summaryrefslogtreecommitdiff
path: root/src/rust/cryptography-x509
Commit message (Collapse)AuthorAgeFilesLines
* Run full nox rust env in coverage jobs (#8924)Alex Gaynor2023-05-151-0/+2
| | | | | | | | | | | * Run full nox rust env in coverage jobs * Update ci.yml * Update ci.yml * fix 1.60 clippy warnings * warning name changed
* support X.509 certificate PSS signing (#8888)Paul Kehrer2023-05-101-5/+13
| | | | | | | | | | | | | * support X.509 certificate PSS signing no CSR, CRL, etc * handle PSS.(MAX_LENGTH, DIGEST_LENGTH), review feedback * name the kwarg * test improvements * skip if sha3 isn't supported
* Make Extensions contain an optional RawExtensions (#8900)Alex Gaynor2023-05-112-12/+10
| | | This matter models how x.509 represents these things, and will make it easier to make Extensions an iterator in the future
* certificate: add a `get_extension` helper (#8892)William Woodruff2023-05-106-12/+112
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * certificate: add a `get_extension` helper Signed-off-by: William Woodruff <william@trailofbits.com> * certificate: OID by ref Signed-off-by: William Woodruff <william@trailofbits.com> * certificate: syntax Signed-off-by: William Woodruff <william@trailofbits.com> * x509, src: `check_duplicate_extensions` Signed-off-by: William Woodruff <william@trailofbits.com> * src: simplify Signed-off-by: William Woodruff <william@trailofbits.com> * src: everyone loves newtypes Signed-off-by: William Woodruff <william@trailofbits.com> * rust: refactor-o-rama Signed-off-by: William Woodruff <william@trailofbits.com> * src: look upon my works Signed-off-by: William Woodruff <william@trailofbits.com> * src: continue blasting the code Signed-off-by: William Woodruff <william@trailofbits.com> * src/rust: actually commit my changes Signed-off-by: William Woodruff <william@trailofbits.com> * src: clippage Signed-off-by: William Woodruff <william@trailofbits.com> * relocate Signed-off-by: William Woodruff <william@trailofbits.com> * src: dedupe Signed-off-by: William Woodruff <william@trailofbits.com> * src: cleanup Signed-off-by: William Woodruff <william@trailofbits.com> * clippage Signed-off-by: William Woodruff <william@trailofbits.com> * src: dedupe Signed-off-by: William Woodruff <william@trailofbits.com> * common: cleanup Signed-off-by: William Woodruff <william@trailofbits.com> * src: unused impls Signed-off-by: William Woodruff <william@trailofbits.com> * more deletion Signed-off-by: William Woodruff <william@trailofbits.com> * clippage Signed-off-by: William Woodruff <william@trailofbits.com> * extensions: add a `get_extension` test Signed-off-by: William Woodruff <william@trailofbits.com> * extensions: unused derives Signed-off-by: William Woodruff <william@trailofbits.com> * tests/x509: dup ext check for tbs_precertificate_bytes Signed-off-by: William Woodruff <william@trailofbits.com> * certificate: remove `extensions()` Signed-off-by: William Woodruff <william@trailofbits.com> * extensions: docs Signed-off-by: William Woodruff <william@trailofbits.com> * extensions: newtype Signed-off-by: William Woodruff <william@trailofbits.com> * rust: better error types, dedupe Signed-off-by: William Woodruff <william@trailofbits.com> extensions: unwrap -> expect Signed-off-by: William Woodruff <william@trailofbits.com> * Revert "rust: better error types, dedupe" This reverts commit 212b75ff2f69a3b3cfc9d6a55949f23877f8f618. --------- Signed-off-by: William Woodruff <william@trailofbits.com>
* add signature_algorithm_parameters to certificate (#8795)Paul Kehrer2023-05-072-1/+69
| | | | this allows easier verification of cert signatures, but more specifically allows PSS signature verification
* Bump asn1 from 0.15.1 to 0.15.2 in /src/rust (#8886)dependabot[bot]2023-05-071-1/+1
| | | | | | | | | | | | | | Bumps [asn1](https://github.com/alex/rust-asn1) from 0.15.1 to 0.15.2. - [Commits](https://github.com/alex/rust-asn1/compare/0.15.1...0.15.2) --- updated-dependencies: - dependency-name: asn1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* invalid visible string support (#8884)Paul Kehrer2023-05-072-2/+38
| | | | | | | | | | | | * invalid visible string support this allows utf8 in visiblestring, which is not valid DER. we raise a warning when this happens, but allow it since belgian eIDs, among others, have encoding errors. Belgium fixed this by 2021 (and possibly earlier), but their eID certificates have 10 year validity. * review comments * clippy
* Use parameters instead of oids in another place (#8880)Alex Gaynor2023-05-071-1/+1
|
* Use defined_by for hash AlgorithmIdentifiers (#8876)Alex Gaynor2023-05-051-0/+11
|
* Use defined_by for (EC)DSA signature AlgorithmIdentifiers (#8875)Alex Gaynor2023-05-051-0/+27
| | | Also fix a test that had an incorrect parameters for an OID. The test had deliberately been constructed to be invalid, but in a _different_ respect.
* Use defined_by for RSA signature AlgorithmIdentifiers (#8874)Alex Gaynor2023-05-051-0/+18
| | | I had hoped the parameters would just be Null (no Option<>), but a review of the RFC (3447, 4055) indicates that both should be allowed, though the WebPKI enforces greater constraints.
* Switch AlgorithmIdentifier to use rust-asn1's native defined by support (#8870)Alex Gaynor2023-05-051-2/+22
|
* Bump asn1 from 0.15.0 to 0.15.1 in /src/rust (#8871)dependabot[bot]2023-05-051-1/+1
| | | | | | | | | | | | | | Bumps [asn1](https://github.com/alex/rust-asn1) from 0.15.0 to 0.15.1. - [Commits](https://github.com/alex/rust-asn1/compare/0.15.0...0.15.1) --- updated-dependencies: - dependency-name: asn1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* move ASN1DHParams to cryptography_x509::common (#8844)Paul Kehrer2023-04-291-0/+7
|
* move more structs into cryptography-x509 (#8810)Paul Kehrer2023-04-243-0/+67
|
* Bump asn1 from 0.14.0 to 0.15.0 in /src/rust (#8796)dependabot[bot]2023-04-231-1/+1
| | | | | | | | | | | | | | | Bumps [asn1](https://github.com/alex/rust-asn1) from 0.14.0 to 0.15.0. - [Release notes](https://github.com/alex/rust-asn1/releases) - [Commits](https://github.com/alex/rust-asn1/compare/0.14.0...0.15.0) --- updated-dependencies: - dependency-name: asn1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* port OCSP responses to the new crate (#8742)Paul Kehrer2023-04-162-0/+88
|
* begin separation of x509 crate from cryptography crate (#8740)Paul Kehrer2023-04-1610-0/+742
* begin separation of x509 crate from cryptography crate this will not be a published crate for now and the separation is incomplete. * no more rawcertificate, no more re-exporting * rename RawCsr * rename rawcrl * port ocsprequest and rename * more raw renaming * switch to a workspace, rename * remove unneeded imports * add license headers, remove more unneeded imports * coverage * this should actually be possible iwth just --all * merge all the coverage files * path fix * one last guess * coverage * remove extra definition
View Lorry Controller Status