| Age | Commit message (Collapse) | Author |
|---|
|
svn path=/branches/tk274/; revision=4737
|
|
svn path=/branches/tk274/; revision=4736
|
|
In most cases there won't be old extensions to clear, but in theory
this could happen when modifying an existing request, so get it right.
svn path=/branches/tk274/; revision=4735
|
|
svn path=/branches/tk274/; revision=4734
|
|
from gcc 4.2 on MacOSX; am not entirely happy about some of the casts
required, might want to encapsulate the more common patterns in
functions to do controlled casts from one known type to another.
svn path=/branches/tk274/; revision=4733
|
|
the Asymmetric code considerably and gets us most of the way towards
being able to support ECDSA, which, in theory, we'll want for BGPSEC.
svn path=/branches/tk274/; revision=4732
|
|
svn path=/branches/tk274/; revision=4731
|
|
svn path=/branches/tk274/; revision=4730
|
|
converters. Clean up internal type names, delete a bunch of symbols
nothing uses anymore.
svn path=/branches/tk274/; revision=4729
|
|
class-based methods instead of old module functions.
svn path=/branches/tk274/; revision=4728
|
|
Fix a few cases where code incorrectly assumed that ASN.1 field values
would always be small enough to fit in a C integer type.
svn path=/branches/tk274/; revision=4727
|
|
should completely replace the old module derRead() and pemRead()
functions, since it's easier to extend and supports subclasses
properly. For now, the new and old APIs are both just wrappers around
a generic lower-level internal API.
svn path=/branches/tk274/; revision=4726
|
|
used by all the C programs.
svn path=/branches/tk274/; revision=4725
|
|
svn path=/branches/tk274/; revision=4724
|
|
svn path=/branches/tk274/; revision=4723
|
|
svn path=/branches/tk274/; revision=4722
|
|
svn path=/branches/tk274/; revision=4721
|
|
svn path=/branches/tk274/; revision=4720
|
|
svn path=/branches/tk274/; revision=4719
|
|
predeclared OID names. Add BasicConstraints handlers.
svn path=/branches/tk274/; revision=4718
|
|
to use BIOs. Other minor cleanup.
svn path=/branches/tk274/; revision=4717
|
|
svn path=/branches/tk274/; revision=4716
|
|
classes eventually, but may still need to be split into separate IPv4
and IPv6 classes or reimplemented as a subclass of PyLong. Won't know
until we try to move away from the rpki.POW.pkix ASN.1 code, and
there's more groundwork to do before we can make that jump.
svn path=/branches/tk274/; revision=4715
|
|
svn path=/branches/tk274/; revision=4714
|
|
svn path=/branches/tk274/; revision=4713
|
|
I see what the ROA code looks like.
svn path=/branches/tk274/; revision=4712
|
|
svn path=/branches/tk274/; revision=4711
|
|
svn path=/branches/tk274/; revision=4710
|
|
svn path=/branches/tk274/; revision=4709
|
|
ugly, still needs work, but appears to return correct results.
svn path=/branches/tk274/; revision=4708
|
|
vary, but general approach should work for many (most? all?) other
extensions.
svn path=/branches/tk274/; revision=4707
|
|
linking against libssl, only libcrypto. Internal documentation almost
matches current reality. A few deliberate harmless compilation
warnings to remind me of loose ends that still want cleaning up.
svn path=/branches/tk274/; revision=4706
|
|
Replaced old factory functions with proper (well, I hope they're
proper) class __new__() and __init__() methods as appropriate, whack
PyTypeObject structures to make it possible to subclass these classes,
etcetera. Doc strings for classes and methods are still horribly out
of date, but at least it all shows up properly now.
Caveat: This is a major change and has not yet been heavily tested.
It seems to work, but splitting the old factory functions into
__new__() and __init__() methods exposed some corner cases which I may
or may not have handled correctly.
svn path=/branches/tk274/; revision=4705
|
|
svn path=/branches/tk274/; revision=4704
|
|
svn path=/branches/tk274/; revision=4703
|
|
code still served was to support selection of an (optional) encryption
algorithm for new RSA private keys; since none of the two dozen
algorithms supported by that code were anything one would choose this
year, I converted the whole mess just to use AES-256-CBC as the one
supported encryption algorithm. Fix this if anything ever cares.
svn path=/branches/tk274/; revision=4702
|
|
Since we can't get rid of them yet, fix them to pass the digest length
along to OpenSSL for checking.
svn path=/branches/tk274/; revision=4701
|
|
svn path=/branches/tk274/; revision=4700
|
|
method documentation. Most of the existing method documentation needs
editing to for this to be fully useful, but it's a start.
svn path=/branches/tk274/; revision=4699
|
|
svn path=/branches/tk274/; revision=4698
|
|
svn path=/branches/tk274/; revision=4697
|
|
swacks of code which either haven't been used in RPKI for years or
have never been used in RPKI at all, and which, in either case, I'd
rather not have to maintain: SSL/TLS, MD2, RIPEMD160, HMAC. There's
almost certainly more to prune, but this was the lowest-hanging fruit.
svn path=/branches/tk274/; revision=4696
|
|
svn path=/branches/tk274/; revision=4695
|
|
rpki.x509 module.
svn path=/branches/tk274/; revision=4694
|
|
svn path=/branches/tk274/; revision=4693
|
|
svn path=/branches/tk274/; revision=4692
|
|
svn path=/branches/tk274/; revision=4691
|
|
svn path=/branches/tk274/; revision=4690
|
|
class to use POW instead of POW.pkix.
svn path=/branches/tk274/; revision=4689
|
|
RDNs, for compatability with other X.509-aware Python code that uses
this encoding. We don't really expect to see multi-value RDNs in
RPKI, nor do we fully support them yet; for the moment, the goal is
just to get to a point where we can rewrite the rpki.x509 subject and
issuer name functions to use POW rather than POW.pkix.
svn path=/branches/tk274/; revision=4688
|
