Merge branch 'master' into idea-bespoke-vectors

* master: (246 commits)
  Fixed python3 incompatibility
  Removed dependency on setuptools for version check
  don't need to move these definitions
  conditional NIDs for 0.9.8e
  x509 changes for 0.9.8e support
  more changes for 0.9.8e support, this time in the ssl.h headers
  macro switches in evp for 0.9.8e
  bind some error constants conditionally for 0.9.8e support
  BIO macro switch for 0.9.8e support
  move some nids
  conditionally bind AES_wrap/unwrap for 0.9.8e support
  Add GPG key fingerprint for lvh
  change comparison to be easier to read
  ridiculous workaround time
  whoops
  Missing imports
  Convert stuff
  Add binding for DSA_new
  Fix drop in coverage levels by removing branches
  Added check to turn of CC backend for OS X version < 10.8
  ...

Conflicts:
	docs/development/test-vectors.rst

2 files changed, 27 insertions, 2 deletions

diff --git a/docs/development/custom-vectors/cast5/generate_cast5.py b/docs/development/custom-vectors/cast5/generate_cast5.py
index c3f579e7..32ef3b43 100644
--- a/docs/development/custom-vectors/cast5/generate_cast5.py
+++ b/docs/development/custom-vectors/cast5/generate_cast5.py
@@ -1,6 +1,6 @@
 import binascii
 
-from cryptography.hazmat.backends.openssl.backend import backend
+from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives.ciphers import base, algorithms, modes
 
 
@@ -8,7 +8,7 @@ def encrypt(mode, key, iv, plaintext):
     cipher = base.Cipher(
         algorithms.CAST5(binascii.unhexlify(key)),
         mode(binascii.unhexlify(iv)),
-        backend
+        default_backend()
     )
     encryptor = cipher.encryptor()
     ct = encryptor.update(binascii.unhexlify(plaintext))
@@ -57,3 +57,5 @@ ofb_path = "tests/hazmat/primitives/vectors/ciphers/AES/OFB/OFBMMT128.rsp"
 write_file(build_vectors(modes.OFB, ofb_path), "cast5-ofb.txt")
 cfb_path = "tests/hazmat/primitives/vectors/ciphers/AES/CFB/CFB128MMT128.rsp"
 write_file(build_vectors(modes.CFB, cfb_path), "cast5-cfb.txt")
+ctr_path = "tests/hazmat/primitives/vectors/ciphers/AES/CTR/aes-128-ctr.txt"
+write_file(build_vectors(modes.CTR, ctr_path), "cast5-ctr.txt")
diff --git a/docs/development/custom-vectors/cast5/verify_cast5.go b/docs/development/custom-vectors/cast5/verify_cast5.go
index 49e1023d..f735d989 100644
--- a/docs/development/custom-vectors/cast5/verify_cast5.go
+++ b/docs/development/custom-vectors/cast5/verify_cast5.go
@@ -91,6 +91,26 @@ func (o cfbVerifier) validate(count string, key, iv, plaintext, expected_ciphert
 	}
 }
 
+type ctrVerifier struct{}
+
+func (o ctrVerifier) validate(count string, key, iv, plaintext, expected_ciphertext []byte) {
+	block, err := cast5.NewCipher(key)
+	if err != nil {
+		panic(err)
+	}
+
+	ciphertext := make([]byte, len(plaintext))
+	stream := cipher.NewCTR(block, iv)
+	stream.XORKeyStream(ciphertext, plaintext)
+
+	if !bytes.Equal(ciphertext, expected_ciphertext) {
+		panic(fmt.Errorf("vector mismatch @ COUNT = %s:\n  %s != %s\n",
+			count,
+			hex.EncodeToString(expected_ciphertext),
+			hex.EncodeToString(ciphertext)))
+	}
+}
+
 func validateVectors(verifier VectorVerifier, filename string) {
 	vectors, err := os.Open(filename)
 	if err != nil {
@@ -138,4 +158,7 @@ func main() {
 	validateVectors(cbcVerifier{},
 		"tests/hazmat/primitives/vectors/ciphers/CAST5/cast5-cbc.txt")
 	fmt.Println("CBC OK.")
+	validateVectors(ctrVerifier{},
+		"tests/hazmat/primitives/vectors/ciphers/CAST5/cast5-ctr.txt")
+	fmt.Println("CTR OK.")
 }