aboutsummaryrefslogtreecommitdiffstats
path: root/docs/development
Commit message (Collapse)AuthorAgeFilesLines
* Fixes #4426 -- use modern idiom in our bindings docs (#4428)Alex Gaynor2018-08-301-1/+1
|
* Fix encoding errors in RSA test keys. (#4410)David Benjamin2018-08-231-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix encoding errors in RSA test keys. enc-rsa-pkcs8.pem and unenc-rsa-pkcs8.pem did not encode the RSA key correctly. Per RFC 8017, appendix A.1: The object identifier rsaEncryption identifies RSA public and private keys as defined in Appendices A.1.1 and A.1.2. The parameters field has associated with this OID in a value of type AlgorithmIdentifier SHALL have a value of type NULL. rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } unenc-rsa-pkcs8.pem, however, was missing that NULL, which was, in turn, carried into the encrypted payload of enc-rsa-pkcs8.pem. The DER version, enc-rsa-pkcs8.der, carries this mistake too. Interestingly, unenc-rsa-pkcs8.der does *not* have it. I'm guessing it was converted with the openssl command-line tool which fixed the encoding in conversion. Current versions of OpenSSL are lax and ignore the parameters field, but it's best to test against spec-compliant inputs. Fix unenc-rsa-pkcs8.pem to match unenc-rsa-pkcs8.der and then refresh enc-rsa-pkcs8.{der,pem} with the new encoding but otherwise the same encryption parameters. I've refreshed the dumpasn1 (at least that's what it looks like) preamble at the top of each file, but the current version of dumpasn1 appears to have changed the spacing slightly, so there's some whitespace diff noise. * Update test-vectors.rst.
* add new OCSP request vectors (#4399)Paul Kehrer2018-08-151-0/+4
|
* Document wycheproof revision we're current as of (#4390)Alex Gaynor2018-08-121-1/+13
| | | | | | | | * Document wycheproof revision we're current as of * Wycheproof is a real word! * line length
* Add SHA512/224 and SHA512/256 test vectors from NIST CAVP (#4237)Paul Kehrer2018-05-141-1/+1
|
* Use pytest instead of py.test per upstream recommendation, #dropthedot (#4236)Ville Skyttä2018-05-131-1/+1
| | | | http://blog.pytest.org/2016/whats-new-in-pytest-30/ https://twitter.com/hashtag/dropthedot
* add SHA3 and SHAKE vectors (#4213)Paul Kehrer2018-05-091-0/+2
| | | These can be used when OpenSSL 1.1.1 is released
* Update URLs for new pypi! (#4194)Alex Gaynor2018-04-162-6/+6
| | | | | | | | * Update URLs for new pypi! * trailing slash * grump
* Fixed links to sphinx docs (#4182)Alex Gaynor2018-04-011-1/+1
|
* updated link to sphinx docs (#4181)Alex Gaynor2018-04-011-1/+1
|
* Added badtime.pem vector (#4179)Joshua Crowgey2018-03-301-0/+2
| | | | | | | | * Added badtime.pem vector In connection with forthcoming PR to fix #4158 * shortened line, corrected and->and
* add botan's AESKWP vectors reformatted for our NIST loader (#4159)Paul Kehrer2018-03-201-0/+2
|
* brainpool vectors from rfc 7027 (#4143)Paul Kehrer2018-03-151-0/+2
|
* Fixed import path in go script (#4075)Alex Gaynor2018-01-061-1/+1
|
* add 1200 byte HKDF test vector and a generator/verifier for it (#4074)Paul Kehrer2018-01-064-2/+140
| | | | | | | | * add 1200 byte HKDF test vector and a generator/verifier for it * exit non-zero when failing * ugh
* remove whirlpool vectors since we no longer support whirlpool (#4054)Paul Kehrer2017-12-101-2/+0
|
* expunge python 2.6 (#3962)Paul Kehrer2017-10-111-2/+1
| | | | | | | | | | * expunge python 2.6 * how did THAT happen * remove another unsupported python from the tox envlist * hypothesis can now be unconditionally imported
* add utf8 DNSName x509 vector (#3952)Paul Kehrer2017-10-091-0/+2
|
* add Freshest CRL and Delta CRL Indicator test vectors (#3932)Paul Kehrer2017-09-201-0/+4
|
* Switch NIST PDFs from nvlpubs to csrc which is HTTPS (#3929)Alex Gaynor2017-09-201-1/+1
|
* add unique identifier test vector (#3925)Paul Kehrer2017-09-191-2/+4
| | | | | | * add unique identifier test vector * wrap a line I didn't even touch...
* Update PKITS link (#3923)Alex Gaynor2017-09-201-1/+1
|
* Update NIST CAVP url (#3922)Alex Gaynor2017-09-191-1/+1
|
* add chacha20 test vectors from RFC 7539 (#3918)Paul Kehrer2017-09-141-0/+1
|
* add X509 test vector with a TLS Feature (RFC 7633) extension (#3898)Paul Kehrer2017-09-081-0/+3
|
* oaep label vector (#3895)Paul Kehrer2017-09-071-0/+2
| | | | | | | | | | * oaep label vector * add count so we can use the nist vector loader * add RSA key from the boring vectors as well https://boringssl.googlesource.com/boringssl/+/ce3773f9fe25c3b54390bc51d72572f251c7d7e6/crypto/evp/evp_tests.txt#8
* add initial OCSP request test vector (#3890)Paul Kehrer2017-09-071-0/+5
|
* add test vector with invalid basicconstraints (#3866)Paul Kehrer2017-08-151-0/+3
| | | | | | * add test vector with invalid basicconstraints * sigh
* Add is_signature_valid method on CertificateRevocationList (#3849)Vincent Pelletier2017-08-121-0/+5
|
* Attempt to use coverage to quantify how many of the CONDITIONAL_NAMES we ↵Alex Gaynor2017-07-081-4/+11
| | | | | | | | | | | | | | | | | | really use (#3763) * Attempt to use coverage to quantify how many of the CONDITIONAL_NAMES we really use * rewrite file to improve coverage * Write it this way so we can use line coverage * lost this one :-( * fix comment and flake8 * update the docs as well * flake8
* add rfc 3526 DH groups (#3767)Paul Kehrer2017-07-081-0/+3
|
* Funcs macros gone (#3695)Paul Kehrer2017-06-271-3/+1
| | | | | | | | * No more FUNCS/MACROS distinction * change the docs to not talk about MACROS since they're gone * remove out of date comment
* add NIST CAVP CCM vectors (#3698)Paul Kehrer2017-06-181-1/+1
| | | | | http://csrc.nist.gov/groups/STM/cavp/documents/mac/ccmtestvectors.zip No TLS :(
* add X25519 test vectors from RFC 7748 section 5.2 (#3685)Paul Kehrer2017-06-061-0/+1
|
* Change the link to appease linkcheck (#3677)Alex Gaynor2017-06-041-1/+1
|
* add ChaCha20Poly1305 test vectors from OpenSSL/RFC7539 (#3673)Paul Kehrer2017-06-041-0/+4
| | | | | | | | * add ChaCha20Poly1305 test vectors from OpenSSL/RFC7539 * add the boringssl tests as well * highlight the lines
* Enlarge _oid2txt buffer to handle larger OIDs (#3612)Fraser Tweedale2017-05-291-0/+3
| | | | | | | | | The OpenSSL manual recommends a buffer size of 80 for OBJ_oid2txt: https://www.openssl.org/docs/crypto/OBJ_nid2ln.html#return_values. But OIDs longer than this occur in real life (e.g. Active Directory makes some very long OIDs). If the length of the stringified OID exceeds the buffer size, allocate a new buffer that is big enough to hold the stringified OID, and re-do the conversion into the new buffer.
* allow global suppression of link flags (#3592)Paul Kehrer2017-05-241-1/+1
| | | | | CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS will now suppress link flags regardless of platform. Additionally, CRYPTOGRAPHY_WINDOWS_LINK_LEGACY_OPENSSL is now the flag you need if you want to link against < 1.1.0 on windows.
* time to remove commoncrypto, fare thee well (#3551)Paul Kehrer2017-05-201-14/+0
| | | | | | | | | | | | | | | | * time to remove commoncrypto, fare thee well * remove even more * update the changelog * remove more things * don't need this function * remove CAST5 CTR tests since that was only supported in commoncrypto * assert a thing
* Update docs to reflect a change that occured long ago with bindings (#3517)Alex Gaynor2017-04-261-3/+4
|
* format some function names in docs (#3511)Alex Gaynor2017-04-211-1/+1
|
* Another site goes HTTPS! (#3477)Alex Gaynor2017-03-231-1/+1
|
* Refs #3461 -- added a test vector with SCTs (#3462)Alex Gaynor2017-03-191-0/+2
| | | | | | * Refs #3461 -- added a test vector with SCTs * timestamp is a word
* update dev docs to also say macOS and use openssl 1.1 (#3452)Paul Kehrer2017-03-141-4/+4
|
* DH subgroup order (q) (#3369)Aviv Palivoda2017-03-051-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Support DH q (subgroup order) * Change RFC5114.txt to NIST format * Add tests for DH q * Update docs for DH q * Fix pep8 * Improve test covergae for DH q * Create _dh_params_dup that copy q if DHparams_dup don't On OpenSSL < 1.0.2 DHparams_dup don't copy q. _dh_params_dup call DHparams_dup and if the version is smaller than 1.0.2 copy q manually * Copy q manually on libressl * Add to test vectors serialized RFC5114 2048 bit DH parameters with 224 bit subgroup * Support serialization of DH with q * Add tests for serialization of DH with q * Support DH serialization with q only if Cryptography_HAS_EVP_PKEY_DHX is true * Raise exception when trying to serialize DH X9.42 when not supported * raise unsupported key type when deserilizing DH X9.42 if not supported * pep8 fixes * Fix test_serialization * Add dhx_serialization_supported method to DHBacked * document q in dh_parameters_supported * Rename dhx_serialization_supported to dh_x942_serialization_supported
* Update NIST urls in docs (#3418)Alex Gaynor2017-02-271-1/+1
|
* Use HTTPS urls for a few more websites (#3416)Alex Gaynor2017-02-231-2/+2
|
* This is HTTPS now (#3407)Alex Gaynor2017-02-181-1/+1
|
* DH serialization (#3297)Aviv Palivoda2017-02-071-0/+14
| | | | | | | | | | | | | | | | | | * DH keys support serialization * Add DH serialization documentation * Add tests for DH keys serialization in DER encoding * update version to 1.8 * Allow only SubjectPublicKeyInfo serialization * Remove support in TraditionalOpenSSL format * Fix pep8 * Refactor dh serialization tests
* Drop 1.0.0 (#3312)Alex Gaynor2016-12-131-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * delete the 1.0.0 support * drop the version check * drop the AES-CTR stuff * Update the example * openssl truncates for us now * delete unused test * unused imports * Remove a bunch of conditional bindings for NPN * no more 1.0.0 builders * libressl fix * update the docs * remove dead branches * oops * this is a word, damnit * spelling * try removing this * this test is not needed * unused import
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-27 18:32:42 +0000