Will Bond
Will Bond
At this point between the asn1crypto and other modularcrypto packages, there is a decent corpus of tests. While I likely never ran into a use case for customizing the method...
Thanks for catching this. Do you have an example file we could add as a fixture to test this with?
Pinging you @arkkors to see if you have a test file we could use for this?
It sounds like the actionable items from this are: - Create an extension of GeneralizedTime that removes fractional components - Have all usage in x509.py, ocsp.py and crl.py should use...
In general, the approach with asn1crypto and oscrypto is to not guess, or allow things to silently pass. This is because we are dealing with security, and it seems like...
> This behaviour It is especially inconvenient, when you trying to utilise asn1crypto for a kind of exploratory analysis of some certificate data, just by loading it, and calling .native...
Yes, the last time I looked (sometime back in October), it seemed pretty much all of the EC patents had finally expired. I'm fine with implementing it now. I don't...
From reading through the discussion, I think what makes sense to me is: 1. Change the `hash_algo` to `None` to adapt to the current usage of this attribute in certvalidator....
We could probably get away with not doing a 2.0 by throwing a `ValueError` if you try to get the hash_algo for Ed25519 or Ed448.
> Would we? Raising ValueError instead of returning sha512 or shake256 respectively might be considered a breaking change, too... The idea is that technically it is bug that `.hash_algo` returned...