| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
really use (#3763)
* Attempt to use coverage to quantify how many of the CONDITIONAL_NAMES we really use
* rewrite file to improve coverage
* Write it this way so we can use line coverage
* lost this one :-(
* fix comment and flake8
* update the docs as well
* flake8
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* update static wheel install docs
* parentheses
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* Fixes #3745 -- add the any EKU EKU
* docs
* whitespace
* versionadded
|
| |
|
|
|
|
| |
* update linux install docs and release instructions
* rhel/centos is so bad they don't even have python3
|
| |
|
|
|
|
|
|
| |
* don't use long keys because they can be confusing wrt bits/bytes
* make sure we say bytes everywhere
* shorten the scrypt output to 32 bytes as well
|
| |
|
|
|
|
|
|
| |
* No more FUNCS/MACROS distinction
* change the docs to not talk about MACROS since they're gone
* remove out of date comment
|
| |
|
|
|
|
| |
* remove python 3.3 from CI
* remove 3.3 everywhere, not just from CI
|
| |
|
|
|
|
|
|
| |
* doc the relationship between PrivateKey and PrivateKeyWithSerialization
Or at least do it better.
* let's talk about opaque keys
|
| |
|
|
|
|
|
|
| |
* Reorganize DHParameters and DHPublicKey *WithSerialization
fixes #3720
* fix up the changelog
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Support DH parameter serizalization - no X9.42
* Support X9.42 serialization - DER not working
* Fix dhp_rfc5114_2.der
Changing the DER parameters serialization after the
fix in openssl commit a292c9f1b835
* DH parameters X9.42 DER serialization fixed
* fix _skip_dhx_unsupported
* document DH parameter_bytes
* PEP8 fixes
* Document load_pem_parameters
* Document load_der_parameters
* document ParameterFormat
* Increase test coverage
* Increase test covrage
* Remove unneeded check
* Fix typo
* Fix error in load_der_parameters
* Add load_pem_parameters and load_der_parameters to interfaces
* CR fixes
* Removed unverified phrase
* Update version to 2.0
* Fix pep8
* Rename ParameterFormat.ASN1 to ParameterFormat.DHParameter
* link pkcs3
* Add new line at end of file to serialization.rst
* Rename DHparameters to PKCS3
* doc CR fix
|
| |
|
|
|
|
|
|
| |
* be clearer that 65537 is the right answer
* Different language
* remove trailing whitespace
|
| | |
|
| |
|
|
|
| |
http://csrc.nist.gov/groups/STM/cavp/documents/mac/ccmtestvectors.zip
No TLS :(
|
| |
|
| |
fixes #3704
|
| |
|
| |
Fix misworded guidance for how to serialize a private key to bytes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* early days
* sort of working
* more things
* remove private_bytes
* public bytes, interface fix
* load public keys
* x25519 support basically done now
* private_bytes is gone
* some reminders
* doctest this too
* remove a thing that doesn't matter
* x25519 supported checks
* libressl has the NID, but a different API, so check for OpenSSL
* pep8
* add missing coverage
* update to use reasons
* expand test a little
* add changelog entry
* review feedback
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* chacha20poly1305 support
* add chacha20poly1305 backend and some fixes
* refactor
* forgot to remove this
* pep8
* review feedback and a lot of type/value checking
* review feedback
* raise unsupportedalgorithm when creating a ChaCha20Poly1305 object
if it's not supported.
* switch to ciphertext||tag
* typo
* remove a branch we don't need
* review feedback
* decrypts is *also* a word
* use reasons
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* document invalidtag
* move invalidtag
|
| |
|
|
|
|
|
|
| |
* add ChaCha20Poly1305 test vectors from OpenSSL/RFC7539
* add the boringssl tests as well
* highlight the lines
|
| |
|
| |
I have no idea what this meant
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Stub API for SCTs, feedback wanted
* grr, flake8
* finish up the __init__
* Initial implementation and tests
* write a test. it fails because computer
* get the tests passing and fix some TODOs
* changelog entry
* This can go now
* Put a skip in this test
* grump
* Removed unreachable code
* moved changelog to the correct section
* Use the deocrator for expressing requirements
* This needs f for the right entry_type
* coverage
* syntax error
* tests for coverage
* better sct eq tests
* docs
* technically correct, the most useless kind of correct
* typo and more details
* bug
* drop __eq__
|
| |
|
|
| |
generation section (#3669)
|
| |
|
|
|
|
| |
* deprecate signer/verifier on asymmetric keys
* review feedback, switch deprecated_call to work around a bug
|
| |
|
|
|
|
| |
* make signature and verification contexts error better re: prehashed
* code review feedback
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The OpenSSL manual recommends a buffer size of 80 for OBJ_oid2txt:
https://www.openssl.org/docs/crypto/OBJ_nid2ln.html#return_values.
But OIDs longer than this occur in real life (e.g. Active Directory
makes some very long OIDs). If the length of the stringified OID
exceeds the buffer size, allocate a new buffer that is big enough to
hold the stringified OID, and re-do the conversion into the new
buffer.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* move MACContext to mac.py and eliminate interfaces.py finally
* improve title
* re-add and deprecate interfaces.MACContext
* use pytest.warns instead of deprecated_call
The pytest docs insist that deprecation warnings are handled differently
and that you should use deprecated_call, but this works so okay then
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* Improve accuracy of install docs page
* fix line length
|
| | |
|
| |
|
|
|
|
|
|
| |
* Modify DH/ECDH examples to be explicit for DHE/ECDHE
Also add note to DH docs that you should probably use ECDH
* give a reason
|
| |
|
|
|
|
| |
* re-add the why of cryptography to the faq with some small updates
* reorder the items a bit
|
| |
|
|
|
|
| |
* add some explicit instructions on determining key type in a cert
* can't call it a CSR
|
| | |
|
| |
|
|
|
|
| |
* Put the exchange method on the correct interface
* fixed links in docs
|
