
| |
* | Handle SubjectAlternativeName extensions in the backendIan Cordasco2015-07-191-0/+2
| | | | | | | | They are handled in cryptography.x509 so they need to be handled here
* | Construct extensions like a CSRIan Cordasco2015-07-191-6/+9
| | | | | | | | | | | | - Use _encode_basic_constraints appropriately - Create an appropriate object from the oid dotted string - Create the X509 Extension appropriately
* | Remove unnecessary helper functionsIan Cordasco2015-07-181-17/+1
| | | | | | | | | | - Update documented methods - Do not mute the CertificateBuilder object if no version is set
* | Adds certificate builder.Andre Caron2015-07-181-0/+96
|/
* remove unused importPaul Kehrer2015-07-141-2/+0
|
* encode uriPaul Kehrer2015-07-131-2/+12
|
* Merge pull request #2137 from reaperhulk/encode-rfc822nameAlex Gaynor2015-07-121-0/+8
|\ | | | | Encode rfc822name
| * support rfc822Name general name encodingPaul Kehrer2015-07-121-0/+8
| |
* | Merge pull request #2148 from reaperhulk/fix-random-orderAlex Gaynor2015-07-121-0/+1
|\ \ | | | | | | clear the error stack if d2i_ASN1_TYPE fails
| * | clear the error stack if d2i_ASN1_TYPE failsPaul Kehrer2015-07-121-0/+1
| |/ | | | | | | The random order jenkins job found a bug!
* | Merge pull request #2147 from reaperhulk/there-are-two-partsAlex Gaynor2015-07-121-4/+3
|\ \ | | | | | | parts can't be > 2, so let's not pretend it could be
| * | parts can't be > 2, so let's not pretend it could bePaul Kehrer2015-07-121-4/+3
| | | | | | | | | | | | (famous last words)
* | | Merge pull request #2139 from alex/remove-fast-pathPaul Kehrer2015-07-121-3/+0
|\ \ \ | |_|/ |/| | Removed the fastpath from binding initialization. These aren't instantiated frequently enough for this to be worth it, and it improves our coverage.
| * | Removed the fastpath from binding initialization. These aren't instantiated ↵Alex Gaynor2015-07-121-3/+0
| | | | | | | | | | | | frequently enough for this to be worth it, and it improves our coverage.
* | | Fixed #2143 -- added __hash__ to RSA{Public,Private}NumbersAlex Gaynor2015-07-121-0/+14
| |/ |/|
* | Merge pull request #2095 from reaperhulk/nc-the-hard-part-reduxAlex Gaynor2015-07-121-5/+26
|\ \ | | | | | | name constraints - support IP addresses with netmask
| * | use helper method _asn1_string_to_bytesPaul Kehrer2015-07-121-3/+1
| | |
| * | not bytesPaul Kehrer2015-07-101-1/+1
| | |
| * | simplify and handle /32 and /128Paul Kehrer2015-07-101-3/+7
| | |
| * | name constraints - support IP addresses with netmaskPaul Kehrer2015-07-101-5/+24
| | |
* | | raise a nice error if bad ASN.1 is providedPaul Kehrer2015-07-111-1/+2
| | |
* | | support for OtherName encoding for general namesPaul Kehrer2015-07-111-0/+21
| |/ |/|
* | support IPAddress encoding for general namesPaul Kehrer2015-07-111-2/+16
| |
* | Merge pull request #2134 from reaperhulk/encode-dirnameAlex Gaynor2015-07-111-2/+16
|\ \ | |/ |/| support DirectoryName encoding for general names
| * modify _encode_name, add _encode_name_gcPaul Kehrer2015-07-111-5/+10
| |
| * support DirectoryName encoding for general namesPaul Kehrer2015-07-101-0/+9
| |
* | Merge pull request #2129 from alex/hash-csrPaul Kehrer2015-07-091-0/+3
|\ \ | |/ |/| Fixed #2127 -- added __hash__ to CSR
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-11 07:29:24 +0000