summaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Bump proc-macro2 from 1.0.57 to 1.0.58 in /src/rust (#8940)dependabot[bot]2023-05-171-2/+2
| | | | | | | | | | | | | | | Bumps [proc-macro2](https://github.com/dtolnay/proc-macro2) from 1.0.57 to 1.0.58. - [Release notes](https://github.com/dtolnay/proc-macro2/releases) - [Commits](https://github.com/dtolnay/proc-macro2/compare/1.0.57...1.0.58) --- updated-dependencies: - dependency-name: proc-macro2 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* don't use a set (#8931)Paul Kehrer2023-05-161-2/+2
| | | | | | | | * don't use a set We don't need one here and it creates ordering instability when iterating over an RDN * add a test
* Bump proc-macro2 from 1.0.56 to 1.0.57 in /src/rust (#8928)dependabot[bot]2023-05-151-2/+2
| | | | | | | | | | | | | | | Bumps [proc-macro2](https://github.com/dtolnay/proc-macro2) from 1.0.56 to 1.0.57. - [Release notes](https://github.com/dtolnay/proc-macro2/releases) - [Commits](https://github.com/dtolnay/proc-macro2/compare/1.0.56...1.0.57) --- updated-dependencies: - dependency-name: proc-macro2 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Run full nox rust env in coverage jobs (#8924)Alex Gaynor2023-05-152-14/+16
| | | | | | | | | | | * Run full nox rust env in coverage jobs * Update ci.yml * Update ci.yml * fix 1.60 clippy warnings * warning name changed
* Move code to sign.rs (#8922)Alex Gaynor2023-05-152-142/+141
|
* support PSS signatures in verify_directly_issued_by (#8908)Paul Kehrer2023-05-144-248/+108
|
* refactor signature algorithm parameters into a separate function (#8921)Paul Kehrer2023-05-141-84/+104
| | | | | | | * refactor signature algorithm parameters into a separate function this will be used in the verify_directly_issued_by PR * fix coverage with more refactoring
* Use pyo3's add_function instead of add_wrapped (#8913)Alex Gaynor2023-05-1314-52/+52
| | | Turns out the docs encourage this.
* support X.509 certificate PSS signing (#8888)Paul Kehrer2023-05-109-27/+222
| | | | | | | | | | | | | * support X.509 certificate PSS signing no CSR, CRL, etc * handle PSS.(MAX_LENGTH, DIGEST_LENGTH), review feedback * name the kwarg * test improvements * skip if sha3 isn't supported
* Make Extensions contain an optional RawExtensions (#8900)Alex Gaynor2023-05-114-21/+24
| | | This matter models how x.509 represents these things, and will make it easier to make Extensions an iterator in the future
* certificate: add a `get_extension` helper (#8892)William Woodruff2023-05-1012-60/+179
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * certificate: add a `get_extension` helper Signed-off-by: William Woodruff <william@trailofbits.com> * certificate: OID by ref Signed-off-by: William Woodruff <william@trailofbits.com> * certificate: syntax Signed-off-by: William Woodruff <william@trailofbits.com> * x509, src: `check_duplicate_extensions` Signed-off-by: William Woodruff <william@trailofbits.com> * src: simplify Signed-off-by: William Woodruff <william@trailofbits.com> * src: everyone loves newtypes Signed-off-by: William Woodruff <william@trailofbits.com> * rust: refactor-o-rama Signed-off-by: William Woodruff <william@trailofbits.com> * src: look upon my works Signed-off-by: William Woodruff <william@trailofbits.com> * src: continue blasting the code Signed-off-by: William Woodruff <william@trailofbits.com> * src/rust: actually commit my changes Signed-off-by: William Woodruff <william@trailofbits.com> * src: clippage Signed-off-by: William Woodruff <william@trailofbits.com> * relocate Signed-off-by: William Woodruff <william@trailofbits.com> * src: dedupe Signed-off-by: William Woodruff <william@trailofbits.com> * src: cleanup Signed-off-by: William Woodruff <william@trailofbits.com> * clippage Signed-off-by: William Woodruff <william@trailofbits.com> * src: dedupe Signed-off-by: William Woodruff <william@trailofbits.com> * common: cleanup Signed-off-by: William Woodruff <william@trailofbits.com> * src: unused impls Signed-off-by: William Woodruff <william@trailofbits.com> * more deletion Signed-off-by: William Woodruff <william@trailofbits.com> * clippage Signed-off-by: William Woodruff <william@trailofbits.com> * extensions: add a `get_extension` test Signed-off-by: William Woodruff <william@trailofbits.com> * extensions: unused derives Signed-off-by: William Woodruff <william@trailofbits.com> * tests/x509: dup ext check for tbs_precertificate_bytes Signed-off-by: William Woodruff <william@trailofbits.com> * certificate: remove `extensions()` Signed-off-by: William Woodruff <william@trailofbits.com> * extensions: docs Signed-off-by: William Woodruff <william@trailofbits.com> * extensions: newtype Signed-off-by: William Woodruff <william@trailofbits.com> * rust: better error types, dedupe Signed-off-by: William Woodruff <william@trailofbits.com> extensions: unwrap -> expect Signed-off-by: William Woodruff <william@trailofbits.com> * Revert "rust: better error types, dedupe" This reverts commit 212b75ff2f69a3b3cfc9d6a55949f23877f8f618. --------- Signed-off-by: William Woodruff <william@trailofbits.com>
* Added a missing rerun-if stanza (#8899)Alex Gaynor2023-05-101-0/+1
|
* Bump quote from 1.0.26 to 1.0.27 in /src/rust (#8894)dependabot[bot]2023-05-091-2/+2
| | | | | | | | | | | | | | | Bumps [quote](https://github.com/dtolnay/quote) from 1.0.26 to 1.0.27. - [Release notes](https://github.com/dtolnay/quote/releases) - [Commits](https://github.com/dtolnay/quote/compare/1.0.26...1.0.27) --- updated-dependencies: - dependency-name: quote dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump libc from 0.2.143 to 0.2.144 in /src/rust (#8891)dependabot[bot]2023-05-081-2/+2
| | | | | | | | | | | | | | | Bumps [libc](https://github.com/rust-lang/libc) from 0.2.143 to 0.2.144. - [Release notes](https://github.com/rust-lang/libc/releases) - [Commits](https://github.com/rust-lang/libc/compare/0.2.143...0.2.144) --- updated-dependencies: - dependency-name: libc dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* add signature_algorithm_parameters to certificate (#8795)Paul Kehrer2023-05-074-10/+200
| | | | this allows easier verification of cert signatures, but more specifically allows PSS signature verification
* Bump asn1 from 0.15.1 to 0.15.2 in /src/rust (#8886)dependabot[bot]2023-05-073-6/+6
| | | | | | | | | | | | | | Bumps [asn1](https://github.com/alex/rust-asn1) from 0.15.1 to 0.15.2. - [Commits](https://github.com/alex/rust-asn1/compare/0.15.1...0.15.2) --- updated-dependencies: - dependency-name: asn1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* invalid visible string support (#8884)Paul Kehrer2023-05-074-2/+50
| | | | | | | | | | | | * invalid visible string support this allows utf8 in visiblestring, which is not valid DER. we raise a warning when this happens, but allow it since belgian eIDs, among others, have encoding errors. Belgium fixed this by 2021 (and possibly earlier), but their eID certificates have 10 year validity. * review comments * clippy
* Try using the default LTO (#8883)Alex Gaynor2023-05-071-1/+0
|
* Bump libc from 0.2.142 to 0.2.143 in /src/rust (#8882)dependabot[bot]2023-05-071-2/+2
| | | | | | | | | | | | | | | Bumps [libc](https://github.com/rust-lang/libc) from 0.2.142 to 0.2.143. - [Release notes](https://github.com/rust-lang/libc/releases) - [Commits](https://github.com/rust-lang/libc/compare/0.2.142...0.2.143) --- updated-dependencies: - dependency-name: libc dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Use parameters instead of oids in another place (#8880)Alex Gaynor2023-05-074-10/+13
|
* Check for sigalg by type rather than OID (#8878)Alex Gaynor2023-05-064-57/+128
|
* Use defined_by for hash AlgorithmIdentifiers (#8876)Alex Gaynor2023-05-054-49/+64
|
* Use defined_by for (EC)DSA signature AlgorithmIdentifiers (#8875)Alex Gaynor2023-05-052-24/+39
| | | Also fix a test that had an incorrect parameters for an OID. The test had deliberately been constructed to be invalid, but in a _different_ respect.
* Use defined_by for RSA signature AlgorithmIdentifiers (#8874)Alex Gaynor2023-05-052-32/+26
| | | I had hoped the parameters would just be Null (no Option<>), but a review of the RFC (3447, 4055) indicates that both should be allowed, though the WebPKI enforces greater constraints.
* Switch AlgorithmIdentifier to use rust-asn1's native defined by support (#8870)Alex Gaynor2023-05-059-78/+144
|
* Bump asn1 from 0.15.0 to 0.15.1 in /src/rust (#8871)dependabot[bot]2023-05-053-6/+6
| | | | | | | | | | | | | | Bumps [asn1](https://github.com/alex/rust-asn1) from 0.15.0 to 0.15.1. - [Commits](https://github.com/alex/rust-asn1/compare/0.15.0...0.15.1) --- updated-dependencies: - dependency-name: asn1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Fix for #8854 (#8855)Harmin Parra Rueda2023-05-031-0/+1
| | | | | | | | | | | | | | | * Fix for #8854 Fix for issue #8854 * Fix for issue #8854 Fix for issue #8854 * versionadded --------- Co-authored-by: Paul Kehrer <paul.l.kehrer@gmail.com>
* Bump pkg-config from 0.3.26 to 0.3.27 in /src/rust (#8862)dependabot[bot]2023-05-031-2/+2
| | | | | | | | | | | | | | | | Bumps [pkg-config](https://github.com/rust-lang/pkg-config-rs) from 0.3.26 to 0.3.27. - [Release notes](https://github.com/rust-lang/pkg-config-rs/releases) - [Changelog](https://github.com/rust-lang/pkg-config-rs/blob/master/CHANGELOG.md) - [Commits](https://github.com/rust-lang/pkg-config-rs/compare/0.3.26...0.3.27) --- updated-dependencies: - dependency-name: pkg-config dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Switch from check-manifest to check-sdist (#8846)Alex Gaynor2023-04-302-7/+8
| | | The latter will work with non-setuptools build backends.
* move ASN1DHParams to cryptography_x509::common (#8844)Paul Kehrer2023-04-292-9/+10
|
* Automate the version bump (#8828)Alex Gaynor2023-04-261-0/+1
|
* Remove a bunch of unused bindings (#8830)Alex Gaynor2023-04-265-65/+7
| | | Also replace one DH function with a simpler implementation
* See if we can always enable abi3 (#8823)Alex Gaynor2023-04-252-2/+2
| | | Previously it wasn't because pypy doesn't support abi3, but maybe the pyo3 feature works.
* Move is_fips logic to Rust (#8822)Alex Gaynor2023-04-256-16/+67
|
* Convert KDFs to Rust (#8787)Alex Gaynor2023-04-257-69/+99
|
* Migrate DH to Rust (#8768)Alex Gaynor2023-04-248-502/+536
|
* Bump openssl from 0.10.51 to 0.10.52 in /src/rust (#8819)dependabot[bot]2023-04-243-4/+4
| | | | | | | | | | | | | | | Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.51 to 0.10.52. - [Release notes](https://github.com/sfackler/rust-openssl/releases) - [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.51...openssl-v0.10.52) --- updated-dependencies: - dependency-name: openssl dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump target-lexicon from 0.12.6 to 0.12.7 in /src/rust (#8818)dependabot[bot]2023-04-241-2/+2
| | | | | | | | | | | | | | | Bumps [target-lexicon](https://github.com/bytecodealliance/target-lexicon) from 0.12.6 to 0.12.7. - [Release notes](https://github.com/bytecodealliance/target-lexicon/releases) - [Commits](https://github.com/bytecodealliance/target-lexicon/compare/v0.12.6...v0.12.7) --- updated-dependencies: - dependency-name: target-lexicon dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump openssl-sys from 0.9.86 to 0.9.87 in /src/rust (#8817)dependabot[bot]2023-04-243-4/+4
| | | | | | | | | | | | | | | Bumps [openssl-sys](https://github.com/sfackler/rust-openssl) from 0.9.86 to 0.9.87. - [Release notes](https://github.com/sfackler/rust-openssl/releases) - [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.86...openssl-sys-v0.9.87) --- updated-dependencies: - dependency-name: openssl-sys dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Factor out a few more extension encodings (#8814)Alex Gaynor2023-04-242-50/+59
|
* Refactor encode_extensions so that the largest extensions aren't inline (#8813)Alex Gaynor2023-04-241-207/+228
|
* move more structs into cryptography-x509 (#8810)Paul Kehrer2023-04-245-78/+83
|
* Remove clippy ignore that's no longer required (#8808)Alex Gaynor2023-04-245-13/+8
|
* Refactor build so cffi compilation is in its own crate (#8809)Alex Gaynor2023-04-247-144/+189
|
* Remove duplicative test certificate structure (#8807)Alex Gaynor2023-04-241-45/+15
|
* De-duplicate SPKI struct (#8803)Alex Gaynor2023-04-241-15/+4
|
* Remove HMAC bindings (#8801)Alex Gaynor2023-04-232-27/+0
|
* Rewrite how we cached RevokedCertificates (#8799)Alex Gaynor2023-04-231-40/+30
| | | This removes the use of non_covariant, which is a blocker for considering self_cell.
* Bump asn1 from 0.14.0 to 0.15.0 in /src/rust (#8796)dependabot[bot]2023-04-233-6/+6
| | | | | | | | | | | | | | | Bumps [asn1](https://github.com/alex/rust-asn1) from 0.14.0 to 0.15.0. - [Release notes](https://github.com/alex/rust-asn1/releases) - [Commits](https://github.com/alex/rust-asn1/compare/0.14.0...0.15.0) --- updated-dependencies: - dependency-name: asn1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump syn (#8793)Alex Gaynor2023-04-231-4/+4
| | | dependabot is not currently updating it because of: https://github.com/dependabot/dependabot-core/issues/2064
View Lorry Controller Status