| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| |
|
|
|
|
|
|
| |
* also check iv length for GCM nonce in AEAD
* ugh
|
| |
|
|
|
|
|
|
|
|
| |
* add chacha20poly1305 wycheproof tests
* flake8
* review
|
|
|
|
|
|
| |
* add wycheproof tests for AES CMAC
* review feedback
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Refs #3331 -- integrated wycheproof ECDSA tests
* Also handle these key loading errors
* review
* empty commit to trigger jenkins
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
* add crl.get_revoked_certificate method
* lexicographic is the best ographic
* rename
|
|
|
|
|
| |
rsa, and keywrap (#4310)
* Refs #3331 -- added initial wycheproof integration, starting with x25519 tests
|
|
|
| |
I believe this can reasonably be considered backwards compatible since other invalid inputs already lead to InvalidUnwrap, and clients shouldn't be distinguishing between these two conditions, and ValueError wasn't documented anyways.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* document one shot AEAD length restrictions
* write a test that won't consume infinity ram
continue to raise OverflowError since that's what cffi did.
* this applies to associated_data too
* remove unneeded arg
* review feedback on docs
|
| |
|
|
|
|
|
|
|
|
|
| |
* raise valueerror for null x25519 derived keys
OpenSSL errors when it hits this edge case and a null shared key is bad
anyway so let's raise an error
* empty commit
|
| |
|
|
|
|
|
|
|
|
| |
* try compiling with asm for our custom openssl
* we also need to update the cache dir
* try actually compiling it
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#4325)
* we don't actually care about the errstack here, it's an invalid signature
We previously had no cases where we could error without getting errors
on the error stack, but wycheproof contains test cases that can error
without adding anything to the stack. Accordingly, we should clear the
stack but raise InvalidSignature no matter what (rather than
InternalError if we have no error msgs)
* add a test
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Previously we encoded them as UTF-8, but as best I can tell in reality a
BMPString is fixed-width basic multilingual plane big endian encoding.
This is basically UCS-2 (aka original Unicode). However, Python doesn't
support UCS-2 encoding so we need to use utf_16_be. This means you can encode
surrogate code points that are invalid in the context of what a
BMPString is supposed to be, but in reality I strongly suspect the sane
encoding ship has sailed and dozens if not hundreds of implementations
both do this and expect other systems to handle their nonsense.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* document that an ECPublicNumbers object has some unexpected properties
It is not guaranteed to be a valid point on the curve as that is not
checked until you convert it to a PublicKey object.
* different language
* move the text, make it a warning, alter the language
* new language
|
|
|
|
| |
Duplicate attributes now raise an error instead of silently discarding
duplicates.
|
|
|
| |
We have an existence proof that the latter assertion can be triggered, and I bet the former can too.
|
|
|
| |
And not expose an unprefixed name to anyone who dlopens us.
|
| |
|
|
|
|
|
|
|
|
|
| |
* set an OPENSSL_API_COMPAT level
this helps prevent adding deprecated functions and will let us see what
we need to/can prune in the distant future when we support only 1.1.0+
* raise the api compat to 1.0.1 (which doesn't matter but is less confusing)
|
|
|
|
|
|
| |
* Make the docs clearer on why truncated tags are a bad idea
* clarify
|
| |
|
|
|
|
| |
(#4308)
|
|
|
| |
but key_size is nonsense and we'll deprecate it next
|
|
|
|
|
|
|
|
|
|
| |
So pyca/cryptography's Python classifier already claims support
of Python 3.7, but there is no testing matrix for it. This patch
adds the recently released Python 3.7 to the matrix of testing.
It requires sudo:true and xenial to pass.
Fixes Issue #4301
Signed-off-by: Eric Brown <browne@vmware.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In #4220, I switched BIO_new to take a const pointer (true in 1.1.0, but
not 1.0.2) on grounds that:
This also folds in the const bits from 1.1.0, on the assumption that,
now that the function pointer check is gone, it will just cause cffi to
generate more conservative pointer types that work for 1.0.2 as well.
But I got this backwards. If the bindings say BIO_METHOD*, cffi will
pass a BIO_METHOD* to BIO_new, which works in both OpenSSL versions. If
it says const BIO_METHOD*, cffi will pass const BIO_METHD* to BIO_new,
which does not work in 1.0.2.
(Although cryptography.io's build ignores all these warnings anyway, so
it's kind of moot.)
|
|
|
|
|
|
|
|
|
|
|
|
| |
In 2005, IETF devised a more secure padding scheme to replace PKCS #1
v1.5. To make sure that nobody can easily support or use it, they
mandated lots of complicated parameters in the certificate, unlike any
other X.509 signature scheme.
https://tools.ietf.org/html/rfc4055
`_SIG_OIDS_TO_HASH` and `Certificate.signature_hash_algorithm` cannot be
supported as-is, because the hash algorithm is defined in the signature
algorithm parameters, not by the OID itself.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* test against python 3.7 for windows
* update docs to say we test on 3.7
* more succinct
* maybe make this actually work.
* link properly
* moar changes
|
| |
|
|
|
| |
These are required by the Tribler project.
|
|
|
|
|
|
|
|
|
|
| |
* Perform an OPENSSL_cleanup before checking the heap in our memleak tests
* Make this binding conditional
* typo
* need to put this call before we reset the function ptrs
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add clearer message in Cipher when key is not bytes
* Change location of key type check to verify_key_size function
* Replace formated error message with static
* Add key type check tests to all ciphers constructors
* Change key type error message to lowercase
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
* add downstream tests for awslabs/aws-dynamodb-encryption-python
* require recent OpenSSL for awslabs/dynamodb-encryption-python downstream tests
|
|
|
| |
Their tests appear to require ALPN now, and the OpenSSL 1.0.1 that comes with the travis image doesn't have ALPN.
|
|
|
|
|
|
|
|
| |
* libre 2.7.3 compatibility
* add a changelog
* actually build against 2.7.3
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Remove defines for openssl 1.1.0 pre
* Update bio.py
* Update dh.py
* Update dsa.py
* Update rsa.py
* Update x509_vfy.py
* Compress branches
|
| |
|
| |
|
|
|
|
|
|
| |
* deprecate the constant time bytes comparison path old python 2.7.x uses
* pep8
|