aboutsummaryrefslogtreecommitdiffstats
path: root/docs/hazmat/primitives/symmetric-encryption.rst
Commit message (Collapse)AuthorAgeFilesLines
* Update URL to EFF (#4672)Alex Gaynor2019-01-011-1/+1
|
* allow bytes-like for key/iv/data for symmetric encryption (#4621)Paul Kehrer2018-12-091-25/+44
| | | | | | | | | | | | | | | | | | * allow bytearrays for key/iv for symmetric encryption * bump pypy/cffi requirements * update docs, fix some tests * old openssl is naught but pain * revert a typo * use trusty for old pypy * better error msg again * restore match
* OpenPGP's website is also HTTPS! (#4518)Alex Gaynor2018-10-241-1/+1
|
* Colin's website went HTTPS! (#4515)Alex Gaynor2018-10-241-1/+1
|
* min_tag_length is an int (#4351)Paul Kehrer2018-07-171-1/+1
|
* raise ValueError on zero length GCM IV (#4348)Paul Kehrer2018-07-171-1/+2
|
* disallow implicit tag truncation with finalize_with_tag (#4342)Paul Kehrer2018-07-171-0/+1
|
* Make the docs clearer on why truncated tags are a bad idea (#4312)Alex Gaynor2018-07-061-4/+4
| | | | | | * Make the docs clearer on why truncated tags are a bad idea * clarify
* switch to py3 on docs job (#4230)Paul Kehrer2018-05-121-6/+6
| | | | | | * switch to py3 on docs job * somehow unicode isn't a word
* grammar nit, use a comma here (#4066)Alex Gaynor2017-12-291-1/+1
|
* let's talk about bits baby (#3956)Paul Kehrer2017-10-111-26/+30
|
* Add support for AES XTS (#3900)Paul Kehrer2017-10-011-0/+41
| | | | | | | | | | | | | | | | | | | | | | | | * Add support for AES XTS We drop the non-byte aligned test vectors because according to NIST http://csrc.nist.gov/groups/STM/cavp/documents/aes/XTSVS.pdf "An implementation may support a data unit length that is not a multiple of 8 bits." OpenSSL does not support this, so we can't use those test vectors. * fix docs and pep8 * docs fix * the spellchecker is so frustrating * add note about AES 192 for XTS (it's not supported) * docs work * enforce key length on ECB mode in AES as well (thanks XTS) * a few more words about why we exclude some test vectors for XTS
* add ChaCha20 support (#3919)Paul Kehrer2017-09-281-0/+49
| | | | | | | | | | * add ChaCha20 support * review feedback * 256 divided by 8 is what again? * ...
* Switch NIST PDFs from nvlpubs to csrc which is HTTPS (#3929)Alex Gaynor2017-09-201-1/+1
|
* Update the rest of the NIST urls to their new HTTPS homes (#3928)Alex Gaynor2017-09-201-1/+1
|
* add AESGCM AEAD support (#3785)Paul Kehrer2017-07-171-0/+5
| | | | | | | | * add AESGCM AEAD support * remove stray newline * move AESGCM docs above CCM
* fix symmetric encryption interfaces heading (#3676)Paul Kehrer2017-06-041-1/+1
|
* document invalidtag (#3675)Paul Kehrer2017-06-041-0/+11
| | | | | | * document invalidtag * move invalidtag
* strongly encourage the use of fernet, document its limitation (#3623)Paul Kehrer2017-05-271-0/+3
|
* add a changelog entry for finalize_with_tag and move the note (#3531)Paul Kehrer2017-05-021-4/+4
|
* postpone GCM authentication tag requirement until finalization (#3421)Philipp Gesang2017-05-021-8/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * postpone GCM authentication tag requirement until finalization Add a .finalize_with_tag() variant of the .finalize() function of the GCM context. At the same time, do not enforce the requirement of supplying the tag with the mode ctor. This facilitates streamed decryption when the MAC is appended to the ciphertext and cannot be efficiently retrieved ahead of decryption. According to the GCM spec (section 7.2: “Algorithm for the Authenticated Decryption Function”), the tag itself is not needed until the ciphertext has been decrypted. Addresses #3380 Signed-off-by: Philipp Gesang <philipp.gesang@intra2net.com> * disallow delayed GCM tag passing for legacy OpenSSL Old versions of Ubuntu supported by Cryptography ship a v1.0.1 of OpenSSL which is no longer supported by upstream. This library seems to cause erratic test failures with the delayed GCM tag functionality which are not reproducible outside the CI. Unfortunately OpenSSL v1.0.1 does not even document the required API (``EVP_EncryptInit(3)``) so there is no by-the-book fix. For backends of version 1.0.1 and earlier, verify the GCM tag at the same stage as before. Also, indicate to the user that late passing of GCM tags is unsupported by throwing ``NotImplementedError`` for these backend versions if - the method ``finalize_with_tag()`` is invoked, or - the mode ctor is called without passing a tag. Unit tests have been adapted to account for different backend versions.
* Update symmetric-encryption.rst (#3479)gdmnbt2017-03-231-0/+1
| | | | | | | | | | * Update symmetric-encryption.rst Import default_backend so the example works out-of-the-box. * Update symmetric-encryption.rst * newline nit
* Update NIST urls in docs (#3418)Alex Gaynor2017-02-271-1/+1
|
* add support for update_into on CipherContext (#3190)Paul Kehrer2017-02-161-0/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add support for update_into on CipherContext This allows you to provide your own buffer (like recv_into) to improve performance when repeatedly calling encrypt/decrypt on large payloads. * another skip_if * more skip_if complexity * maybe do this right * correct number of args * coverage for the coverage gods * add a cffi minimum test tox target and travis builder This tests against macOS so we capture some commoncrypto branches * extra arg * need to actually install py35 * fix * coverage for GCM decrypt in CC * no longer relevant * 1.8 now * pep8 * dramatically simplify * update docs * remove unneeded test * changelog entry * test improvements * coverage fix * add some comments to example * move the comments to their own line * fix and move comment
* Last pass over fixing the links (#3224)Alex Gaynor2016-11-061-1/+1
|
* Fix typo in `symmetric-encryption.rst` (#3138)Alex Chan2016-09-041-1/+1
|
* Remove provider language from docs (#3072)Gabriel Orisaka2016-07-311-6/+6
|
* HTTPS some links, in the odd event users of a cryptographic library would ↵Alex Gaynor2016-03-061-1/+1
| | | | care about authentication, integrity, or confidentiality
* Clearly document that this is a good exampleAlex Gaynor2016-02-101-0/+3
|
* Docs for CTR and GCM should say that IV/nonce must be uniqueEeshan Garg2015-05-201-7/+6
|
* Fixed links in the docsAlex Gaynor2015-02-241-2/+1
|
* Fixed a syntax error in the docsAlex Gaynor2015-02-241-1/+1
|
* Use HTTPS for a few URLs in the docs that support itAlex Gaynor2015-02-171-1/+1
|
* Fixed a link that the EFF movedAlex Gaynor2015-02-171-1/+1
|
* Fixed URL in the docsAlex Gaynor2015-02-161-1/+1
|
* export interfaces from base in ciphers, update docsPaul Kehrer2015-02-141-6/+6
|
* fix docs linksPaul Kehrer2015-02-131-2/+2
|
* move paddingPaul Kehrer2015-02-131-0/+12
|
* move cipher and mode interfacesPaul Kehrer2015-02-131-6/+92
|
* make our docs job nitpicky and fix every broken linkPaul Kehrer2015-02-121-2/+3
|
* IV should be 16 bytesGregory Haynes2015-01-031-1/+1
|
* iv should be 32 bytesGregory Haynes2015-01-031-1/+1
|
* Assign iv to var and remove testsetup blockGregory Haynes2015-01-031-8/+3
|
* Make the symmetric-enc example an exampleGregory Haynes2014-12-301-1/+3
| | | | | Making some minor tweaks to the doc example for symmetric encryption so it is an actual, runable example.
* Anywhere we tell someone to randomly generate something, link the RNG docs. ↵Alex Gaynor2014-12-191-30/+34
| | | | Fixes #1559
* Use HTTPS for a number of URLs in the docsAlex Gaynor2014-12-121-1/+1
|
* Improve docsAlex Gaynor2014-06-301-6/+8
|
* Fixes #1200 -- disallow GCM truncation by defaultAlex Gaynor2014-06-291-9/+12
|
* Use the short link version for various thingsAlex Gaynor2014-06-251-3/+3
|
* Fixed a few typosAlex Gaynor2014-06-101-1/+1
|