OpenSSL loading backend #959
Conversation
|
Test FAILed. |
|
Unscrewed my awful merge. |
|
Test FAILed. |
|
Or not... |
|
Test PASSed. |
|
Test PASSed. |
|
Test FAILed. |
|
More network failures :( |
|
this can be rebased now |
|
Rebased. |
|
|
||
| .. versionadded:: 0.4 | ||
|
|
||
| Deserialize a private key from PEM encoded data to one the supported |
|
Updated. |
|
Test FAILed. |
| password was supplied. | ||
|
|
||
| :raises UnsupportedAlgorithm: If the serialized key is of a type that | ||
| is not supported by the backend or if the |
There was a problem hiding this comment.
This can be rewrapped a bit.
|
Other than my nit I am 👍 on this. Would like another set of eyes to ensure we're all happy with the approach though. |
|
Test FAILed. |
|
I updated this last night. |
|
I think the code here looks good, and so do the docs. Not a super huge fan of the "traditional" OpenSSL term, but I can't really come up with anything better either. |
| Traditional OpenSSL Format | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
||
| The "traditional" PKCS #1 based serialization format used by OpenSSL. |
There was a problem hiding this comment.
I think it would help to be more explicit in this documentation that the name "traditional" as used here is a new invention to unambiguously refer to this serialization format. As is, it reads as if there is an alternative to the traditional format that I might be interested in.
There was a problem hiding this comment.
This isn't a new name for anything, the OpenSSL docs explicitly refer to
this as the "traditional" format quotes and all. I might be able to improve
the wording a bit though.
On 28 April 2014 20:55:50 Jean-Paul Calderone notifications@github.com wrote:
+.. hazmat::
+
+Key Serialization
+=================
+
+.. currentmodule:: cryptography.hazmat.primitives.serialization
+
+There are several common schemes for serializing asymmetric private and
public
+keys to bytes. They generally support encryption of private keys and
additional
+key metadata.
+
+
+Traditional OpenSSL Format
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The "traditional" PKCS #1 based serialization format used by OpenSSL.I think it would help to be more explicit in this documentation that the
name "traditional" as used here is a new invention to unambiguously refer
to this serialization format. As is, it reads as if there is an
alternative to the traditional format that I might be interested in.
Reply to this email directly or view it on GitHub:
https://github.com/pyca/cryptography/pull/959/files#r12064446
|
Rebased for 0.4 |
|
Test PASSed. |
|
Test PASSed. |
|
Now with DSA support. |
|
Test PASSed. |
|
Code LGTM. |
|
|
||
| return _MemoryBIO(self._ffi.gc(bio, self._lib.BIO_free), data_char_p) | ||
|
|
||
| def _evp_pkey_to_private_key(self, evp_pkey): |
There was a problem hiding this comment.
I would be happier if this had a docstring, if only to document the intent and return type.
|
Other than the docstring nitpicks I think this looks great and I'll be happy to merge it :) Thanks for working on this, @public ! |
|
Updated @lvh |
|
Test FAILed. |
|
Okay, if there are no objections I am going to merge this tomorrow. :) If you want to see changes or disagree with the naming you've got one day to speak up! |
No description provided.