aboutsummaryrefslogtreecommitdiffstats
path: root/tests/hazmat/primitives
Commit message (Collapse)AuthorAgeFilesLines
* add memory limit check for scrypt (#3328)Paul Kehrer2017-01-051-1/+22
| | | | | | | | | | * add memory limit check for scrypt fixes #3323 * test a pass * move _MEM_LIMIT to the scrypt module
* OpenSSL DH backend implementation [Second attempt] (#2914)Aviv Palivoda2016-11-261-12/+195
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Start of OpenSSL DH backend implementation * Supporting DH in MultiBackend * DHBackend has dh_parameters_supported method * Removed DHParametersWithNumbers and DHPrivateKeyWithNumbers from documentation * Removed ExchangeContext. exchange is a method of DHPrivateKeyWithSerialization * PEP8 fixes * Fixed TestDH.test_bad_tls_exchange * Fixed generate_private_key reference in dh documentation * test DH multibackend support * testing DH coversion to serialized * Validating that we receive serialized class in test_generate_dh * Testing DH exchange symmetric key padding * struct DH is now opaqued * PEP8 fixes * Testing load_dh_private_numbers throws ValueError when DH_check fails * Using openssl_assert * Passing keywords arguments in DH key exchange example * test_dh::test_bad_tls_exchange now uses pre calculated parameters * TestDH - Add test that the computed secret is equivalent to the definition by comparing with secret computed in pure python * Add missing generator parameter to DHBackend interface docs. * Include parameter type in DHBackend abc docs. * Add docs for dh.generate_parameters function * Remove the dh Numbers section, and move the DHNumbers class docs to where they are first used. * Add note of big endian byte packing to DH exchange method. * DH documentation updates. Add single sentence overview with wikipedia link. Add paragraph on assembling using Numbers objects. Add link to backend interface docs. First section was all indented, I think by mistake. * Add exchange method to DHPrivateKey abstract base class. * Small tweaks to DH documentation - remove Provider. * Add endian to dictionary * Use utils.int_from_bytes in test_tls_exchange_algorithm * Removed duplicate line * Change dh.rst exchange algorithm from doctest to code-block The example in the Diffie-Hellman exhange algorithm is using 2048 bits key. Generating the parameters of 2048 takes long time. This caused the automated tests to fail. In order to pass the tests we change the example to code-block so it will not run in the doc tests. * Fix dh docs * Document the generator in DHBackend relevant methods * Fix dh tests * use DHparams_dup * Fix key type to unsigned char as expected by DH_compute_key * Validate that DH generator is 2 or 5 * test dh exchange using botan vectors * group all numbers classes * Simplify _DHPrivateKey * Rename test with serialized to numbers * Move bad exchange params to external vector file * update exchange versionadded to 1.7 * Make key_size bit accurate * Change botan link * Added CHANGELOG entry
* error if private_value is <= 0 in ec.derive_private_key (#3273)Paul Kehrer2016-11-211-0/+3
|
* add support for prehashing in ECDSA sign/verify (#3267)Paul Kehrer2016-11-201-1/+67
| | | | | | * add support for prehashing in ECDSA sign/verify * move signature_algorithm check to its own function
* support prehashed sign/verify in DSA (#3266)Paul Kehrer2016-11-201-1/+46
|
* support RSA verify with prehashing (#3265)Paul Kehrer2016-11-201-0/+23
| | | | | | | | | | * support RSA verify with prehashing * review feedback * more dedupe * refactor and move to a separate module
* support prehashing in RSA sign (#3238)Paul Kehrer2016-11-202-3/+47
| | | | | | | | * support prehashing in RSA sign * check to make sure digest size matches prehashed data provided * move doctest for prehashed
* Raise padding block_size limit to what is allowed by the specs. (#3108)Terry Chia2016-11-151-0/+16
| | | | | | | | | | | | | | | | | | | | * Raize padding block_size limit to what is allowed by the specs. * Add tests for raising padding limits. * Amend C code for padding check to use uint16_t instead of uint8_t. * Fix test to work in Python 3. * Fix typo. * Fix another typo. * Fix return type of the padding checks. * Change hypothesis test on padding. * Update comment.
* add ec.private_key_from_secret_and_curve (#3225)Ofek Lev2016-11-111-0/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * finish https://github.com/pyca/cryptography/pull/1973 * change API & add test Function will now return an instance of EllipticCurvePrivateKey, as that is the users' ultimate goal anyway. * fix test * improve coverage * complete coverage * final fix * centos fix * retry * cleanup asserts * use openssl_assert * skip unsupported platforms * change API name to derive_private_key * change version added * improve description of `secret` param * separate successful and failure test cases * simplify successful case * add docs for derive_elliptic_curve_public_point * add period
* Fixes #3211 -- fixed hkdf's output with short length (#3215)Alex Gaynor2016-11-061-0/+11
|
* make this test assert the right thing. (#3133)Alex Gaynor2016-09-031-1/+2
| | | right now it just always skips
* Add bounds checking for Scrypt parameters. (#3130)Terry Chia2016-09-021-0/+17
| | | | | | | | | | * Add bounds checking for Scrypt parameters. * Pep8. * More PEP8. * Change wording.
* Scrypt Implementation (#3117)Terry Chia2016-09-011-0/+119
| | | | | | | | | | | | | | | | | | | | | | | | * Scrypt implementation. * Docs stuff. * Make example just an example and not a doctest. * Add changelog entry. * Docs cleanup. * Add more tests. * Add multibackend tests. * PEP8. * Add docs about Scrypt parameters. * Docs cleanup. * Add AlreadyFinalized.
* blake2b/blake2s support (#3116)Paul Kehrer2016-08-282-0/+82
| | | | | | | | | | | | | | | | | | | | | | | | | * blake2b/blake2s support Doesn't support keying, personalization, salting, or tree hashes so the API is pretty simple right now. * implement digest_size via utils.read_only_property * un-keyed for spelling's sake * test copying + digest_size checks * unkeyed is too a word * line wrap * reword the docs * use the evp algorithm name in the error This will make BLAKE2 alternate digest size errors a bit less confusing * add changelog entry and docs about supported digest_size
* Enforce that p > q to improve OpenSSL compatibility (fixes #2990) (#3010)Dirkjan Ochtman2016-07-191-1/+2
|
* Add flag to toggle key length check for HOTP and TOTP. (#3012)Terry Chia2016-07-161-0/+4
| | | | | | | | | | * Add an enforce_key_length parameter to HOTP and TOTP. * Document changes in docs. * Add some words to the wordlist. * Add versionadded to docs.
* disable blowfish in commoncrypto backend for key lengths under 64-bit (#3040)Paul Kehrer2016-07-101-0/+5
| | | | This is due to a bug in CommonCrypto present in 10.11.x. Filed as radar://26636600
* One shot sign/verification ECDSA (#3029)Aviv Palivoda2016-07-021-0/+22
| | | | | | | | | | | | | | * Add sign and verify methods to ECDSA * Documented ECDSA sign/verify methods * Added CHANGELOG entry * Skipping test verify and sign if curve is not supported * Fixed typo in documentation return type * Removed provider language from EllipticCurvePrivateKey and EllipticCurvePublicKey
* One shot sign/verify DSA (#3003)Aviv Palivoda2016-06-301-0/+20
| | | | | | | | * Add sign and verify methods to DSA * Documented DSA sign/verify methods * Added CHANGELOG entry
* Fixed #3008 -- expose calculate max pss salt length (#3014)Alex Gaynor2016-06-271-0/+4
| | | | | | | | | | | | | | * Fixed #3008 -- expose calculate max pss salt length * Fixed a few mistakes in the docs * move all the code around * oops * write a unit test * versionadded + changelog
* Add convenience methods to sign and verify w/ RSA (#2945)Colleen Murphy2016-06-041-0/+22
| | | | | | | | | This patch adds wrapper methods to allow the user to sign and verify a single message block without having to go through the multi-step process of creating a signer or verifier, updating it with the one message, and finalizing the result. This will make signing and verifying data more user-friendly when only using small messages. Partial bug #1529
* RSA OAEP SHA2 Support (#2956)Paul Kehrer2016-06-041-0/+115
| | | | | | | | | | | | | | | | | | | | * some rsa oaep sha2 support * various improvements * fix a thing * simplify * update the test * styyyyyle * more styyyyle * fix libre, remove a skip that should never be hit * OAEP version check fixes
* added a repr to the dsa numbers classes (#2961)Alex Gaynor2016-06-031-0/+15
| | | | | | | | * added a repr to the dsa numbers classes * fix * another test
* SSH serialization for public keys (#2957)Alex Gaynor2016-06-033-0/+87
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * SSH serialization for public keys * name errors ahoy! * id, ego, superego * dsa support * EC support * Don't keyerror * Documentation OpenSSH * flake8 * fix * bytes bytes bytes * skip curve unsupported * bytes! * Move a function * reorganize code for coverage
* Random grammar stuff (#2955)Alex Gaynor2016-06-021-1/+1
|
* KBKDF cleanup (#2929)Paul Kehrer2016-05-291-5/+7
| | | | | | | | * unicode characters make everything angry * changelog entry and make skip msgs more informative * typo fix
* NIST SP 800-108 Counter Mode KDF (#2748)Jared2016-05-293-0/+226
| | | | | | | | | | | | | | | | | | * NIST SP 800-108 Counter Mode and Feedback Mode KDF * CounterKDF unit tests * Refactor to support multiple key based KDF modes. * Extracting supported algorithms for KBKDF Counter Mode test vectors * Adding support for different rlen and counter location in KBKDF * support for multiple L lengths and 24 bit counter length. * Adding KBKDF Documentation. * Refactoring KBKDF to KBKDFHMAC to describe hash algorithm used.
* Fixed #2887 -- implement __hash__ on EC numbers classes (#2888)Alex Gaynor2016-04-301-0/+24
|
* Handle two more error conditions correctlyAlex Gaynor2016-04-021-0/+11
| | | | | | * Handle two more error conditions correctly * fixed test case
* Merge pull request #2736 from cedk/ANSI_X.923Paul Kehrer2016-03-161-0/+92
|\ | | | | Added support for padding ANSI X.923
| * Add more tests since there is no more sub-classingCédric Krier2016-03-161-0/+29
| |
| * Add padding check for ANSI X.923Cédric Krier2016-02-271-0/+15
| | | | | | | | All padding bytes must be 0.
| * Added support for padding ANSI X.923Cédric Krier2016-02-271-0/+48
| |
* | require mode nonce/iv/tag data to be bytesPaul Kehrer2016-03-071-0/+30
| |
* | pass bytes to modes/algorithms like we shouldPaul Kehrer2016-03-0710-38/+38
| |
* | Merge pull request #2762 from alex/dedupe-doublesPaul Kehrer2016-03-068-95/+26
|\ \ | | | | | | Un-double the test doubles
| * | Un-double the test doublesAlex Gaynor2016-03-058-95/+26
| |/
* | make the test function name make senseAlex Gaynor2016-03-051-1/+1
| |
* | move keyAlex Gaynor2016-03-052-73/+75
| |
* | wrap some very long linesAlex Gaynor2016-03-051-8/+80
| |
* | Added a failing test case for #2760Alex Gaynor2016-03-051-0/+36
|/
* support rsa key generation testing when key is not serializablePaul Kehrer2016-01-301-1/+10
|
* Write some tests for skip conditions in tests.Alex Gaynor2016-01-103-25/+63
| | | | Without this these branches aren't excersised without 0.9.8, but conceptually they are needed.
* move testPaul Kehrer2015-12-271-0/+37
|
* use the non-deprecated name for this functionAlex Gaynor2015-12-191-3/+3
|
* Add support for 160 bit ARC4 keysEhren Kret2015-11-281-0/+1
|
* Swapping modified x509 test with modified ec testPeter Hamilton2015-10-301-11/+2
|
* Adding elliptic curve test fixturesPeter Hamilton2015-10-291-0/+296
| | | | This change adds pre-generated elliptic curve keys to be used in elliptic curve tests.
* Error cleanly if the public and private keys to an ECDH key exchange are on ↵Alex Gaynor2015-10-281-1/+27
| | | | different curves
* add ellipticcurvepublicnumbers reprPaul Kehrer2015-10-281-0/+5
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-15 09:17:35 +0000