| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* implement AES KW with padding (RFC 5649)
fixes #3791
* oops, 2.2
* make sure this is the right valueerror
* more match
* make key padding easier to read
* review feedback
* review feedback
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* added brainpool ec-curves key_length >= 256bit
* limit brainpool curves to the set that appear required + docs
* oops
* typos all around me
* add brainpool ECDH kex tests
* switch to using rfc 7027 vectors
* review feedback
* empty commits are the best
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* DH interfaces existed in 0.9 but we didn't implement until 1.7
* sigh empty
|
| | |
|
| |
|
|
|
|
| |
* Add import default backend
* Revert blank line in
|
| |
|
|
|
| |
Both because it's weirdo crypto, but also because we don't even support it.
Adhere to our documented policy of using good crypto for all examples
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add support for AES XTS
We drop the non-byte aligned test vectors because according to NIST
http://csrc.nist.gov/groups/STM/cavp/documents/aes/XTSVS.pdf
"An implementation may support a data unit length that is not a
multiple of 8 bits." OpenSSL does not support this, so we can't
use those test vectors.
* fix docs and pep8
* docs fix
* the spellchecker is so frustrating
* add note about AES 192 for XTS (it's not supported)
* docs work
* enforce key length on ECB mode in AES as well (thanks XTS)
* a few more words about why we exclude some test vectors for XTS
|
| |
|
|
|
|
|
|
|
|
| |
* add ChaCha20 support
* review feedback
* 256 divided by 8 is what again?
* ...
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* add AESGCM AEAD support
* remove stray newline
* move AESGCM docs above CCM
|
| |
|
|
|
|
| |
* move tag_length to the AESCCM constructor
* review feedback
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* don't use long keys because they can be confusing wrt bits/bytes
* make sure we say bytes everywhere
* shorten the scrypt output to 32 bytes as well
|
| |
|
|
|
|
|
|
| |
* doc the relationship between PrivateKey and PrivateKeyWithSerialization
Or at least do it better.
* let's talk about opaque keys
|
| |
|
|
|
|
|
|
| |
* Reorganize DHParameters and DHPublicKey *WithSerialization
fixes #3720
* fix up the changelog
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Support DH parameter serizalization - no X9.42
* Support X9.42 serialization - DER not working
* Fix dhp_rfc5114_2.der
Changing the DER parameters serialization after the
fix in openssl commit a292c9f1b835
* DH parameters X9.42 DER serialization fixed
* fix _skip_dhx_unsupported
* document DH parameter_bytes
* PEP8 fixes
* Document load_pem_parameters
* Document load_der_parameters
* document ParameterFormat
* Increase test coverage
* Increase test covrage
* Remove unneeded check
* Fix typo
* Fix error in load_der_parameters
* Add load_pem_parameters and load_der_parameters to interfaces
* CR fixes
* Removed unverified phrase
* Update version to 2.0
* Fix pep8
* Rename ParameterFormat.ASN1 to ParameterFormat.DHParameter
* link pkcs3
* Add new line at end of file to serialization.rst
* Rename DHparameters to PKCS3
* doc CR fix
|
| |
|
|
|
|
|
|
| |
* be clearer that 65537 is the right answer
* Different language
* remove trailing whitespace
|
| |
|
| |
fixes #3704
|
| |
|
| |
Fix misworded guidance for how to serialize a private key to bytes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* early days
* sort of working
* more things
* remove private_bytes
* public bytes, interface fix
* load public keys
* x25519 support basically done now
* private_bytes is gone
* some reminders
* doctest this too
* remove a thing that doesn't matter
* x25519 supported checks
* libressl has the NID, but a different API, so check for OpenSSL
* pep8
* add missing coverage
* update to use reasons
* expand test a little
* add changelog entry
* review feedback
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* chacha20poly1305 support
* add chacha20poly1305 backend and some fixes
* refactor
* forgot to remove this
* pep8
* review feedback and a lot of type/value checking
* review feedback
* raise unsupportedalgorithm when creating a ChaCha20Poly1305 object
if it's not supported.
* switch to ciphertext||tag
* typo
* remove a branch we don't need
* review feedback
* decrypts is *also* a word
* use reasons
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* document invalidtag
* move invalidtag
|
| |
|
|
|
|
| |
* deprecate signer/verifier on asymmetric keys
* review feedback, switch deprecated_call to work around a bug
|
| |
|
|
|
|
| |
* make signature and verification contexts error better re: prehashed
* code review feedback
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* move MACContext to mac.py and eliminate interfaces.py finally
* improve title
* re-add and deprecate interfaces.MACContext
* use pytest.warns instead of deprecated_call
The pytest docs insist that deprecation warnings are handled differently
and that you should use deprecated_call, but this works so okay then
|
| | |
|
| |
|
|
|
|
|
|
| |
* Modify DH/ECDH examples to be explicit for DHE/ECDHE
Also add note to DH docs that you should probably use ECDH
* give a reason
|
| |
|
|
|
|
| |
* Put the exchange method on the correct interface
* fixed links in docs
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* remove multibackend
* oops
* goodbye pointless tests
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* time to remove commoncrypto, fare thee well
* remove even more
* update the changelog
* remove more things
* don't need this function
* remove CAST5 CTR tests since that was only supported in commoncrypto
* assert a thing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#3539)
* Document our real API for EC verification, not an accident
* formatting consistency
* fix the code itself
* fixed class name
* fixed a test too
|
