aboutsummaryrefslogtreecommitdiffstats
path: root/tests
Commit message (Collapse)AuthorAgeFilesLines
* disable healthchecks on the rest of the hypothesis tests (#4579)Paul Kehrer2018-11-121-1/+3
| | | | | | * disable healthchecks on the rest of the hypothesis tests * import the right thing
* parametrize a bunch of tests (#4365)Paul Kehrer2018-11-041-281/+58
|
* suppress healthcheck too slow error (#4548)Paul Kehrer2018-10-301-6/+2
|
* Add eq/ne/hash to PrecertificateSignedCertificateTimestamps (#4534)Paul Kehrer2018-10-291-0/+154
| | | | | | | | | | | | | | * Add eq/ne/hash to PrecertificateSignedCertificateTimestamps This requires adding it to SignedCertificateTimestamps as well * slightly more consistent * right, these need to be conditional * compare by signature * don't use private API
* create & use _evp_md_from_algorithm and _evp_md_non_null_from_algorithm (#4542)Paul Kehrer2018-10-291-0/+18
| | | | | | * create & use _evp_md_from_algorithm and _evp_md_non_null_from_algorithm * remove unused import
* OCSP response builder (#4485)Paul Kehrer2018-10-281-0/+382
| | | | | | | | * ocsp response builder * better prose * review changes
* don't limit hypothesis's time to generate valid test permutations (#4525)Paul Kehrer2018-10-251-1/+6
| | | | | | | | * don't limit hypothesis's time to generate valid test permutations * add a comment * lol
* next_update is not a required field on OCSP responses (#4513)Paul Kehrer2018-10-231-0/+8
|
* OCSP response serialization (#4482)Paul Kehrer2018-10-061-0/+19
| | | | | | * support OCSP response serialization * empty commit, good times
* support extensions in the OCSP request builder (#4481)Paul Kehrer2018-10-062-0/+53
| | | | | | | | | | * support extensions in the OCSP request builder * cover a missed branch * refactor to use new func * review feedback
* add OCSP basic response extension parsing (#4479)Paul Kehrer2018-10-061-0/+15
| | | | | | | | | | * add OCSP basic response extension parsing Just nonce for now. This does not support SINGLERESP extension parsing. * also raises on extensions for non-successful * empty commit
* support OCSP response parsing (#4452)Paul Kehrer2018-10-011-0/+137
| | | | | | | | | | | | * support OCSP response parsing * move the decorator to make pep8 happy * add some missing docs * review feedback * more review feedback
* OCSP request extension parsing (#4464)Paul Kehrer2018-09-092-0/+44
| | | | | | | | | | * add OCSP request parsing support with OCSPNonce * add docs * reprs man * make extensions a cached property
* update pytest config (#4463)Paul Kehrer2018-09-063-11/+12
| | | | | | | | | | | | | | * update pytest config pytest 3.8.0 was just released and officially deprecates some of the way we do pytest marks. They introduced a new way to do this in 3.6 so this PR switches to that mechanism and updates our minimum pytest requirement * update the stubs * also update wycheproof test config to remove deprecated paths * don't need this any more
* don't sort the serial numbers in a parsed CRL (#4457)Paul Kehrer2018-09-041-0/+29
| | | | | | | | | | | * don't sort the serial numbers in a parsed CRL OpenSSL sorts them in place and this breaks the signature and more. fixes #4456 * cache the sorted CRL (but create it lazily) * use the cache decorator
* Fixes #4333 -- added support for precert poison extension (#4442)Alex Gaynor2018-08-311-0/+29
| | | | | | | | | | | | | | * Fixes #4333 -- added support for precert poison extension * Make work on all OpenSSL versions * fixed flake8 + docs * fix for older OpenSSLs * document this * spell
* refactor ocsp request parsing and generation to support only one cert (#4439)Paul Kehrer2018-08-311-69/+25
| | | | | | | | * refactor ocsp request parsing and generation to support only one cert * small doc change * notimplementederror
* Fixed two memory leaks in x509 csr extensions (#4434)Alex Gaynor2018-08-311-3/+56
| | | | | | | | | | | | * Fixed a memory leak in x.509 OCSP no check * Fix the _actual_ leak * Speed up symbolizations * Disable backtrace by default, because it doesn't work on Windows * line length
* fixed test name (#4433)Alex Gaynor2018-08-301-1/+1
| | | | | | * fixed test name * spelling is hard
* make an ocsp request (#4402)Paul Kehrer2018-08-301-0/+64
| | | | | | | | | | | | | | | | * make an ocsp request * update test, add docs * make it an OCSPRequestBuilder * review feedback and more tests * make it a class * empty commit to retrigger * type check
* 1.1.0 locks (#4420)Paul Kehrer2018-08-291-3/+6
| | | | | | | | | | | | * Do conditional compiling of Cryptography_setup_ssl_threads * Check Cryptography_HAS_LOCKING_CALLBACKS before initing static locks Check if compiling and initing locking callbacks is necessary PEP8 fix * Make test_crypto_lock_init more complete
* remove freebsd11 builder (#4401)Paul Kehrer2018-08-151-2/+0
| | | | | | | | | | | | * remove freebsd11 builder it's out of date, we can't update it, and it is unreliable * we don't test against freebsd for now * what did case sensitivity ever do for me * don't assert on bsd since we don't test on for now
* OCSP request parsing (#4393)Paul Kehrer2018-08-151-0/+115
| | | | | | | | | | | | * add public_bytes to OCSPRequest * review feedback * OCSP request parsing * change some prose * add __len__ as a required method
* sigh, missed one TLSv1 (#4392)Alex Gaynor2018-08-121-1/+2
|
* Fixed #4380 -- do not assume TLSv1 is available in OpenSSL (#4389)Alex Gaynor2018-08-122-3/+5
| | | | | | | | * Fixed #4380 -- do not assume TLSv1 is available in OpenSSL Hallelujah! It's starting to become the case that some OpenSSLs are disabling it. * cover this file as well
* Refs #4375 -- added ECDH EC point wycheproof tests (#4384)Alex Gaynor2018-08-061-0/+41
|
* Refs #4375 -- added RSA PSS wycheproof tests (#4381)Alex Gaynor2018-08-031-1/+41
|
* Refs #4375 -- integrate wycheproof AES CCM tests (#4379)Alex Gaynor2018-08-021-1/+39
| | | | | | * Refs #4375 -- integrate wycheproof AES CCM tests * Skip these tests if we don't have CCM support
* Updated wycheproof tests for new upstream vectors (#4378)Alex Gaynor2018-08-012-8/+18
| | | | | | | | * updated tests for upstream wycheproof changes * Updated AES tests * oops, flake8
* Use A-label strings in tests (#4374)Tim Burke2018-07-301-2/+2
| | | | | We already have coverage of the U-label deprecation warnings in test_x509_ext.py; see TestRFC822Name.test_idna and TestUniformResourceIdentifier.test_idna_no_port
* Test for expected CryptographyDeprecationWarnings (#4372)Tim Burke2018-07-283-56/+48
| | | | | | | The remaining calls to `signer()` and `verifier()` are exercising the deprecated API intentionally. Let's test that the deprecation warnings are being raised as expected. Closes #4311; see also #4314.
* Update comment (#4371)Alex Gaynor2018-07-261-2/+2
|
* block_size isn't part of our interface and future hashes won't have it (#4366)Paul Kehrer2018-07-232-12/+3
|
* Refs #3331 -- integrated wycheproof ECDH tests (#4354)Alex Gaynor2018-07-182-0/+87
| | | | | | | | | | | | * Refs #3331 -- integrated wycheproof ECDH tests * flake8 + missing assert * Handle this error case * skip on unsupported * shouldn't need to try here any more
* improve skip msg when skipping an ECDH test in test_ec (#4355)Paul Kehrer2018-07-181-2/+2
|
* add wycheproof gcm tests (#4349)Paul Kehrer2018-07-171-0/+54
| | | | | | * add wycheproof gcm tests * add AEAD test
* also check iv length for GCM nonce in AEAD (#4350)Paul Kehrer2018-07-171-0/+6
| | | | | | * also check iv length for GCM nonce in AEAD * ugh
* raise ValueError on zero length GCM IV (#4348)Paul Kehrer2018-07-171-0/+4
|
* add chacha20poly1305 wycheproof tests (#4345)Paul Kehrer2018-07-171-0/+47
| | | | | | | | * add chacha20poly1305 wycheproof tests * flake8 * review
* add wycheproof tests for AES CMAC (#4344)Paul Kehrer2018-07-171-0/+36
| | | | | | * add wycheproof tests for AES CMAC * review feedback
* disallow implicit tag truncation with finalize_with_tag (#4342)Paul Kehrer2018-07-171-0/+16
|
* Refs #3331 -- integrated wycheproof ECDSA tests (#4341)Alex Gaynor2018-07-171-0/+76
| | | | | | | | | | * Refs #3331 -- integrated wycheproof ECDSA tests * Also handle these key loading errors * review * empty commit to trigger jenkins
* add aes cbc pkcs5 wycheproof tests (#4347)Paul Kehrer2018-07-171-0/+42
|
* add DSA wycheproof tests (#4346)Paul Kehrer2018-07-171-0/+49
|
* add crl.get_revoked_certificate method (#4331)Paul Kehrer2018-07-161-0/+12
| | | | | | | | * add crl.get_revoked_certificate method * lexicographic is the best ographic * rename
* Refs #3331 -- added initial wycheproof integration, starting with x25519, ↵Alex Gaynor2018-07-167-1/+268
| | | | | rsa, and keywrap (#4310) * Refs #3331 -- added initial wycheproof integration, starting with x25519 tests
* Change the exception we raise in keywrap unwrapping on invalid length (#4337)Alex Gaynor2018-07-161-3/+5
| | | I believe this can reasonably be considered backwards compatible since other invalid inputs already lead to InvalidUnwrap, and clients shouldn't be distinguishing between these two conditions, and ValueError wasn't documented anyways.
* document one shot AEAD length restrictions (#4322)Paul Kehrer2018-07-141-0/+38
| | | | | | | | | | | | | | * document one shot AEAD length restrictions * write a test that won't consume infinity ram continue to raise OverflowError since that's what cffi did. * this applies to associated_data too * remove unneeded arg * review feedback on docs
* raise valueerror for null x25519 derived keys (#4332)Paul Kehrer2018-07-121-0/+17
| | | | | | | | | * raise valueerror for null x25519 derived keys OpenSSL errors when it hits this edge case and a null shared key is bad anyway so let's raise an error * empty commit
* we don't actually care about the errstack here, it's an invalid signature ↵Paul Kehrer2018-07-101-0/+35
| | | | | | | | | | | | | | (#4325) * we don't actually care about the errstack here, it's an invalid signature We previously had no cases where we could error without getting errors on the error stack, but wycheproof contains test cases that can error without adding anything to the stack. Accordingly, we should clear the stack but raise InvalidSignature no matter what (rather than InternalError if we have no error msgs) * add a test
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-07 08:30:41 +0000