Paul Kehrer
c18d056738
38.0.4 changelog and version bump ( #7854 )
2022-11-27 13:48:24 -05:00
Paul Kehrer
61e9d6a41e
backport #7833 ( #7853 )
...
* Update invalid EC key test for compatibility with upcoming OpenSSL changes (#7833 )
One of the tests checking behavior with invalid EC keys hardcoded the
error reason.
This commit replaces the string matching with a regex to match both the
current string and a new reason, introduced by upcoming OpenSSL
changes [0], which would otherwise trigger a false positive failure.
[0]: https://github.com/openssl/openssl/pull/19681
* fix CI
* fixes #7653 -- handle OPENSSL_cleanup existing on LibreSSL 3.6.0 (#7654 )
* kill CI cache
* endless CI fixing
Co-authored-by: Nicola Tuveri <nic.tuv@gmail.com>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
2022-11-27 18:14:27 +00:00
Alex Gaynor
7d9c6c3d6a
Bump for 38.0.3 release ( #7761 )
2022-11-02 05:01:29 +08:00
Alex Gaynor
39f8011568
attempt to workaround downstream package testing situation ( #7725 ) ( #7757 )
...
* attempt to workaround downstream package testing situation (#7725 )
* attempt to workaround downstream package testing situation
* Downgrade OpenSSL (in prep for bumping it shortly)
2022-11-02 03:39:16 +08:00
Alex Gaynor
5b12ac8fb7
Use PyPy binaries from manylinux image instead of our own ( #7678 ) ( #7693 )
2022-10-11 18:34:06 +00:00
Paul Kehrer
277ee0d58c
38.0.2 release ( #7691 )
...
* upgrade openssl in CI and patch around 3.0.6 bug
* changelog and version bump for 38.0.2
2022-10-11 13:50:52 -04:00
Paul Kehrer
ce119b8e72
version properly in the changelog ( #7578 )
2022-09-07 20:40:05 +00:00
Paul Kehrer
3ff52182ba
Backport tlv fix, 38.0.1 bump ( #7576 )
...
* fix parsing for CRLs with TLVs > 65535 bytes (#7575 )
* add CRL test vector with 9,999 revoked items
* bump rust-asn1
* add large CRL test
this tests CRLs larger than 65535 bytes in size. rust-asn1 supports up
to 4GiB TLVs now, but we'll avoid putting a test vector that big for now
* changelog and 38.0.1 bump
2022-09-07 08:19:50 -04:00
Paul Kehrer
52d6f1a491
version bump for 38 release ( #7567 )
2022-09-06 23:36:08 +00:00
Alex Gaynor
8c687e63aa
Bump rust-asn1 to 0.12.1 ( #7564 )
2022-09-05 23:15:41 +00:00
Alex Gaynor
aca4b10dce
Bump rust-asn1 to 0.12.0 ( #7563 )
2022-09-06 06:45:21 +08:00
Paul Kehrer
1742975367
support setting more PKCS12 serialization encryption options ( #7560 )
...
* support setting more PKCS12 serialization encryption options
This is limited support, but makes it possible to set two different PBES
choices as well as set KDF rounds and MAC algorithm
* Apply suggestions from code review
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* review feedback redux
* Update docs/hazmat/primitives/asymmetric/serialization.rst
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
2022-09-05 12:25:19 +00:00
dependabot[bot]
abb1f5432e
Bump once_cell from 1.13.1 to 1.14.0 in /src/rust ( #7559 )
...
Bumps [once_cell](https://github.com/matklad/once_cell ) from 1.13.1 to 1.14.0.
- [Release notes](https://github.com/matklad/once_cell/releases )
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md )
- [Commits](https://github.com/matklad/once_cell/compare/v1.13.1...v1.14.0 )
---
updated-dependencies:
- dependency-name: once_cell
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-02 12:20:21 +00:00
pyca-boringbot[bot]
01a0e3bbe3
Bump BoringSSL version to 8462a367bb57e9524c3d8eca9c62733c63a63cf4 ( #7558 )
...
Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com>
2022-09-01 20:27:17 -04:00
dependabot[bot]
35a965f2de
Bump ouroboros from 0.15.3 to 0.15.4 in /src/rust ( #7557 )
...
Bumps [ouroboros](https://github.com/joshua-maros/ouroboros ) from 0.15.3 to 0.15.4.
- [Release notes](https://github.com/joshua-maros/ouroboros/releases )
- [Commits](https://github.com/joshua-maros/ouroboros/commits )
---
updated-dependencies:
- dependency-name: ouroboros
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-01 12:29:40 +00:00
pyca-boringbot[bot]
9a208e18d7
Bump BoringSSL version to 19009c51bff0706362e824f66a0b189326a1c27d ( #7555 )
...
Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com>
2022-09-01 00:24:59 +00:00
dependabot[bot]
b342224d9e
Bump iana-time-zone from 0.1.46 to 0.1.47 in /src/rust ( #7552 )
...
Bumps [iana-time-zone](https://github.com/strawlab/iana-time-zone ) from 0.1.46 to 0.1.47.
- [Release notes](https://github.com/strawlab/iana-time-zone/releases )
- [Changelog](https://github.com/strawlab/iana-time-zone/blob/main/CHANGELOG.md )
- [Commits](https://github.com/strawlab/iana-time-zone/compare/v0.1.46...v0.1.47 )
---
updated-dependencies:
- dependency-name: iana-time-zone
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-31 22:45:14 +00:00
Alex Gaynor
edd1e69599
attempt to fix josepy tests by pinning poetry ( #7553 )
...
* attempt to fix josepy tests for new poetry release
* pin to older poetry
2022-09-01 06:14:27 +08:00
Alex Gaynor
f9cf1cff62
Add a benchmark of loading a certificate ( #7551 )
2022-08-31 02:04:12 +00:00
pyca-boringbot[bot]
69faea57cd
Bump BoringSSL version to 10fef972e47d1621b76af959733802167b8d4075 ( #7550 )
...
Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com>
2022-08-31 00:30:55 +00:00
dependabot[bot]
b23eda205e
Bump android_system_properties from 0.1.4 to 0.1.5 in /src/rust ( #7548 )
...
Bumps [android_system_properties](https://github.com/nical/android_system_properties ) from 0.1.4 to 0.1.5.
- [Release notes](https://github.com/nical/android_system_properties/releases )
- [Commits](https://github.com/nical/android_system_properties/commits )
---
updated-dependencies:
- dependency-name: android_system_properties
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-30 12:27:17 +00:00
pyca-boringbot[bot]
89ea71aa26
Bump BoringSSL version to ee477d433e0297dcdd4e51139fcbd0700cf794df ( #7547 )
...
Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com>
2022-08-30 00:35:24 +00:00
dependabot[bot]
4acd9303ac
Bump lock_api from 0.4.7 to 0.4.8 in /src/rust ( #7546 )
...
Bumps [lock_api](https://github.com/Amanieu/parking_lot ) from 0.4.7 to 0.4.8.
- [Release notes](https://github.com/Amanieu/parking_lot/releases )
- [Changelog](https://github.com/Amanieu/parking_lot/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Amanieu/parking_lot/compare/lock_api-0.4.7...lock_api-0.4.8 )
---
updated-dependencies:
- dependency-name: lock_api
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-28 16:51:00 +00:00
pyca-boringbot[bot]
7d78b94999
Bump BoringSSL version to 779f7d0840a8bac4a0e10f2df4b08cd42df35592 ( #7543 )
...
Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com>
2022-08-27 09:08:42 +08:00
Paul Kehrer
2bb6785aef
add AES128/AES256 classes ( #7542 )
...
These let developers be more explicit about the allowable key lengths
for an AES key and make auditing the codebase a bit easier.
But that's not really why we're adding them. In some upcoming
serialization features we need to be able to specify AES 128 vs AES 256
and the current class doesn't work for that since it computes key
length from the key you provide it when instantiating the class.
That's incompatible with serialization where the key is derived
later in the process. C'est la vie.
2022-08-26 00:19:12 -04:00
pyca-boringbot[bot]
041e69dc8a
Bump BoringSSL version to ebd8b8965c74ab06bb91f7a00b23822e1f1f26ca ( #7541 )
...
Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com>
2022-08-26 00:33:52 +00:00
Alex Gaynor
9ecd03649d
Test with RHEL8's py38 as well ( #7539 )
2022-08-25 08:48:15 +08:00
pyca-boringbot[bot]
83bd331153
Bump BoringSSL version to b2d3c10cdc8fb642a842db2c6061743b4604b0b5 ( #7540 )
...
Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com>
2022-08-24 20:34:29 -04:00
Alex Gaynor
4ed223e06e
attempt to run all twisted tests ( #7533 )
...
* attempt to run all twisted tests
* try with glyph's branch
* Update twisted.sh
2022-08-24 03:02:02 +00:00
dependabot[bot]
ae20ce60d0
Bump ouroboros from 0.15.2 to 0.15.3 in /src/rust ( #7536 )
...
Bumps [ouroboros](https://github.com/joshua-maros/ouroboros ) from 0.15.2 to 0.15.3.
- [Release notes](https://github.com/joshua-maros/ouroboros/releases )
- [Commits](https://github.com/joshua-maros/ouroboros/commits/0.15.3 )
---
updated-dependencies:
- dependency-name: ouroboros
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-23 12:32:05 +00:00
Alex Gaynor
4ed8ed1ac7
Revert "restore some bindings for older pyopenssl temporarily ( #7136 )" ( #7532 )
...
* Revert "restore some bindings for older pyopenssl temporarily (#7136 )"
This reverts commit be4c22256e
2022-08-23 13:12:00 +08:00
dependabot[bot]
a07e0d8a9c
Bump actions/cache from 3.0.7 to 3.0.8 ( #7535 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.0.7 to 3.0.8.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v3.0.7...v3.0.8 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-22 12:19:44 +00:00
Alex Gaynor
bfd88da7f2
PoC for making key serialization more configurable ( #7520 )
2022-08-22 11:22:01 +08:00
Alex Gaynor
ceaf549de1
added a comment to ci.yml ( #7534 )
2022-08-22 05:40:58 +08:00
Alex Gaynor
4fe495547f
Remove nanoseconds from datetime in OCSP ( #7530 )
...
DER doesn't actually serialize them, and rust-asn1 may reject them
2022-08-19 17:09:53 -05:00
dependabot[bot]
9443f68813
Bump iana-time-zone from 0.1.45 to 0.1.46 in /src/rust ( #7529 )
...
Bumps [iana-time-zone](https://github.com/strawlab/iana-time-zone ) from 0.1.45 to 0.1.46.
- [Release notes](https://github.com/strawlab/iana-time-zone/releases )
- [Changelog](https://github.com/strawlab/iana-time-zone/blob/main/CHANGELOG.md )
- [Commits](https://github.com/strawlab/iana-time-zone/compare/v0.1.45...v0.1.46 )
---
updated-dependencies:
- dependency-name: iana-time-zone
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-19 12:33:45 +00:00
dependabot[bot]
0e537fd3fc
Bump peter-evans/create-pull-request from 4.1.0 to 4.1.1 ( #7526 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](20dac2ed48...18f90432be
2022-08-19 08:23:48 -04:00
dependabot[bot]
1eef248944
Bump tibdex/github-app-token from 1.5.2 to 1.6 ( #7527 )
...
Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token ) from 1.5.2 to 1.6.
- [Release notes](https://github.com/tibdex/github-app-token/releases )
- [Commits](586e1a624d...f717b5ecd4
2022-08-19 12:22:57 +00:00
dependabot[bot]
9f73b0c229
Bump once_cell from 1.13.0 to 1.13.1 in /src/rust ( #7524 )
...
Bumps [once_cell](https://github.com/matklad/once_cell ) from 1.13.0 to 1.13.1.
- [Release notes](https://github.com/matklad/once_cell/releases )
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md )
- [Commits](https://github.com/matklad/once_cell/compare/v1.13.0...v1.13.1 )
---
updated-dependencies:
- dependency-name: once_cell
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-17 12:32:48 +00:00
dependabot[bot]
7a4bfea555
Bump libc from 0.2.131 to 0.2.132 in /src/rust ( #7523 )
...
Bumps [libc](https://github.com/rust-lang/libc ) from 0.2.131 to 0.2.132.
- [Release notes](https://github.com/rust-lang/libc/releases )
- [Commits](https://github.com/rust-lang/libc/compare/0.2.131...0.2.132 )
---
updated-dependencies:
- dependency-name: libc
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-17 12:28:05 +00:00
dependabot[bot]
b51ff50c6b
Bump peter-evans/create-pull-request from 4.0.4 to 4.1.0 ( #7522 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 4.0.4 to 4.1.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](923ad837f1...20dac2ed48
2022-08-17 12:20:04 +00:00
Paul Kehrer
0b65de2531
small changelog style fix ( #7519 )
2022-08-16 17:05:49 -04:00
Alexandre Machado
2adfeb5684
Fix issue #7513 - parsing of RFC4514 strings should reverse the order of RDNs ( #7514 )
...
* Fix issue #7513 - parsing of RFC4514 strings should reverse the order of RDNs
* Solving code formating issues
* Adding comment justifing the reversal of rdns on the RFC4514 parser
* Comment changes on CHANGELOG.rst
* fixing a typo on method link at CHANGELOG.rst
* Removing reference to protected class _RFC4514NameParser from CHANGELOG.rst
Co-authored-by: Alexandre Machado <alexandre@softnex.com.br>
2022-08-16 14:57:20 -05:00
Jean Paul Galea
2477a09405
docs: add missing backquote ( #7517 )
2022-08-16 12:09:03 -05:00
dependabot[bot]
953c99f96b
Bump iana-time-zone from 0.1.44 to 0.1.45 in /src/rust ( #7516 )
...
Bumps [iana-time-zone](https://github.com/strawlab/iana-time-zone ) from 0.1.44 to 0.1.45.
- [Release notes](https://github.com/strawlab/iana-time-zone/releases )
- [Changelog](https://github.com/strawlab/iana-time-zone/blob/main/CHANGELOG.md )
- [Commits](https://github.com/strawlab/iana-time-zone/compare/0.1.44...v0.1.45 )
---
updated-dependencies:
- dependency-name: iana-time-zone
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-16 12:21:08 +00:00
pyca-boringbot[bot]
03233c6a6f
Bump BoringSSL version to a6d321b11fa80496b7c8ae6405468c212d4f5c87 ( #7515 )
...
Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com>
2022-08-16 00:26:52 +00:00
Alex Gaynor
83fdf55854
Run wheel-builder on PRs when key packaging files change ( #7512 )
2022-08-15 15:06:39 +00:00
anthony sottile
59f60154d6
remove ext_package so top_level.txt is accurate in wheel metadata ( #7511 )
2022-08-15 10:44:13 -04:00
Alex Gaynor
7a4c612b02
use the correct way of detecting backend feature ( #7509 )
2022-08-15 13:39:59 +00:00
Weizheng Xu
f28049912c
try EVP_CIPHER_fetch due to EVP_get_cipherbyname is deprecated in GetCipherByName ( #7503 )
2022-08-15 08:18:27 -05:00
