diff options
30 files changed, 175 insertions, 59 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index c07ee8e5..8ca02d51 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -9,6 +9,15 @@ Changelog * :func:`~cryptography.hazmat.primitives.serialization.load_ssh_public_key` can now load elliptic curve public keys. +0.7.2 - 2015-01-16 +~~~~~~~~~~~~~~~~~~ + +* Updated Windows wheels to be compiled against OpenSSL 1.0.1l. +* ``enum34`` is no longer installed on Python 3.4, where it is included in + the standard library. +* Added a new function to the OpenSSL bindings to support additional + functionality in pyOpenSSL. + 0.7.1 - 2014-12-28 ~~~~~~~~~~~~~~~~~~ diff --git a/docs/conf.py b/docs/conf.py index fc16b38a..f674ebe8 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -69,7 +69,7 @@ master_doc = 'index' # General information about the project. project = 'Cryptography' -copyright = '2013-2014, Individual Contributors' +copyright = '2013-2015, Individual Contributors' # The version info for the project you're documenting, acts as replacement for # |version| and |release|, also used in various other places throughout the diff --git a/docs/development/custom-vectors/cast5/verify_cast5.go b/docs/development/custom-vectors/cast5/verify_cast5.go index f735d989..cbc89a03 100644 --- a/docs/development/custom-vectors/cast5/verify_cast5.go +++ b/docs/development/custom-vectors/cast5/verify_cast5.go @@ -19,7 +19,7 @@ func unhexlify(s string) []byte { return bytes } -type VectorArgs struct { +type vectorArgs struct { count string key string iv string @@ -27,13 +27,13 @@ type VectorArgs struct { ciphertext string } -type VectorVerifier interface { - validate(count string, key, iv, plaintext, expected_ciphertext []byte) +type vectorVerifier interface { + validate(count string, key, iv, plaintext, expectedCiphertext []byte) } type ofbVerifier struct{} -func (o ofbVerifier) validate(count string, key, iv, plaintext, expected_ciphertext []byte) { +func (o ofbVerifier) validate(count string, key, iv, plaintext, expectedCiphertext []byte) { block, err := cast5.NewCipher(key) if err != nil { panic(err) @@ -43,17 +43,17 @@ func (o ofbVerifier) validate(count string, key, iv, plaintext, expected_ciphert stream := cipher.NewOFB(block, iv) stream.XORKeyStream(ciphertext, plaintext) - if !bytes.Equal(ciphertext, expected_ciphertext) { + if !bytes.Equal(ciphertext, expectedCiphertext) { panic(fmt.Errorf("vector mismatch @ COUNT = %s:\n %s != %s\n", count, - hex.EncodeToString(expected_ciphertext), + hex.EncodeToString(expectedCiphertext), hex.EncodeToString(ciphertext))) } } type cbcVerifier struct{} -func (o cbcVerifier) validate(count string, key, iv, plaintext, expected_ciphertext []byte) { +func (o cbcVerifier) validate(count string, key, iv, plaintext, expectedCiphertext []byte) { block, err := cast5.NewCipher(key) if err != nil { panic(err) @@ -63,17 +63,17 @@ func (o cbcVerifier) validate(count string, key, iv, plaintext, expected_ciphert mode := cipher.NewCBCEncrypter(block, iv) mode.CryptBlocks(ciphertext, plaintext) - if !bytes.Equal(ciphertext, expected_ciphertext) { + if !bytes.Equal(ciphertext, expectedCiphertext) { panic(fmt.Errorf("vector mismatch @ COUNT = %s:\n %s != %s\n", count, - hex.EncodeToString(expected_ciphertext), + hex.EncodeToString(expectedCiphertext), hex.EncodeToString(ciphertext))) } } type cfbVerifier struct{} -func (o cfbVerifier) validate(count string, key, iv, plaintext, expected_ciphertext []byte) { +func (o cfbVerifier) validate(count string, key, iv, plaintext, expectedCiphertext []byte) { block, err := cast5.NewCipher(key) if err != nil { panic(err) @@ -83,17 +83,17 @@ func (o cfbVerifier) validate(count string, key, iv, plaintext, expected_ciphert stream := cipher.NewCFBEncrypter(block, iv) stream.XORKeyStream(ciphertext, plaintext) - if !bytes.Equal(ciphertext, expected_ciphertext) { + if !bytes.Equal(ciphertext, expectedCiphertext) { panic(fmt.Errorf("vector mismatch @ COUNT = %s:\n %s != %s\n", count, - hex.EncodeToString(expected_ciphertext), + hex.EncodeToString(expectedCiphertext), hex.EncodeToString(ciphertext))) } } type ctrVerifier struct{} -func (o ctrVerifier) validate(count string, key, iv, plaintext, expected_ciphertext []byte) { +func (o ctrVerifier) validate(count string, key, iv, plaintext, expectedCiphertext []byte) { block, err := cast5.NewCipher(key) if err != nil { panic(err) @@ -103,15 +103,15 @@ func (o ctrVerifier) validate(count string, key, iv, plaintext, expected_ciphert stream := cipher.NewCTR(block, iv) stream.XORKeyStream(ciphertext, plaintext) - if !bytes.Equal(ciphertext, expected_ciphertext) { + if !bytes.Equal(ciphertext, expectedCiphertext) { panic(fmt.Errorf("vector mismatch @ COUNT = %s:\n %s != %s\n", count, - hex.EncodeToString(expected_ciphertext), + hex.EncodeToString(expectedCiphertext), hex.EncodeToString(ciphertext))) } } -func validateVectors(verifier VectorVerifier, filename string) { +func validateVectors(verifier vectorVerifier, filename string) { vectors, err := os.Open(filename) if err != nil { panic(err) @@ -119,7 +119,7 @@ func validateVectors(verifier VectorVerifier, filename string) { defer vectors.Close() var segments []string - var vector *VectorArgs + var vector *vectorArgs scanner := bufio.NewScanner(vectors) for scanner.Scan() { @@ -134,7 +134,7 @@ func validateVectors(verifier VectorVerifier, filename string) { unhexlify(vector.plaintext), unhexlify(vector.ciphertext)) } - vector = &VectorArgs{count: segments[1]} + vector = &vectorArgs{count: segments[1]} case strings.ToUpper(segments[0]) == "IV": vector.iv = segments[1][:16] case strings.ToUpper(segments[0]) == "KEY": @@ -150,15 +150,15 @@ func validateVectors(verifier VectorVerifier, filename string) { func main() { validateVectors(ofbVerifier{}, - "tests/hazmat/primitives/vectors/ciphers/CAST5/cast5-ofb.txt") + "vectors/cryptography_vectors/ciphers/CAST5/cast5-ofb.txt") fmt.Println("OFB OK.") validateVectors(cfbVerifier{}, - "tests/hazmat/primitives/vectors/ciphers/CAST5/cast5-cfb.txt") + "vectors/cryptography_vectors/ciphers/CAST5/cast5-cfb.txt") fmt.Println("CFB OK.") validateVectors(cbcVerifier{}, - "tests/hazmat/primitives/vectors/ciphers/CAST5/cast5-cbc.txt") + "vectors/cryptography_vectors/ciphers/CAST5/cast5-cbc.txt") fmt.Println("CBC OK.") validateVectors(ctrVerifier{}, - "tests/hazmat/primitives/vectors/ciphers/CAST5/cast5-ctr.txt") + "vectors/cryptography_vectors/ciphers/CAST5/cast5-ctr.txt") fmt.Println("CTR OK.") } diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst index 10c20dba..2edf1fbb 100644 --- a/docs/development/test-vectors.rst +++ b/docs/development/test-vectors.rst @@ -37,24 +37,40 @@ Asymmetric ciphers Custom Asymmetric Vectors ~~~~~~~~~~~~~~~~~~~~~~~~~ -* ``ec_private_key.pem`` - Contains an Elliptic Curve key generated by OpenSSL - from the curve ``secp256r1``. -* ``ec_private_key_encrypted.pem`` - Contains the same Elliptic Curve key as - ``ec_private_key.pem``, except that it is encrypted with AES-128 with the - password "123456". -* ``ec_public_key.pem`` - Contains the public key corresponding to - ``ec_private_key.pem``, generated using OpenSSL. -* ``rsa_private_key.pem`` - Contains an RSA 2048 bit key generated using - OpenSSL, protected by the secret "123456" with DES3 encryption. -* ``rsa_public_key.pem`` - Contains an RSA 2048 bit public generated using - OpenSSL from ``rsa_private_key.pem``. -* ``dsaparam.pem`` - Contains 2048-bit DSA parameters generated using OpenSSL; - contains no keys. -* ``dsa_private_key.pem`` - Contains a DSA 2048 bit key generated using - OpenSSL from the parameters in ``dsaparam.pem``, protected by the secret - "123456" with DES3 encryption. -* ``dsa_public_key.pem`` - Contains a DSA 2048 bit key generated using OpenSSL - from ``dsa_private_key.pem``. +* ``asymmetric/PEM_Serialization/ec_private_key.pem`` and + ``asymmetric/DER_Serialization/ec_private_key.der`` - Contains an Elliptic + Curve key generated by OpenSSL from the curve ``secp256r1``. +* ``asymmetric/PEM_Serialization/ec_private_key_encrypted.pem`` and + ``asymmetric/DER_Serialization/ec_private_key_encrypted.der``- Contains the + same Elliptic Curve key as ``ec_private_key.pem``, except that it is + encrypted with AES-128 with the password "123456". +* ``asymmetric/PEM_Serialization/ec_public_key.pem`` and + ``asymmetric/DER_Serialization/ec_public_key.der``- Contains the public key + corresponding to ``ec_private_key.pem``, generated using OpenSSL. +* ``asymmetric/PEM_Serialization/rsa_private_key.pem`` - Contains an RSA 2048 + bit key generated using OpenSSL, protected by the secret "123456" with DES3 + encryption. +* ``asymmetric/PEM_Serialization/rsa_public_key.pem`` and + ``asymmetric/DER_Serialization/rsa_public_key.der``- Contains an RSA 2048 + bit public generated using OpenSSL from ``rsa_private_key.pem``. +* ``asymmetric/PEM_Serialization/dsaparam.pem`` - Contains 2048-bit DSA + parameters generated using OpenSSL; contains no keys. +* ``asymmetric/PEM_Serialization/dsa_private_key.pem`` - Contains a DSA 2048 + bit key generated using OpenSSL from the parameters in ``dsaparam.pem``, + protected by the secret "123456" with DES3 encryption. +* ``asymmetric/PEM_Serialization/dsa_public_key.pem`` and + ``asymmetric/DER_Serialization/dsa_public_key.der`` - Contains a DSA 2048 bit + key generated using OpenSSL from ``dsa_private_key.pem``. +* ``asymmetric/PKCS8/unenc-dsa-pkcs8.pem`` and + ``asymmetric/DER_Serialization/unenc-dsa-pkcs8.der`` - Contains a DSA 1024 + bit key generated using OpenSSL. +* ``asymmetric/PKCS8/unenc-dsa-pkcs8.pub.pem`` and + ``asymmetric/DER_Serialization/unenc-dsa-pkcs8.pub.der`` - Contains a DSA + 2048 bit public key generated using OpenSSL from ``unenc-dsa-pkcs8.pem``. +* DER conversions of the `GnuTLS example keys`_ for DSA as well as the + `OpenSSL example key`_ for RSA. +* DER conversions of `enc-rsa-pkcs8.pem`_, `enc2-rsa-pkcs8.pem`_, and + `unenc-rsa-pkcs8.pem`_. X.509 diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index e9ee9467..052e397f 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -299,7 +299,7 @@ A specific ``backend`` may provide one or more of these interfaces. .. method:: generate_dsa_parameters(key_size) :param int key_size: The length of the modulus in bits. It should be - either 1024, 2048 or 3072. For keys generated in 2014 this should + either 1024, 2048 or 3072. For keys generated in 2015 this should be at least 2048. Note that some applications (such as SSH) have not yet gained support for larger key sizes specified in FIPS 186-3 and are still @@ -327,7 +327,7 @@ A specific ``backend`` may provide one or more of these interfaces. .. method:: generate_dsa_private_key_and_parameters(key_size) :param int key_size: The length of the modulus in bits. It should be - either 1024, 2048 or 3072. For keys generated in 2014 this should + either 1024, 2048 or 3072. For keys generated in 2015 this should be at least 2048. Note that some applications (such as SSH) have not yet gained support for larger key sizes specified in FIPS 186-3 and are still diff --git a/docs/hazmat/primitives/asymmetric/dsa.rst b/docs/hazmat/primitives/asymmetric/dsa.rst index df3c99fc..c2197d10 100644 --- a/docs/hazmat/primitives/asymmetric/dsa.rst +++ b/docs/hazmat/primitives/asymmetric/dsa.rst @@ -18,7 +18,7 @@ Generation generate a new set of parameters and key in one step. :param int key_size: The length of the modulus in bits. It should be - either 1024, 2048 or 3072. For keys generated in 2014 this should + either 1024, 2048 or 3072. For keys generated in 2015 this should be `at least 2048`_ (See page 41). Note that some applications (such as SSH) have not yet gained support for larger key sizes specified in FIPS 186-3 and are still restricted to only the @@ -42,7 +42,7 @@ Generation Generate DSA parameters using the provided ``backend``. :param int key_size: The length of the modulus in bits. It should be - either 1024, 2048 or 3072. For keys generated in 2014 this should + either 1024, 2048 or 3072. For keys generated in 2015 this should be `at least 2048`_ (See page 41). Note that some applications (such as SSH) have not yet gained support for larger key sizes specified in FIPS 186-3 and are still restricted to only the diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index 837059bd..fa72cced 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -39,7 +39,7 @@ mathematical properties`_. Usually one of the small Fermat primes 3, 5, 17, 257, 65537. If in doubt you should `use 65537`_. :param int key_size: The length of the modulus in bits. For keys - generated in 2014 it is strongly recommended to be + generated in 2015 it is strongly recommended to be `at least 2048`_ (See page 41). It must not be less than 512. Some backends may have additional limitations. :param backend: A backend which provides diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst index 8d3769f5..d532ad1b 100644 --- a/docs/hazmat/primitives/symmetric-encryption.rst +++ b/docs/hazmat/primitives/symmetric-encryption.rst @@ -6,12 +6,6 @@ Symmetric encryption .. currentmodule:: cryptography.hazmat.primitives.ciphers -.. testsetup:: - - import binascii - key = binascii.unhexlify(b"0" * 32) - iv = binascii.unhexlify(b"0" * 32) - Symmetric encryption is a way to `encrypt`_ or hide the contents of material where the sender and receiver both use the same secret key. Note that symmetric @@ -35,9 +29,12 @@ in an "encrypt-then-MAC" formulation as `described by Colin Percival`_. .. doctest:: + >>> import os >>> from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes >>> from cryptography.hazmat.backends import default_backend >>> backend = default_backend() + >>> key = os.urandom(32) + >>> iv = os.urandom(16) >>> cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=backend) >>> encryptor = cipher.encryptor() >>> ct = encryptor.update(b"a secret message") + encryptor.finalize() diff --git a/src/cryptography/hazmat/backends/__init__.py b/src/cryptography/hazmat/backends/__init__.py index 24c029f6..256fee39 100644 --- a/src/cryptography/hazmat/backends/__init__.py +++ b/src/cryptography/hazmat/backends/__init__.py @@ -17,8 +17,13 @@ def _available_backends(): if _available_backends_list is None: _available_backends_list = [ - backend.load(require=False) - for backend in pkg_resources.iter_entry_points( + # setuptools 11.3 deprecated support for the require parameter to + # load(), and introduced the new resolve() method instead. + # This can be removed if/when we can assume setuptools>=11.3. At + # some point we may wish to add a warning, to push people along, + # but at present this would result in too many warnings. + ep.resolve() if hasattr(ep, "resolve") else ep.load(require=False) + for ep in pkg_resources.iter_entry_points( "cryptography.backends" ) ] diff --git a/src/cryptography/hazmat/bindings/openssl/evp.py b/src/cryptography/hazmat/bindings/openssl/evp.py index f00c2f0d..780ce900 100644 --- a/src/cryptography/hazmat/bindings/openssl/evp.py +++ b/src/cryptography/hazmat/bindings/openssl/evp.py @@ -119,6 +119,8 @@ int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *, const char *, int, const unsigned char *, int); int EVP_PKEY_cmp(const EVP_PKEY *, const EVP_PKEY *); + +EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *); """ MACROS = """ diff --git a/src/cryptography/hazmat/bindings/openssl/ssl.py b/src/cryptography/hazmat/bindings/openssl/ssl.py index 91ae36ac..bf627139 100644 --- a/src/cryptography/hazmat/bindings/openssl/ssl.py +++ b/src/cryptography/hazmat/bindings/openssl/ssl.py @@ -302,6 +302,7 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *); long SSL_CTX_get_timeout(const SSL_CTX *); const SSL_CIPHER *SSL_get_current_cipher(const SSL *); +int SSL_version(const SSL *); /* SNI APIs were introduced in OpenSSL 1.0.0. To continue to support * earlier versions some special handling of these is necessary. diff --git a/src/cryptography/hazmat/bindings/openssl/x509.py b/src/cryptography/hazmat/bindings/openssl/x509.py index f51b0e59..e30d23b7 100644 --- a/src/cryptography/hazmat/bindings/openssl/x509.py +++ b/src/cryptography/hazmat/bindings/openssl/x509.py @@ -71,6 +71,8 @@ typedef struct { typedef ... NETSCAPE_SPKI; +typedef ... PKCS8_PRIV_KEY_INFO; + static const int X509_FLAG_COMPAT; static const int X509_FLAG_NO_HEADER; static const int X509_FLAG_NO_VERSION; @@ -224,6 +226,9 @@ DSA *d2i_DSA_PUBKEY_bio(BIO *, DSA **); int i2d_DSA_PUBKEY_bio(BIO *, DSA *); DSA *d2i_DSAPrivateKey_bio(BIO *, DSA **); int i2d_DSAPrivateKey_bio(BIO *, DSA *); + +PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *, + PKCS8_PRIV_KEY_INFO **); """ MACROS = """ diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py index ac2f787d..72f9a347 100644 --- a/src/cryptography/utils.py +++ b/src/cryptography/utils.py @@ -7,12 +7,17 @@ from __future__ import absolute_import, division, print_function import abc import inspect import sys +import warnings # DeprecatedIn07 objects exist. This comment exists to remind developers to # look for them when it's time for the ninth release cycle deprecation dance. +def read_only_property(name): + return property(lambda self: getattr(self, name)) + + def register_interface(iface): def register_decorator(klass): verify_interface(iface, klass) @@ -21,10 +26,6 @@ def register_interface(iface): return register_decorator -def read_only_property(name): - return property(lambda self: getattr(self, name)) - - class InterfaceNotImplemented(Exception): pass @@ -55,3 +56,35 @@ if sys.version_info >= (2, 7): else: def bit_length(x): return len(bin(x)) - (2 + (x <= 0)) + + +class _DeprecatedValue(object): + def __init__(self, value, message, warning_class): + self.value = value + self.message = message + self.warning_class = warning_class + + +class _ModuleWithDeprecations(object): + def __init__(self, module): + self.__dict__["_module"] = module + + def __getattr__(self, attr): + obj = getattr(self._module, attr) + if isinstance(obj, _DeprecatedValue): + warnings.warn(obj.message, obj.warning_class, stacklevel=2) + obj = obj.value + return obj + + def __setattr__(self, attr, value): + setattr(self._module, attr, value) + + def __dir__(self): + return ["_module"] + dir(self._module) + + +def deprecated(value, module_name, message, warning_class): + module = sys.modules[module_name] + if not isinstance(module, _ModuleWithDeprecations): + sys.modules[module_name] = module = _ModuleWithDeprecations(module) + return _DeprecatedValue(value, message, warning_class) diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index 8f89232b..8cc81cdc 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -134,8 +134,9 @@ class TestOpenSSL(object): assert resp == expected_options assert b.lib.SSL_get_mode(ssl) == expected_options - def test_libraries(self): + def test_libraries(self, monkeypatch): assert _get_libraries("darwin") == ["ssl", "crypto"] + monkeypatch.setenv('PYCA_WINDOWS_LINK_TYPE', 'static') assert "ssleay32mt" in _get_libraries("win32") def test_windows_static_dynamic_libraries(self): diff --git a/tests/test_warnings.py b/tests/test_warnings.py new file mode 100644 index 00000000..9946baa7 --- /dev/null +++ b/tests/test_warnings.py @@ -0,0 +1,47 @@ +# This file is dual licensed under the terms of the Apache License, Version +# 2.0, and the BSD License. See the LICENSE file in the root of this repository +# for complete details. + +from __future__ import absolute_import, division, print_function + +import sys +import types +import warnings + +from cryptography.utils import deprecated + + +class TestDeprecated(object): + def test_deprecated(self, monkeypatch): + mod = types.ModuleType("TestDeprecated/test_deprecated") + monkeypatch.setitem(sys.modules, mod.__name__, mod) + mod.X = deprecated( + value=1, + module_name=mod.__name__, + message="deprecated message text", + warning_class=DeprecationWarning + ) + mod.Y = deprecated( + value=2, + module_name=mod.__name__, + message="more deprecated text", + warning_class=PendingDeprecationWarning, + ) + mod = sys.modules[mod.__name__] + mod.Z = 3 + + with warnings.catch_warnings(record=True) as log: + warnings.simplefilter("always", PendingDeprecationWarning) + warnings.simplefilter("always", DeprecationWarning) + assert mod.X == 1 + assert mod.Y == 2 + assert mod.Z == 3 + + [msg1, msg2] = log + assert msg1.category is DeprecationWarning + assert msg1.message.args == ("deprecated message text",) + + assert msg2.category is PendingDeprecationWarning + assert msg2.message.args == ("more deprecated text",) + + assert "Y" in dir(mod) diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/dsa.1024.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/dsa.1024.der Binary files differnew file mode 100644 index 00000000..8c08b450 --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/dsa.1024.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/dsa.2048.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/dsa.2048.der Binary files differnew file mode 100644 index 00000000..6c65a6c0 --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/dsa.2048.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/dsa.3072.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/dsa.3072.der Binary files differnew file mode 100644 index 00000000..627b9978 --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/dsa.3072.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/dsa_public_key.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/dsa_public_key.der Binary files differnew file mode 100644 index 00000000..013a42f3 --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/dsa_public_key.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/ec_private_key.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/ec_private_key.der Binary files differnew file mode 100644 index 00000000..1e5491f4 --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/ec_private_key.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/ec_private_key_encrypted.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/ec_private_key_encrypted.der Binary files differnew file mode 100644 index 00000000..2798743c --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/ec_private_key_encrypted.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/ec_public_key.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/ec_public_key.der Binary files differnew file mode 100644 index 00000000..628ae2b2 --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/ec_public_key.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/enc-rsa-pkcs8.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/enc-rsa-pkcs8.der Binary files differnew file mode 100644 index 00000000..7c513b8e --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/enc-rsa-pkcs8.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/enc2-rsa-pkcs8.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/enc2-rsa-pkcs8.der Binary files differnew file mode 100644 index 00000000..f80a70fd --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/enc2-rsa-pkcs8.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/rsa_public_key.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/rsa_public_key.der Binary files differnew file mode 100644 index 00000000..1b55deb2 --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/rsa_public_key.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/testrsa.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/testrsa.der Binary files differnew file mode 100644 index 00000000..79cc1cec --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/testrsa.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/unenc-dsa-pkcs8.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/unenc-dsa-pkcs8.der Binary files differnew file mode 100644 index 00000000..678a1d27 --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/unenc-dsa-pkcs8.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/unenc-dsa-pkcs8.pub.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/unenc-dsa-pkcs8.pub.der Binary files differnew file mode 100644 index 00000000..4038c7e6 --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/unenc-dsa-pkcs8.pub.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/unenc-rsa-pkcs8.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/unenc-rsa-pkcs8.der Binary files differnew file mode 100644 index 00000000..bb7a38cf --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/unenc-rsa-pkcs8.der diff --git a/vectors/cryptography_vectors/asymmetric/DER_Serialization/unenc-rsa-pkcs8.pub.der b/vectors/cryptography_vectors/asymmetric/DER_Serialization/unenc-rsa-pkcs8.pub.der Binary files differnew file mode 100644 index 00000000..b4b6bbd0 --- /dev/null +++ b/vectors/cryptography_vectors/asymmetric/DER_Serialization/unenc-rsa-pkcs8.pub.der |