aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/cryptography/exceptions.py14
-rw-r--r--src/cryptography/hazmat/bindings/openssl/ssl.py2
-rw-r--r--src/cryptography/hazmat/primitives/asymmetric/utils.py7
-rw-r--r--src/cryptography/hazmat/primitives/twofactor/__init__.py4
-rw-r--r--src/cryptography/hazmat/primitives/twofactor/hotp.py3
-rw-r--r--src/cryptography/hazmat/primitives/twofactor/totp.py3
-rw-r--r--src/cryptography/utils.py1
-rw-r--r--src/cryptography/x509.py4
8 files changed, 31 insertions, 7 deletions
diff --git a/src/cryptography/exceptions.py b/src/cryptography/exceptions.py
index 102165c7..a4292eb8 100644
--- a/src/cryptography/exceptions.py
+++ b/src/cryptography/exceptions.py
@@ -6,6 +6,9 @@ from __future__ import absolute_import, division, print_function
from enum import Enum
+from cryptography import utils
+from cryptography.hazmat.primitives import twofactor
+
class _Reasons(Enum):
BACKEND_MISSING_INTERFACE = 0
@@ -53,5 +56,12 @@ class InvalidKey(Exception):
pass
-class InvalidToken(Exception):
- pass
+InvalidToken = utils.deprecated(
+ twofactor.InvalidToken,
+ __name__,
+ (
+ "The InvalidToken exception has moved to the "
+ "cryptography.hazmat.primitives.twofactor module"
+ ),
+ utils.DeprecatedIn09
+)
diff --git a/src/cryptography/hazmat/bindings/openssl/ssl.py b/src/cryptography/hazmat/bindings/openssl/ssl.py
index d680c3a5..6161a9d1 100644
--- a/src/cryptography/hazmat/bindings/openssl/ssl.py
+++ b/src/cryptography/hazmat/bindings/openssl/ssl.py
@@ -526,7 +526,7 @@ static const long Cryptography_HAS_NEXTPROTONEG = 1;
#endif
/* ALPN was added in OpenSSL 1.0.2. */
-#if OPENSSL_VERSION_NUMBER < 0x10002001L
+#if OPENSSL_VERSION_NUMBER < 0x10002001L && !defined(LIBRESSL_VERSION_NUMBER)
int (*SSL_CTX_set_alpn_protos)(SSL_CTX *,
const unsigned char *,
unsigned) = NULL;
diff --git a/src/cryptography/hazmat/primitives/asymmetric/utils.py b/src/cryptography/hazmat/primitives/asymmetric/utils.py
index 71f4ff8e..29390e40 100644
--- a/src/cryptography/hazmat/primitives/asymmetric/utils.py
+++ b/src/cryptography/hazmat/primitives/asymmetric/utils.py
@@ -4,6 +4,7 @@
from __future__ import absolute_import, division, print_function
+from pyasn1.codec.ber import eoo
from pyasn1.codec.der import decoder, encoder
from pyasn1.error import PyAsn1Error
from pyasn1.type import namedtype, univ
@@ -28,6 +29,12 @@ def decode_rfc6979_signature(signature):
raise ValueError(
"The signature contains bytes after the end of the ASN.1 sequence."
)
+ # pyasn1 can erroneously return this from top-level DER decoding.
+ # It's intended as a sentinel in recursive BER decoding, so it's
+ # returned even though an asn1Spec is provided.
+ if eoo.endOfOctets.isSameTypeWith(data) and data == eoo.endOfOctets:
+ raise ValueError("Invalid signature data. Unable to decode ASN.1")
+
r = int(data.getComponentByName('r'))
s = int(data.getComponentByName('s'))
return (r, s)
diff --git a/src/cryptography/hazmat/primitives/twofactor/__init__.py b/src/cryptography/hazmat/primitives/twofactor/__init__.py
index 4b540884..e71f9e67 100644
--- a/src/cryptography/hazmat/primitives/twofactor/__init__.py
+++ b/src/cryptography/hazmat/primitives/twofactor/__init__.py
@@ -3,3 +3,7 @@
# for complete details.
from __future__ import absolute_import, division, print_function
+
+
+class InvalidToken(Exception):
+ pass
diff --git a/src/cryptography/hazmat/primitives/twofactor/hotp.py b/src/cryptography/hazmat/primitives/twofactor/hotp.py
index 1dac920f..ba228b40 100644
--- a/src/cryptography/hazmat/primitives/twofactor/hotp.py
+++ b/src/cryptography/hazmat/primitives/twofactor/hotp.py
@@ -9,11 +9,12 @@ import struct
import six
from cryptography.exceptions import (
- InvalidToken, UnsupportedAlgorithm, _Reasons
+ UnsupportedAlgorithm, _Reasons
)
from cryptography.hazmat.backends.interfaces import HMACBackend
from cryptography.hazmat.primitives import constant_time, hmac
from cryptography.hazmat.primitives.hashes import SHA1, SHA256, SHA512
+from cryptography.hazmat.primitives.twofactor import InvalidToken
class HOTP(object):
diff --git a/src/cryptography/hazmat/primitives/twofactor/totp.py b/src/cryptography/hazmat/primitives/twofactor/totp.py
index 0b04a131..03df9292 100644
--- a/src/cryptography/hazmat/primitives/twofactor/totp.py
+++ b/src/cryptography/hazmat/primitives/twofactor/totp.py
@@ -5,10 +5,11 @@
from __future__ import absolute_import, division, print_function
from cryptography.exceptions import (
- InvalidToken, UnsupportedAlgorithm, _Reasons
+ UnsupportedAlgorithm, _Reasons
)
from cryptography.hazmat.backends.interfaces import HMACBackend
from cryptography.hazmat.primitives import constant_time
+from cryptography.hazmat.primitives.twofactor import InvalidToken
from cryptography.hazmat.primitives.twofactor.hotp import HOTP
diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py
index 0f8cbb27..445554ec 100644
--- a/src/cryptography/utils.py
+++ b/src/cryptography/utils.py
@@ -11,6 +11,7 @@ import warnings
DeprecatedIn08 = DeprecationWarning
+DeprecatedIn09 = PendingDeprecationWarning
def read_only_property(name):
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py
index 9db333c2..55b17460 100644
--- a/src/cryptography/x509.py
+++ b/src/cryptography/x509.py
@@ -354,8 +354,8 @@ class KeyUsage(object):
encipher_only = self.encipher_only
decipher_only = self.decipher_only
except ValueError:
- encipher_only = "N/A"
- decipher_only = "N/A"
+ encipher_only = None
+ decipher_only = None
return ("<KeyUsage(digital_signature={0.digital_signature}, "
"content_commitment={0.content_commitment}, "
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-29 13:25:11 +0000