summaryrefslogtreecommitdiff
path: root/src/cryptography/x509/oid.py
Commit message (Collapse)AuthorAgeFilesLines
* Use from __future__ import annotations everywhere (#8643)Alex Gaynor2023-03-311-0/+2
|
* Switch from flake8 to ruff (#7920)Alex Gaynor2022-12-211-3/+2
| | | It's more than 60x faster.
* resolve lazy import race condition (#6272)Paul Kehrer2021-09-121-267/+13
| | | some private constants are no longer re-exported to the same spots
* add more eku oids (#6271)Paul Kehrer2021-09-121-0/+4
| | | | | | | * add more eku oids fixes #5892 * kerberos is a word in our world
* Bugfix/issue 5889 typehint get values for types (#5900)Mathias Ertl2021-03-071-0/+15
| | | | | | | | | | | | | | | | | | | | | * add type alias for IP addresses * Re-export module attributes in cryptography.x509.oid Without exporting attributes via `__all__` mypy will consider typehints of classes imported from `cryptography.x509.oid` as type Any. Example: from cryptography.x509.oid import ObjectIdentifier oid = ObjectIdentifier("1.2.3") # Any, if we do not re-export Note that while the canonical location of ObjectIdentifier is in `crytography.x509`, it is imported many times from `crytography.x509.oid` instead * add return type annotiations to constructors * overload GeneralNames.get_values_for_type * overload all implementations
* Apply type annotations to the core x509 types (#5711)Alex Gaynor2021-01-301-1/+4
|
* Remove __future__ import from our code (#5610)Alex Gaynor2020-12-091-1/+0
|
* Paint it Black by the Rolling Stones (#5324)Alex Gaynor2020-07-201-18/+7
|
* support unstructured name x509 attributes (#5313)Paul Kehrer2020-07-181-0/+3
|
* support x509 request challenge password parsing (#4944)Paul Kehrer2020-07-051-0/+5
| | | | | | | | | | | | | * support x509 request challenge password parsing * switch to a more generic (but not too generic) attribute parsing * make it raise a valueerror * Update tests/x509/test_x509.py Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com> Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* Support parsing SCTs in OCSPResponse (#5298)Paul Kehrer2020-07-051-0/+6
| | | | | | | | | * Support parsing SCTs in OCSPResponse * s/typically/only and pep8 * remove unused vector Co-authored-by: Szilárd Pfeiffer <szilard.pfeiffer@balasys.hu>
* add SubjectInformationAccess extension support (#5295)Paul Kehrer2020-07-021-0/+5
| | | | | * add SubjectInformationAccess extension support * fixes
* GOST certificates support in cryptography (#5195)Nikolay Morozov2020-05-081-0/+25
|
* Finish ed25519 and ed448 support in x509 module (#4972)Marko Kreen2019-09-091-0/+3
| | | | | | | | | | | | | | | | | | * Support ed25519 in csr/crl creation * Tests for ed25519/x509 * Support ed448 in crt/csr/crl creation * Tests for ed448/x509 * Support ed25519/ed448 in OCSPResponseBuilder * Tests for eddsa in OCSPResponseBuilder * Builder check missing in create_x509_csr * Documentation update for ed25519+ed448 in x509
* ed25519 support in x509 certificate builder (#4937)Paul Kehrer2019-07-061-1/+4
| | | | | | | | | | * ed25519 support in x509 certificate builder This adds minimal ed25519 support. More to come. * Apply suggestions from code review Co-Authored-By: Alex Gaynor <alex.gaynor@gmail.com>
* add name for ExtensionOID.PRECERT_POISON (#4853)redshiftzero2019-05-191-0/+1
| | | | | | | | * test: ensure all public members of ExtensionOID have names defined * add name for ExtensionOID.PRECERT_POISON ref: https://github.com/google/certificate-transparency/blob/5fce65cb60cfe7808afc98de23c7dd5ddbfa1509/python/ct/crypto/asn1/oid.py#L338
* move ObjectIdentifier to break an upcoming import cycle (#4550)Paul Kehrer2018-10-301-59/+1
|
* add IDP OID and docs (#4533)Paul Kehrer2018-10-281-0/+4
|
* OCSP request extension parsing (#4464)Paul Kehrer2018-09-091-0/+5
| | | | | | | | | | * add OCSP request parsing support with OCSPNonce * add docs * reprs man * make extensions a cached property
* Fixes #4333 -- added support for precert poison extension (#4442)Alex Gaynor2018-08-311-0/+3
| | | | | | | | | | | | | | * Fixes #4333 -- added support for precert poison extension * Make work on all OpenSSL versions * fixed flake8 + docs * fix for older OpenSSLs * document this * spell
* Add OID for RSASSA-PSS X.509 signature algorithm (RFC 4055) (#4294)Marti Raudsepp2018-06-291-0/+2
| | | | | | | | | | | | In 2005, IETF devised a more secure padding scheme to replace PKCS #1 v1.5. To make sure that nobody can easily support or use it, they mandated lots of complicated parameters in the certificate, unlike any other X.509 signature scheme. https://tools.ietf.org/html/rfc4055 `_SIG_OIDS_TO_HASH` and `Certificate.signature_hash_algorithm` cannot be supported as-is, because the hash algorithm is defined in the signature algorithm parameters, not by the OID itself.
* adding name so that 1.3.6.1.4.1.11129.2.4.2 is no longer and 'Unknown OID' ↵Joshua Crowgey2018-05-071-0/+3
| | | | (#4218)
* support delta crl indicator extension (#3936)Paul Kehrer2017-09-221-0/+2
| | | This is an extension for CRLs
* [WIP] add support for the TLSFeature extension in x509 (#3899)Paul Kehrer2017-09-101-0/+2
| | | | | | | | | | | | | | | | | | * add support for the TLSFeature extension in x509 This extension is used for OCSP Must-Staple. * fix changelog link * pep8 * refactor to support the sequence properly and add status_request_v2 * update some language * add test vector, implement eq/ne/hash on TLSFeature * address review comments
* Fixes #3745 -- add the any EKU EKU (#3750)Alex Gaynor2017-07-031-0/+1
| | | | | | | | | | * Fixes #3745 -- add the any EKU EKU * docs * whitespace * versionadded
* Refs #3461 -- added the OID for the SCT x.509 extension (#3464)Alex Gaynor2017-03-201-0/+3
| | | | | | * Refs #3461 -- added the OID for the SCT x.509 extension * Version added
* add a few more OIDs (#3259)Paul Kehrer2016-11-191-0/+6
| | | pulled from #3244
* Random flake8 cleanups for the latest release (#3242)Alex Gaynor2016-11-151-0/+2
|
* Turns out we shouldn't call it uniqueIdentifier (#3234)Paul Kehrer2016-11-121-2/+2
| | | http://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.tec465360.html
* add some new oids (#3233)Paul Kehrer2016-11-111-0/+4
| | | | | | * add some new oids * As Alex pointed out, it's streetAddress
* add alternate signature OID for RSA with SHA1 + test and vector (#3227)Paul Kehrer2016-11-111-0/+3
| | | | | | * add alternate signature OID for RSA with SHA1 + test and vector * mozilla is a proper noun leave me alone spellchecker
* add support for signature_algorithm_oid to cert, CSR, and CRL (#3124)Paul Kehrer2016-08-311-14/+14
| | | | | | * add support for signature_algorithm_oid to cert, CSR, and CRL * refactor _SIG_OIDS_TO_HASH to use ObjectIdentifiers and use that
* complete deprecation of CRLExtensionOID in favor of CRLEntryExtensionOIDPaul Kehrer2016-03-211-8/+0
| | | | Deprecated in 1.2, removed in 1.4 per policy.
* rename CRLExtensionOID to CRLEntryExtensionOIDPaul Kehrer2015-12-251-4/+12
|
* lowercase the first letter since that's how it's actually declaredPaul Kehrer2015-12-221-1/+1
|
* support parsing CRL extensions in the OpenSSL backendPaul Kehrer2015-12-211-0/+2
|
* Merge pull request #2534 from alex/ev-oidPaul Kehrer2015-12-191-0/+13
|\ | | | | Fixed #2531 -- added missing EV oid
| * updated the short names of oidsAlex Gaynor2015-12-191-7/+3
| |
| * added oid namesAlex Gaynor2015-12-191-0/+11
| |
| * added business category oidAlex Gaynor2015-12-191-0/+1
| |
| * too many newlinesAlex Gaynor2015-12-191-1/+0
| |
| * added two more oidsAlex Gaynor2015-12-191-0/+5
| |
| * Fixed #2531 -- added missing EV oidAlex Gaynor2015-12-191-0/+1
| |
* | TypoNick Bastin2015-12-171-1/+1
| |
* | Avoid IndexError on too-short OIDs, add test for regressionNick Bastin2015-12-171-0/+5
| |
* | OID validationNick Bastin2015-12-141-0/+24
|/
* Adds _name property to ObjectIdentifierBrendan McCollam2015-09-061-1/+5
|
* namespace the rest of the oidsPaul Kehrer2015-08-091-27/+34
|
* namespace Name OIDsPaul Kehrer2015-08-091-30/+32
|
* namespace oid signature algorithmPaul Kehrer2015-08-091-42/+44
|
View Lorry Controller Status