-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenSSL loading backend #959
Conversation
Test FAILed. |
Unscrewed my awful merge. |
Test FAILed. |
Or not... |
Test PASSed. |
Test PASSed. |
Test FAILed. |
More network failures :( |
this can be rebased now |
Rebased. |
|
||
.. versionadded:: 0.4 | ||
|
||
Deserialize a private key from PEM encoded data to one the supported |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
to one of the supported
Updated. |
Test FAILed. |
password was supplied. | ||
|
||
:raises UnsupportedAlgorithm: If the serialized key is of a type that | ||
is not supported by the backend or if the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This can be rewrapped a bit.
Other than my nit I am 👍 on this. Would like another set of eyes to ensure we're all happy with the approach though. |
Test FAILed. |
I updated this last night. |
I think the code here looks good, and so do the docs. Not a super huge fan of the "traditional" OpenSSL term, but I can't really come up with anything better either. |
Traditional OpenSSL Format | ||
~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
||
The "traditional" PKCS #1 based serialization format used by OpenSSL. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it would help to be more explicit in this documentation that the name "traditional" as used here is a new invention to unambiguously refer to this serialization format. As is, it reads as if there is an alternative to the traditional format that I might be interested in.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This isn't a new name for anything, the OpenSSL docs explicitly refer to
this as the "traditional" format quotes and all. I might be able to improve
the wording a bit though.
On 28 April 2014 20:55:50 Jean-Paul Calderone notifications@github.com wrote:
+.. hazmat::
+
+Key Serialization
+=================
+
+.. currentmodule:: cryptography.hazmat.primitives.serialization
+
+There are several common schemes for serializing asymmetric private and
public
+keys to bytes. They generally support encryption of private keys and
additional
+key metadata.
+
+
+Traditional OpenSSL Format
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The "traditional" PKCS #1 based serialization format used by OpenSSL.I think it would help to be more explicit in this documentation that the
name "traditional" as used here is a new invention to unambiguously refer
to this serialization format. As is, it reads as if there is an
alternative to the traditional format that I might be interested in.
Reply to this email directly or view it on GitHub:
https://github.com/pyca/cryptography/pull/959/files#r12064446
Rebased for 0.4 |
Test PASSed. |
Test PASSed. |
Now with DSA support. |
Test PASSed. |
Code LGTM. |
|
||
return _MemoryBIO(self._ffi.gc(bio, self._lib.BIO_free), data_char_p) | ||
|
||
def _evp_pkey_to_private_key(self, evp_pkey): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would be happier if this had a docstring, if only to document the intent and return type.
Other than the docstring nitpicks I think this looks great and I'll be happy to merge it :) Thanks for working on this, @public ! |
Updated @lvh |
Test FAILed. |
Okay, if there are no objections I am going to merge this tomorrow. :) If you want to see changes or disagree with the naming you've got one day to speak up! |
No description provided.