delta/python-packages/cryptography.git/src, branch azure-pipelines github.com: pyca/cryptography.git OCSP request extension parsing (#4464) 2018-09-10T02:57:21+00:00 Paul Kehrer paul.l.kehrer@gmail.com 2018-09-10T02:57:21+00:00 09403100de2f6f1cdd0d484dcb8e620f1c335c8f * add OCSP request parsing support with OCSPNonce * add docs * reprs man * make extensions a cached property 
* add OCSP request parsing support with OCSPNonce

* add docs

* reprs man

* make extensions a cached property
refactor asn1_time_set to be useful in a future PR (#4465) 2018-09-09T23:07:11+00:00 Paul Kehrer paul.l.kehrer@gmail.com 2018-09-09T23:07:11+00:00 15827f1fcb7459aac7dbe43c373a826f69a09c0c 






Add flags to error on compile with incompatible pointer type  (#4455)
2018-09-06T02:44:29+00:00

Paul Kehrer
paul.l.kehrer@gmail.com

2018-09-06T02:44:29+00:00

f88aea5d8b9452677bd23a9bba917b900cd634c0

* try something a bit different.

* newer compiler plz

* permute

* fix some warnings

* fix getters on OpenSSL < 1.1.0

* this is getting involved

* given our compiler flags we can't have SSL_CTX_set_cookie_verify_cb





* try something a bit different.

* newer compiler plz

* permute

* fix some warnings

* fix getters on OpenSSL < 1.1.0

* this is getting involved

* given our compiler flags we can't have SSL_CTX_set_cookie_verify_cb







don't sort the serial numbers in a parsed CRL (#4457)
2018-09-04T20:29:34+00:00

Paul Kehrer
paul.l.kehrer@gmail.com

2018-09-04T20:29:34+00:00

18d49d0c6cd117e82934f65e641c1d830edd20df

* don't sort the serial numbers in a parsed CRL

OpenSSL sorts them in place and this breaks the signature and more.
fixes #4456

* cache the sorted CRL (but create it lazily)

* use the cache decorator





* don't sort the serial numbers in a parsed CRL

OpenSSL sorts them in place and this breaks the signature and more.
fixes #4456

* cache the sorted CRL (but create it lazily)

* use the cache decorator







OCSP bindings (#4449)
2018-09-01T18:53:12+00:00

Paul Kehrer
paul.l.kehrer@gmail.com

2018-09-01T18:53:12+00:00

b41903740723d90be152a8a8e2a161b5c0110122

* add many OCSP bindings

Much of OCSP was opaqued in 1.1.0 so this also adds a bunch of getters
for older OpenSSL. However, 1.1.0 itself made it impossible to access
certain fields in the opaque struct, so we're forced to de-opaque them
for 1.1.0 through 1.1.0i as well as 1.1.1-pre1 through 1.1.1-pre9. There
is a patch (openssl/openssl#7082) that fixes this and should be in
1.1.0j and 1.1.1-pre10 (or 1.1.1 final, whichever they choose to issue)

* backslashes are sometimes useful

* comments





* add many OCSP bindings

Much of OCSP was opaqued in 1.1.0 so this also adds a bunch of getters
for older OpenSSL. However, 1.1.0 itself made it impossible to access
certain fields in the opaque struct, so we're forced to de-opaque them
for 1.1.0 through 1.1.0i as well as 1.1.1-pre1 through 1.1.1-pre9. There
is a patch (openssl/openssl#7082) that fixes this and should be in
1.1.0j and 1.1.1-pre10 (or 1.1.1 final, whichever they choose to issue)

* backslashes are sometimes useful

* comments







small refactor of OCSP request parsing (#4447)
2018-09-01T15:28:18+00:00

Paul Kehrer
paul.l.kehrer@gmail.com

2018-09-01T15:28:18+00:00

8cf490e8ff3307a5b9ce46fc876a6ead482c1a3f

This allows us to reuse these functions in the OCSPResponse object in
the future




This allows us to reuse these functions in the OCSPResponse object in
the future






Fixes #4333 -- added support for precert poison extension (#4442)
2018-08-31T23:25:52+00:00

Alex Gaynor
alex.gaynor@gmail.com

2018-08-31T23:25:52+00:00

dd6b78be80e9b31e07a9ef695aaa902ef042dcfd

* Fixes #4333 -- added support for precert poison extension

* Make work on all OpenSSL versions

* fixed flake8 + docs

* fix for older OpenSSLs

* document this

* spell





* Fixes #4333 -- added support for precert poison extension

* Make work on all OpenSSL versions

* fixed flake8 + docs

* fix for older OpenSSLs

* document this

* spell







Simplify OCSP no check serialization (#4444)
2018-08-31T22:43:39+00:00

Alex Gaynor
alex.gaynor@gmail.com

2018-08-31T22:43:39+00:00

abfd57240cc7f0004eb513520d612dafe282dd16












OCSP response abstract base classes (#4431)
2018-08-31T21:52:00+00:00

Paul Kehrer
paul.l.kehrer@gmail.com

2018-08-31T21:52:00+00:00

c4cd5ba933d26a2602295d3de95d50585523594c

* ocsp response abc

* collapse SingleReponse into OCSPResponse now that we only support one

* split responder_id into two properties, add tbs_response_bytes

* typo

* rename one method and add a mapping we'll need shortly





* ocsp response abc

* collapse SingleReponse into OCSPResponse now that we only support one

* split responder_id into two properties, add tbs_response_bytes

* typo

* rename one method and add a mapping we'll need shortly







refactor ocsp request parsing and generation to support only one cert (#4439)
2018-08-31T14:47:56+00:00

Paul Kehrer
paul.l.kehrer@gmail.com

2018-08-31T14:47:56+00:00

0f629bbdbb7ff595bffe43209490cc2647763fd3

* refactor ocsp request parsing and generation to support only one cert

* small doc change

* notimplementederror





* refactor ocsp request parsing and generation to support only one cert

* small doc change

* notimplementederror