aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* allow 32-bit platforms to encode certs with dates > unix epoch (#4727)Paul Kehrer2019-01-212-23/+19
| | | | | | | | | | | | | | | | | Previously we used unix timestamps, but now we are switching to using ASN1_TIME_set_string and automatically formatting the string based on the year. The rule is as follows: Per RFC 5280 (section 4.1.2.5.), the valid input time strings should be encoded with the following rules: 1. UTC: YYMMDDHHMMSSZ, if YY < 50 (20YY) --> UTC: YYMMDDHHMMSSZ 2. UTC: YYMMDDHHMMSSZ, if YY >= 50 (19YY) --> UTC: YYMMDDHHMMSSZ 3. G'd: YYYYMMDDHHMMSSZ, if YYYY >= 2050 --> G'd: YYYYMMDDHHMMSSZ 4. G'd: YYYYMMDDHHMMSSZ, if YYYY < 2050 --> UTC: YYMMDDHHMMSSZ Notably, Dates < 1950 are not valid UTCTime. At the moment we still reject dates < Jan 1, 1970 in all cases but a followup PR can fix that.
* bind EVP_R_MEMORY_LIMIT_EXCEEDED and update a test (#4726)Paul Kehrer2019-01-213-0/+22
| | | | | | | | | | | * bind EVP_R_MEMORY_LIMIT_EXCEEDED and update a test This will allow OpenSSL 1.1.1 on 32-bit (including our Windows 32-bit builders) to fail as expected. Technically this isn't a malloc error, but rather failing because the allocation requested is larger than 32-bits, but raising a MemoryError still seems appropriate * what you want an endif too?
* Updated link to PKCS#3 -- fixes #4671 (#4722)Alex Gaynor2019-01-211-1/+1
|
* update jenkinsfile to compile openssl 1.1.1 on windows (#4725)Paul Kehrer2019-01-211-1/+1
|
* See if urllib3 tests pass on xenial nowadays (#4724)Alex Gaynor2019-01-211-3/+0
|
* Apparently NIST crypto resources are essential to life and property (#4721)Alex Gaynor2019-01-201-2/+0
|
* deprecate encode_point and migrate all internal callers (#4720)Paul Kehrer2019-01-206-4/+28
|
* add support for encoding compressed points (#4638)Paul Kehrer2019-01-2010-33/+207
| | | | | | * add support for encoding compressed points * review feedback
* shake128/256 support (#4611)Paul Kehrer2019-01-198-8/+192
| | | | | | | | | | | | | | * shake128/256 support * remove block_size * doc an exception * change how we detect XOF by adding _xof attribute * interface! * review feedback
* expose the ed448 nid (#4717)Paul Kehrer2019-01-191-0/+1
| | | | we already did all the conditional binding, but forgot to actually expose it.
* consistently linky RFC in the docs (#4716)Alex Gaynor2019-01-184-9/+8
| | | | | | * consistently linky RFC in the docs * oops
* Fixed #4700 -- linkify method in changelog (#4715)Alex Gaynor2019-01-181-4/+6
| | | | | | | | | | * Fixed #4700 -- linkify method in changelog * fixed linkification * oxford comma * line length
* Bump this way up and see if it helps (#4713)Alex Gaynor2019-01-171-1/+1
|
* changelog for byteslike (#4712)Paul Kehrer2019-01-171-0/+3
| | | | | | * changelog for byteslike * bertter prose
* support byteslike in KBKDFHMAC (#4711)Paul Kehrer2019-01-173-2/+11
|
* support byteslike in ConcatKDF{HMAC,Hash}, Scrypt, and X963KDF (#4709)Paul Kehrer2019-01-178-7/+70
| | | | | | | | * byteslike concatkdf * byteslike scrypt * byteslike x963kdf
* support byteslike for OTP (#4710)Paul Kehrer2019-01-173-6/+19
|
* normalize KBKDF tests (#4708)Paul Kehrer2019-01-171-38/+37
|
* Support byteslike in HKDF and PBKDF2HMAC (#4707)Paul Kehrer2019-01-176-6/+42
| | | | | | | | * support byteslike in HKDF * support byteslike in PBKDF2HMAC * add missing docs
* support bytes-like for X25519PrivateKey.from_private_bytes (#4698)Paul Kehrer2019-01-172-6/+40
| | | yuck.
* x448 and x25519 should enforce key lengths in backend (#4703)Paul Kehrer2019-01-175-4/+42
| | | | | | | | | | | * x448 and x25519 should enforce key lengths in from_private_bytes they should also check if the algorithm is supported like the public bytes class methods do * oops * move the checks
* support byteslike in hmac update (#4705)Paul Kehrer2019-01-174-4/+6
| | | needed for some KDF keying material
* support byteslike in hash updates (#4702)Paul Kehrer2019-01-163-2/+17
| | | This is needed to handle keying material in some of the KDFs
* support bytes-like keys in CMAC and HMAC contexts (#4701)Paul Kehrer2019-01-165-3/+29
|
* add support for byteslike password/data to load_{pem,der}_private_key (#4693)Paul Kehrer2019-01-163-7/+58
| | | | | | * add support for byteslike password/data to load_{pem,der}_private_key * pypy 5.4 can't do memoryview from_buffer
* turn off hypothesis deadlines, enforced by default in 4.0 (#4696)Paul Kehrer2019-01-162-2/+2
| | | | we don't care about exceeding a deadline in CI because our infra has wild variability and this can just randomly happen.
* support byteslike in aead for key and nonce (#4695)Paul Kehrer2019-01-154-18/+73
|
* support byteslike in X448PrivateKey.from_private_bytes (#4694)Paul Kehrer2019-01-153-2/+16
|
* add support for byteslike on password and data for pkcs12 loading (#4690)Paul Kehrer2019-01-153-15/+54
| | | | | | | | | | | | * add support for byteslike on password and data for pkcs12 loading * use a contextmanager to yield a null terminated buffer we can zero * review feedback * updated text * one last change
* Remove a dead assignment (#4692)Alex Gaynor2019-01-151-1/+0
|
* Serialization x25519 (#4688)Paul Kehrer2019-01-1410-21/+378
| | | | | | | | | | | | | | | | | * modify x25519 serialization to match x448 supports raw and pkcs8 encoding on private_bytes supports raw and subjectpublickeyinfo on public_bytes deprecates zero argument call to public_bytes * add docs * this is public now * don't need that * review feedback
* Update wycheproof commit in docs (#4687)Alex Gaynor2019-01-131-1/+1
|
* add x25519 pkcs8/subjectpublickeyinfo vectors (#4685)Paul Kehrer2019-01-137-0/+19
|
* support x448 public/private serialization both raw and pkcs8 (#4653)Paul Kehrer2019-01-1312-21/+497
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * support x448 public/private serialization both raw and pkcs8 * add tests for all other asym key types to prevent Raw * more tests * better tests * fix a test * funny story, I'm actually illiterate. * pep8 * require PrivateFormat.Raw or PublicFormat.Raw with Encoding.Raw * missing docs * parametrize * docs fixes * remove dupe line * assert something
* Fixes #4683 -- fixed linux kernel version that has getrandom (#4684)Alex Gaynor2019-01-123-3/+3
|
* Add bindings to get SRTP protection profile (#4679)Jeremy Lainé2019-01-111-0/+6
| | | | | This adds the ability to retrieve the selected SRTP protection profile after the DTLS handshake completes. This is needed to perform the correct key derivation if multiple profiles were offered.
* add signature_hash_algorithm to OCSPResponse (#4681)Paul Kehrer2019-01-107-18/+63
| | | | | | * add signature_hash_algorithm to OCSPResponse * fix pointless asserts
* Another HTTPS (#4674)Alex Gaynor2019-01-021-1/+1
|
* Use the contents of the ecrypt docs from the University website (#4673)Alex Gaynor2019-01-023-3/+3
|
* Update URL to EFF (#4672)Alex Gaynor2019-01-011-1/+1
|
* Fixed anchor for URL (#4670)Alex Gaynor2019-01-011-1/+1
|
* Don't try to linkcheck nist links for the time being (#4668)Alex Gaynor2019-01-011-0/+2
|
* add x448 private/public PEM/DER pkcs8/subjectpublickeyinfo vectors (#4667)Paul Kehrer2019-01-017-0/+21
|
* HTTPS a bunch of links in random places (#4666)Alex Gaynor2018-12-3110-15/+15
| | | | | | * HTTPS a bunch of links in random places * What the heck happened here?
* Sphinx's website is now https (#4662)Alex Gaynor2018-12-302-2/+2
| | | | | | * Sphinx's website is now https * Sphinx's website is now https
* DigiCert's root is now available over https (#4664)Alex Gaynor2018-12-301-1/+1
|
* Debian buster goes py3.7 (#4663)Alex Gaynor2018-12-301-2/+2
|
* Fixes #4645 -- poll() on /dev/random before reading from /dev/urandom on ↵Alex Gaynor2018-12-291-17/+55
| | | | | | | | | | | | | | | | | | Linux (#4656) * Fixes #4645 -- select() on /dev/random before reading from /dev/urandom on linux * whoops * Missing header * whoops * Review notes * Potential uninitialized fix * Signals are literally impossible
* Bump libressl versions in travis (#4654)Alex Gaynor2018-12-241-2/+4
|
* add x448 to changelog (#4652)Paul Kehrer2018-12-221-0/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 14:22:56 +0000