summaryrefslogtreecommitdiff
path: root/docs/x509
Commit message (Collapse)AuthorAgeFilesLines
* support attributes on csrs with an iterable (#6603)Paul Kehrer2021-11-141-9/+46
|
* Allow to serialize extension values as DER bytes strings (#6346)Felix Fontein2021-11-121-0/+8
| | | | | * Allow to serialize extension values as DER bytes string. * Prepare test for SignedCertificateTimestamps.
* allow x25519/x448 public keys in certificatebuilder (#6562)Paul Kehrer2021-11-071-4/+8
| | | | also document that we can return these key types in a certificate, although they can't be self-signed of course
* deprecate backend part 4 of n (#6522)Paul Kehrer2021-11-021-60/+12
|
* Allow custom attribute shortnames in rfc4514_string (#6490)Marti Raudsepp2021-11-011-5/+53
| | | | | | | | | | | | | `rfc4514_string()` and related methods now have an optional `attr_name_overrides` parameter to supply custom OID to name mappings, which can be used to match vendor-specific extensions. **BACKWARDS INCOMPATIBLE:** Reverted the nonstandard formatting of email address fields as `E` in `rfc4514_string()` methods from version 35.0. The previous behavior can be restored with: `name.rfc4514_string({NameOID.EMAIL_ADDRESS: "E"})` Expanded documentation of `Name.rfc4514_string`.
* add two additional DSA signature algorithm oids & test dsa_with_sha224 (#6483)Paul Kehrer2021-10-261-0/+14
|
* Migrate CRL implementation to Rust (#6276)Alex Gaynor2021-09-201-1/+1
| | | (Lots of commits that got squashed)
* add more eku oids (#6271)Paul Kehrer2021-09-121-0/+17
| | | | | | | * add more eku oids fixes #5892 * kerberos is a word in our world
* Remove straddling jargon "text". (#6067)Benjamin Peterson2021-05-251-13/+12
|
* Add x509.Name.rfc4514_attribute_name (#5969)Maximilian Hils2021-04-131-0/+9
| | | | | | | * add x509.Name.rfc4514_attribute_name * tests++, docs++ * lint++
* update ocsp docs to use sha256 (#5880)Paul Kehrer2021-02-281-6/+12
| | | rfc 6960 suggests it and we want our docs to be best practice
* Strict typehints for extensions and OIDs (#5870)Mathias Ertl2021-02-271-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | * add typehint for name * strictly type ObjectIdentifier * explicit reexport for mypy * type (most) of extensions.py * minor cleanup * more consistently return None in constructors * revert explicit reexport, as requested * use _make_sequence_methods for now (#5870) * mark oid as normal type-hinted property so that classes can access it * fix spelling (upper case) use short form for reference * annotate as ClassVar * add type ignore for special extension class
* simplify docs a bit (#5855)Paul Kehrer2021-02-211-3/+2
|
* Add key_identifier property to SubjectKeyIdentifier (#5849)Arnaud Durand2021-02-211-0/+9
| | | Fix #5848
* Apply type annotations to x509 ct and ocsp (#5712)Alex Gaynor2021-01-301-4/+4
|
* Apply type annotations to x509 builders (#5709)Alex Gaynor2021-01-291-6/+6
|
* update docs to not use backends (#5404)Paul Kehrer2020-08-293-42/+20
|
* x509 optional backend args (#5390)Paul Kehrer2020-08-151-22/+22
|
* remove idna support finally (#5351)Paul Kehrer2020-07-261-34/+15
| | | | | * remove idna support finally * remove unused import
* support encoding attributes via CertificateSigningRequestBuilder (#5315)Paul Kehrer2020-07-181-1/+14
| | | | | | | * support encoding attributes via CertificateSigningRequestBuilder * use a constant. now you know what 12 means! * pep8
* change KeyUsage repr to be less confusing (#5314)Paul Kehrer2020-07-181-1/+1
| | | fixes #5127
* support unstructured name x509 attributes (#5313)Paul Kehrer2020-07-181-0/+10
|
* switch to a newer CSR with SHA256 and a challenge password (#5303)Paul Kehrer2020-07-051-20/+18
| | | we'll parse the challenge password in a doctest after another PR lands
* support x509 request challenge password parsing (#4944)Paul Kehrer2020-07-051-0/+32
| | | | | | | | | | | | | * support x509 request challenge password parsing * switch to a more generic (but not too generic) attribute parsing * make it raise a valueerror * Update tests/x509/test_x509.py Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com> Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* Support parsing SCTs in OCSPResponse (#5298)Paul Kehrer2020-07-051-0/+33
| | | | | | | | | * Support parsing SCTs in OCSPResponse * s/typically/only and pep8 * remove unused vector Co-authored-by: Szilárd Pfeiffer <szilard.pfeiffer@balasys.hu>
* add SubjectInformationAccess extension support (#5295)Paul Kehrer2020-07-021-3/+52
| | | | | * add SubjectInformationAccess extension support * fixes
* Removed deprecated behavior in AKI.from_issuer_subject_key_identifier (#5182)Alex Gaynor2020-04-051-2/+2
|
* Parse single_extensions in OCSP responses (#5059)Paul Kehrer2019-11-111-0/+8
| | | | | | | | | | | | * add single_extensions to OCSPResponse (#4753) * new vector, updateed docs, more stringent parser, changelog, etc * simplify PR (no SCT for now) * add a comment * finish pulling out the sct stuff so tests might actually run
* Fixes #4699 -- document that UnrecognizedExtension can be used in generation ↵Alex Gaynor2019-11-111-1/+3
| | | | (#5057)
* Fixed #4377 -- document certificate policies with an example (#5058)Alex Gaynor2019-11-111-0/+12
|
* Fix documentation of AuthorityKeyIdentifier.authority_cert_issuer. (#5001)Felix Fontein2019-10-191-1/+1
|
* Finish ed25519 and ed448 support in x509 module (#4972)Marko Kreen2019-09-092-37/+88
| | | | | | | | | | | | | | | | | | * Support ed25519 in csr/crl creation * Tests for ed25519/x509 * Support ed448 in crt/csr/crl creation * Tests for ed448/x509 * Support ed25519/ed448 in OCSPResponseBuilder * Tests for eddsa in OCSPResponseBuilder * Builder check missing in create_x509_csr * Documentation update for ed25519+ed448 in x509
* prevaricate more about anyextendedkeyusage (#4939)Paul Kehrer2019-07-061-1/+6
|
* ed25519 support in x509 certificate builder (#4937)Paul Kehrer2019-07-061-4/+21
| | | | | | | | | | * ed25519 support in x509 certificate builder This adds minimal ed25519 support. More to come. * Apply suggestions from code review Co-Authored-By: Alex Gaynor <alex.gaynor@gmail.com>
* Fix typo (#4829)Ofek Lev2019-04-021-1/+1
|
* full state or province name (#4758)itinerarium2019-02-201-2/+2
| | | | | | | CA -> California 6.3.5 of ITU-T X.520 (10/2016) provides a spelled out sample state. In other contexts, hints generally suggest the "full name" of a state or province. A spelled out state in the sample code might be more consistent with general usage.
* consistently linky RFC in the docs (#4716)Alex Gaynor2019-01-181-5/+4
| | | | | | * consistently linky RFC in the docs * oops
* add signature_hash_algorithm to OCSPResponse (#4681)Paul Kehrer2019-01-101-0/+10
| | | | | | * add signature_hash_algorithm to OCSPResponse * fix pointless asserts
* Remove spaces from RFC 4514 strings for better compliance (#4643) (#4646)Marti Raudsepp2018-12-181-3/+3
| | | | | | RFC 4514 does not explicitly allow whitespace between separators: https://tools.ietf.org/html/rfc4514 Reported-by: David Arnold <dar@xoe.solutions>
* Add RFC 4514 Distinguished Name formatting for Name, RDN and NameAttribute ↵Marti Raudsepp2018-12-081-1/+25
| | | | (#4304)
* IssuingDistributionPoint support (parse only) (#4552)Paul Kehrer2018-11-301-0/+71
| | | | | | | | | | | | | | | | | | | | | | * IssuingDistributionPoint support h/t to Irina Renteria for the initial work here * python 2 unfortunately still exists * py2 repr * typo caught by flake8 * add docs * review feedback * reorder args, other fixes * use the alex name * add changelog
* OCSP response builder (#4485)Paul Kehrer2018-10-281-0/+185
| | | | | | | | * ocsp response builder * better prose * review changes
* add IDP OID and docs (#4533)Paul Kehrer2018-10-281-0/+6
|
* simplify some language (#4495)Paul Kehrer2018-10-101-2/+7
| | | | | | | | | | | | * simplify some language * Update reference.rst * wrap * remove trailing whitespace the github web editor is bad and should feel bad
* Style nits for docs (#4494)Alex Gaynor2018-10-101-5/+5
|
* Add a tutorial explaining how to check the signature of a certificate (#4478)g_goessel2018-10-101-0/+68
|
* OCSP response serialization (#4482)Paul Kehrer2018-10-061-0/+8
| | | | | | * support OCSP response serialization * empty commit, good times
* support extensions in the OCSP request builder (#4481)Paul Kehrer2018-10-061-0/+10
| | | | | | | | | | * support extensions in the OCSP request builder * cover a missed branch * refactor to use new func * review feedback
* add OCSP basic response extension parsing (#4479)Paul Kehrer2018-10-061-0/+5
| | | | | | | | | | * add OCSP basic response extension parsing Just nonce for now. This does not support SINGLERESP extension parsing. * also raises on extensions for non-successful * empty commit
* support OCSP response parsing (#4452)Paul Kehrer2018-10-011-0/+21
| | | | | | | | | | | | * support OCSP response parsing * move the decorator to make pep8 happy * add some missing docs * review feedback * more review feedback
View Lorry Controller Status