aboutsummaryrefslogtreecommitdiffstats
path: root/tests
Commit message (Collapse)AuthorAgeFilesLines
* Write a test for an uncovered line (#4940)Alex Gaynor2019-07-061-0/+24
|
* ed25519 support in x509 certificate builder (#4937)Paul Kehrer2019-07-061-3/+122
| | | | | | | | | | * ed25519 support in x509 certificate builder This adds minimal ed25519 support. More to come. * Apply suggestions from code review Co-Authored-By: Alex Gaynor <alex.gaynor@gmail.com>
* we don't have these mac builders any more (#4892)Paul Kehrer2019-05-251-7/+1
| | | | | | | | | | * we don't have these mac builders any more let's see if we get coverage from azure like we should! * remove a branch we can't cover in tests * remove unused import
* Small style cleanup (#4891)Alex Gaynor2019-05-191-1/+1
|
* add name for ExtensionOID.PRECERT_POISON (#4853)redshiftzero2019-05-191-1/+8
| | | | | | | | * test: ensure all public members of ExtensionOID have names defined * add name for ExtensionOID.PRECERT_POISON ref: https://github.com/google/certificate-transparency/blob/5fce65cb60cfe7808afc98de23c7dd5ddbfa1509/python/ct/crypto/asn1/oid.py#L338
* fix aia encoding memory leak (#4889)Paul Kehrer2019-05-181-0/+60
| | | | | | * fix aia encoding memory leak * don't return anything from the prealloc func
* use a random key for these tests (#4887)Paul Kehrer2019-05-181-1/+1
| | | | | | Using an all 0 key causes failures in OpenSSL master (and Fedora has cherry-picked the commit that causes it). The change requires that the key/tweak for XTS mode not be the same value, so let's just use a random key.
* fix from_issuer_subject_key_identifier to take the right type (#4864)Paul Kehrer2019-05-041-2/+9
| | | | | | | | | | * fix from_issuer_subject_key_identifier to take the right type deprecate passing the old Extension wrapper object * don't use a try:except: * hilarious contortions to satisfy doc8
* 4810 bugfix: avoid UnicodeEncodeError on python 2 (#4846)redshiftzero2019-04-161-4/+19
| | | | | | | | * test: regression test for UnicodeEncodeError in x509 name in #4810 added utf8 encoding at the top of the file due to PEP 263 * bugfix: #4810 resolve UnicodeEncodeError in x509 name
* Fixes #4830 -- handle negative serial numbers (#4843)Alex Gaynor2019-04-131-0/+8
|
* fix a memory leak in AIA parsing (#4836)Paul Kehrer2019-04-111-1/+20
| | | | | | * fix a memory leak in AIA parsing * oops can't remove that
* fix != comparison in py2 (fixes #4821) (#4822)Mathias Ertl2019-03-251-4/+10
| | | | | | | | * fix != comparison in py2 (fixes #4821) * remove blank line b/c pep8 * move __ne__ next to __eq__ as per review request
* implement eq__, __hash__ and __repr__ for OCSPNoCheck and PrecertPoison (#4819)Mathias Ertl2019-03-251-0/+44
|
* add new branch for unsupported openssh serialization (#4813)Paul Kehrer2019-03-181-1/+10
| | | | | we don't support ed448 openssh keys so we'll use that to test this branch. if we ever do support ed448 keys we can always just call this private method directly to keep coverage.
* add OpenSSH serialization for ed25519 keys (#4808) (#4811)bernhl2019-03-171-0/+11
| | | | | | * add OpenSSH serialization for ed25519 keys (#4808) * address review comments
* poly1305 support (#4802)Paul Kehrer2019-03-091-0/+125
| | | | | | | | | | | | | | | | | | | | * poly1305 support * some more tests * have I mentioned how bad the spellchecker is? * doc improvements * EVP_PKEY_new_raw_private_key copies the key but that's not documented Let's assume that might change and be very defensive * review feedback * add a test that fails on a tag of the correct length but wrong value * docs improvements
* support ed25519 openssh public keys (#4785)Paul Kehrer2019-02-271-1/+37
| | | | | | * support ed25519 openssh public keys * don't need this check
* ed448 support (#4610)Paul Kehrer2019-02-272-0/+306
| | | | | | | | * ed448 support * move the changelog entry * flake8
* ed25519 support (#4114)Paul Kehrer2019-02-263-0/+338
| | | | | | * ed25519 support * review feedback
* reduce our engine bindings even more (#4768)Paul Kehrer2019-02-251-0/+19
|
* support NO_ENGINE (#4763)Paul Kehrer2019-02-251-0/+3
| | | | | | | | * support OPENSSL_NO_ENGINE * support some new openssl config args * sigh
* why did we have these variables (#4764)Paul Kehrer2019-02-241-7/+7
|
* add an EC OID to curve dictionary mapping (#4759)Paul Kehrer2019-02-201-1/+7
| | | | | | | | | | * add an EC OID to curve dictionary mapping * oid_to_curve function * changelog and docs fix * rename to get_curve_for_oid
* encode the package version in the shared object (#4756)Paul Kehrer2019-02-201-1/+5
| | | | | | | | | | * encode the package version in the shared object * review feedback * move into build_ffi so the symbol is in all shared objects * review feedback
* Simplify string formatting (#4757)Alex Gaynor2019-02-208-15/+15
|
* Fixes for the latest pep8-naming (#4744)Alex Gaynor2019-02-0212-60/+60
|
* Run wycheproof RSA tests on LibreSSL>=2.8 (#4737)Alex Gaynor2019-01-241-6/+6
| | | | | | | | * Run wycheproof RSA tests on LibreSSL>=2.8 * Define it this way * These are errors on libressl
* Fixes #4734 -- Deal with deprecated things (#4736)Alex Gaynor2019-01-233-39/+7
| | | | | | | | | | * Fixes #4734 -- Deal with deprecated things - Make year based aliases of PersistentlyDeprecated so we can easily assess age - Removed encode/decode rfc6979 signature - Removed Certificate.serial * Unused import
* allow asn1 times of 1950-01-01 and later. (#4728)Paul Kehrer2019-01-223-8/+37
| | | | | | | | * allow asn1 times of 1950-01-01 and later. * add a test * pretty up the test
* allow 32-bit platforms to encode certs with dates > unix epoch (#4727)Paul Kehrer2019-01-211-8/+13
| | | | | | | | | | | | | | | | | Previously we used unix timestamps, but now we are switching to using ASN1_TIME_set_string and automatically formatting the string based on the year. The rule is as follows: Per RFC 5280 (section 4.1.2.5.), the valid input time strings should be encoded with the following rules: 1. UTC: YYMMDDHHMMSSZ, if YY < 50 (20YY) --> UTC: YYMMDDHHMMSSZ 2. UTC: YYMMDDHHMMSSZ, if YY >= 50 (19YY) --> UTC: YYMMDDHHMMSSZ 3. G'd: YYYYMMDDHHMMSSZ, if YYYY >= 2050 --> G'd: YYYYMMDDHHMMSSZ 4. G'd: YYYYMMDDHHMMSSZ, if YYYY < 2050 --> UTC: YYMMDDHHMMSSZ Notably, Dates < 1950 are not valid UTCTime. At the moment we still reject dates < Jan 1, 1970 in all cases but a followup PR can fix that.
* deprecate encode_point and migrate all internal callers (#4720)Paul Kehrer2019-01-201-1/+2
|
* add support for encoding compressed points (#4638)Paul Kehrer2019-01-204-22/+107
| | | | | | * add support for encoding compressed points * review feedback
* shake128/256 support (#4611)Paul Kehrer2019-01-193-3/+97
| | | | | | | | | | | | | | * shake128/256 support * remove block_size * doc an exception * change how we detect XOF by adding _xof attribute * interface! * review feedback
* support byteslike in KBKDFHMAC (#4711)Paul Kehrer2019-01-171-0/+8
|
* support byteslike in ConcatKDF{HMAC,Hash}, Scrypt, and X963KDF (#4709)Paul Kehrer2019-01-173-0/+59
| | | | | | | | * byteslike concatkdf * byteslike scrypt * byteslike x963kdf
* support byteslike for OTP (#4710)Paul Kehrer2019-01-172-0/+11
|
* normalize KBKDF tests (#4708)Paul Kehrer2019-01-171-38/+37
|
* Support byteslike in HKDF and PBKDF2HMAC (#4707)Paul Kehrer2019-01-172-0/+33
| | | | | | | | * support byteslike in HKDF * support byteslike in PBKDF2HMAC * add missing docs
* support bytes-like for X25519PrivateKey.from_private_bytes (#4698)Paul Kehrer2019-01-171-0/+9
| | | yuck.
* x448 and x25519 should enforce key lengths in backend (#4703)Paul Kehrer2019-01-172-1/+21
| | | | | | | | | | | * x448 and x25519 should enforce key lengths in from_private_bytes they should also check if the algorithm is supported like the public bytes class methods do * oops * move the checks
* support byteslike in hmac update (#4705)Paul Kehrer2019-01-171-1/+1
| | | needed for some KDF keying material
* support byteslike in hash updates (#4702)Paul Kehrer2019-01-161-0/+12
| | | This is needed to handle keying material in some of the KDFs
* support bytes-like keys in CMAC and HMAC contexts (#4701)Paul Kehrer2019-01-162-0/+23
|
* add support for byteslike password/data to load_{pem,der}_private_key (#4693)Paul Kehrer2019-01-161-0/+49
| | | | | | * add support for byteslike password/data to load_{pem,der}_private_key * pypy 5.4 can't do memoryview from_buffer
* turn off hypothesis deadlines, enforced by default in 4.0 (#4696)Paul Kehrer2019-01-162-2/+2
| | | | we don't care about exceeding a deadline in CI because our infra has wild variability and this can just randomly happen.
* support byteslike in aead for key and nonce (#4695)Paul Kehrer2019-01-151-0/+45
|
* support byteslike in X448PrivateKey.from_private_bytes (#4694)Paul Kehrer2019-01-151-0/+12
|
* add support for byteslike on password and data for pkcs12 loading (#4690)Paul Kehrer2019-01-151-0/+13
| | | | | | | | | | | | * add support for byteslike on password and data for pkcs12 loading * use a contextmanager to yield a null terminated buffer we can zero * review feedback * updated text * one last change
* Serialization x25519 (#4688)Paul Kehrer2019-01-143-9/+179
| | | | | | | | | | | | | | | | | * modify x25519 serialization to match x448 supports raw and pkcs8 encoding on private_bytes supports raw and subjectpublickeyinfo on public_bytes deprecates zero argument call to public_bytes * add docs * this is public now * don't need that * review feedback
* support x448 public/private serialization both raw and pkcs8 (#4653)Paul Kehrer2019-01-136-8/+281
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * support x448 public/private serialization both raw and pkcs8 * add tests for all other asym key types to prevent Raw * more tests * better tests * fix a test * funny story, I'm actually illiterate. * pep8 * require PrivateFormat.Raw or PublicFormat.Raw with Encoding.Raw * missing docs * parametrize * docs fixes * remove dupe line * assert something
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-04 22:34:36 +0000