| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Support DH parameter serizalization - no X9.42
* Support X9.42 serialization - DER not working
* Fix dhp_rfc5114_2.der
Changing the DER parameters serialization after the
fix in openssl commit a292c9f1b835
* DH parameters X9.42 DER serialization fixed
* fix _skip_dhx_unsupported
* document DH parameter_bytes
* PEP8 fixes
* Document load_pem_parameters
* Document load_der_parameters
* document ParameterFormat
* Increase test coverage
* Increase test covrage
* Remove unneeded check
* Fix typo
* Fix error in load_der_parameters
* Add load_pem_parameters and load_der_parameters to interfaces
* CR fixes
* Removed unverified phrase
* Update version to 2.0
* Fix pep8
* Rename ParameterFormat.ASN1 to ParameterFormat.DHParameter
* link pkcs3
* Add new line at end of file to serialization.rst
* Rename DHparameters to PKCS3
* doc CR fix
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* ed25519 vector loader
* refactor to use unpacking
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* early days
* sort of working
* more things
* remove private_bytes
* public bytes, interface fix
* load public keys
* x25519 support basically done now
* private_bytes is gone
* some reminders
* doctest this too
* remove a thing that doesn't matter
* x25519 supported checks
* libressl has the NID, but a different API, so check for OpenSSL
* pep8
* add missing coverage
* update to use reasons
* expand test a little
* add changelog entry
* review feedback
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* chacha20poly1305 support
* add chacha20poly1305 backend and some fixes
* refactor
* forgot to remove this
* pep8
* review feedback and a lot of type/value checking
* review feedback
* raise unsupportedalgorithm when creating a ChaCha20Poly1305 object
if it's not supported.
* switch to ciphertext||tag
* typo
* remove a branch we don't need
* review feedback
* decrypts is *also* a word
* use reasons
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Stub API for SCTs, feedback wanted
* grr, flake8
* finish up the __init__
* Initial implementation and tests
* write a test. it fails because computer
* get the tests passing and fix some TODOs
* changelog entry
* This can go now
* Put a skip in this test
* grump
* Removed unreachable code
* moved changelog to the correct section
* Use the deocrator for expressing requirements
* This needs f for the right entry_type
* coverage
* syntax error
* tests for coverage
* better sct eq tests
* docs
* technically correct, the most useless kind of correct
* typo and more details
* bug
* drop __eq__
|
| |
|
|
|
|
| |
* deprecate signer/verifier on asymmetric keys
* review feedback, switch deprecated_call to work around a bug
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* make signature and verification contexts error better re: prehashed
* code review feedback
|
| |
|
|
|
|
|
|
|
| |
The OpenSSL manual recommends a buffer size of 80 for OBJ_oid2txt:
https://www.openssl.org/docs/crypto/OBJ_nid2ln.html#return_values.
But OIDs longer than this occur in real life (e.g. Active Directory
makes some very long OIDs). If the length of the stringified OID
exceeds the buffer size, allocate a new buffer that is big enough to
hold the stringified OID, and re-do the conversion into the new
buffer.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* move MACContext to mac.py and eliminate interfaces.py finally
* improve title
* re-add and deprecate interfaces.MACContext
* use pytest.warns instead of deprecated_call
The pytest docs insist that deprecation warnings are handled differently
and that you should use deprecated_call, but this works so okay then
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add libre so I can see the error
* add the libre error needed and refactor error handling a bit
We were historically matching on lib + func + reason, but func is
somewhat unstable so now we match on lib + reason only. Of course, in
this case libressl changed both lib and reason so it wouldn't
have mattered. All error handling from the error queue in
openssl is an illusion
* fix a typo, probably an unneeded branch
* review feedback
* refactor tests to support libressl
insert additional rant about libre here, although admittedly these tests
were assuming stability where openssl itself guarantees none
* better assert, fix flake8
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* jurisdictionCountryName also must be PrintableString
* flake8 + citation
* Write a test, which fails. If my analysis is correct, this is blocked on:
https://github.com/openssl/openssl/pull/3284
* This is only true on 1.1.0
* clearly express the version requirement
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* Bump the minimum PyPy/cffi version and simplify as a result
* unused imports
* grumble, fix
|
| | |
|
| |
|
|
|
|
| |
* Fixed more deprecation warnings
* unused import
|
| |
|
|
|
|
|
|
| |
* Delete some code
* removed import
* delete more code
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fixed #3533 -- made GCM mode object immutable
* flake8
* Fix for older openssl
* fix
* fix
* sigh, fix
* fixed
* dropped negation
* computers are bad
* A test
* This implements an interface
|
| |
|
|
|
|
|
|
| |
* remove multibackend
* oops
* goodbye pointless tests
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* time to remove commoncrypto, fare thee well
* remove even more
* update the changelog
* remove more things
* don't need this function
* remove CAST5 CTR tests since that was only supported in commoncrypto
* assert a thing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Don't raise an UnsupportedExtension for critical extensions.
Fixes #2903
Fixes #2901
Fixes #3325
* Don't link
* Revert "Don't link"
This reverts commit 4fe847f91d9dd45cdc28a4984c4e44aad62a5de6.
* fix
* Revert "Revert "Don't link""
This reverts commit 856031b5a1fbad04ac218fa94ebf37dcd402f3ed.
* fix
* Deprecate this
* Better changelog entry
|
| |
|
|
|
|
| |
* Don't skip DH tests when dhx unsupported and no dhx is required
* Add is_dhx parameter
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#3539)
* Document our real API for EC verification, not an accident
* formatting consistency
* fix the code itself
* fixed class name
* fixed a test too
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* postpone GCM authentication tag requirement until finalization
Add a .finalize_with_tag() variant of the .finalize() function of
the GCM context. At the same time, do not enforce the requirement
of supplying the tag with the mode ctor. This facilitates
streamed decryption when the MAC is appended to the ciphertext
and cannot be efficiently retrieved ahead of decryption.
According to the GCM spec (section 7.2: “Algorithm for the
Authenticated Decryption Function”), the tag itself is not needed
until the ciphertext has been decrypted.
Addresses #3380
Signed-off-by: Philipp Gesang <philipp.gesang@intra2net.com>
* disallow delayed GCM tag passing for legacy OpenSSL
Old versions of Ubuntu supported by Cryptography ship a v1.0.1 of
OpenSSL which is no longer supported by upstream. This library
seems to cause erratic test failures with the delayed GCM tag
functionality which are not reproducible outside the CI.
Unfortunately OpenSSL v1.0.1 does not even document the required
API (``EVP_EncryptInit(3)``) so there is no by-the-book fix.
For backends of version 1.0.1 and earlier, verify the GCM tag
at the same stage as before.
Also, indicate to the user that late passing of GCM tags is
unsupported by throwing ``NotImplementedError`` for these backend
versions if
- the method ``finalize_with_tag()`` is invoked, or
- the mode ctor is called without passing a tag.
Unit tests have been adapted to account for different backend
versions.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* Attempt to simplify the libressl checing
* SHENANGINS
* Attempted fix
* More simplification
|
| |
|
|
|
|
| |
* Remove API deprecated in 1.6, clean up the legacy deprecations
* flake8, unused import
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Bind a pair of mem functions.
* do the conditional correctly
* move to the right section
* Get the code basically working
* flake8
* say the correct incantation
* WOrkaround for hilarity
* Revert "WOrkaround for hilarity"
This reverts commit 37b9f3b4ed4063eef5add3bb5d5dd592a007d439.
* Swap out these functions for the originals
* nonsense for windows
* try writing this all out for windows
* Debugging utility
* Avoid this mess, don't dlopen anything
* Throw away this FFI entirely
* first pass at some x.509 memleak tests
* TODO and fix
* Get the tests to passing
* String formatting is nasty
* some fixes because rebasing
* fix for the name API, always use the OpenSSL backend
|
| |
|
|
|
|
|
|
|
| |
* Improvements to the memleak tests
* Support passing args
* Do more initialization before looking for at the heap
* Don't use default_backend for something OpenSSL specific
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* We always have EC
* We always have ECDH
* We always have ECDSA
* We always have EC codes
* This can go as well
* And this
* unused import
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Bind a pair of mem functions.
* make these conditional
* do the conditional correctly
* move to the right section
* I'm not saying libressl should be illegal, but it is annoying
* sigh, typo
* first cut at memleak tests. doesn't work
* hack around the previous error, onto the next one
* drop the pointless restoration of the original functions
* Don't try to use the previous malloc functions.
The default malloc is CRYPTO_malloc which calls the custom ptr you provided, so it just recurses forever.
* flake8
* Get the code basically working
* flake8
* say the correct incantation
* Don't try to run on old OpenSSL
* Flushing this is a good idea
* Fixed a py2.7+ism
* GRRRRR
* WOrkaround for hilarity
* Revert "WOrkaround for hilarity"
This reverts commit 37b9f3b4ed4063eef5add3bb5d5dd592a007d439.
* Swap out these functions for the originals
* py3k fix
* flake8
* nonsense for windows
* py3k
* seperate stdout and stderr because py26 has a warning on stderr
* try writing this all out for windows
* useful error messages
* Debugging utility
* Avoid this mess, don't dlopen anything
* consistency
* Throw away this FFI entirely
* some useful comments
|
| |
|
|
|
| |
Trying to be too specific about why key loading fails is very difficult
when you're using the same logic across DH, EC, RSA, and DSA. This makes
it less fancy.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Support DH q (subgroup order)
* Change RFC5114.txt to NIST format
* Add tests for DH q
* Update docs for DH q
* Fix pep8
* Improve test covergae for DH q
* Create _dh_params_dup that copy q if DHparams_dup don't
On OpenSSL < 1.0.2 DHparams_dup don't copy q. _dh_params_dup
call DHparams_dup and if the version is smaller than 1.0.2
copy q manually
* Copy q manually on libressl
* Add to test vectors serialized RFC5114 2048 bit DH parameters with 224 bit subgroup
* Support serialization of DH with q
* Add tests for serialization of DH with q
* Support DH serialization with q only if Cryptography_HAS_EVP_PKEY_DHX is true
* Raise exception when trying to serialize DH X9.42 when not supported
* raise unsupported key type when deserilizing DH X9.42 if not supported
* pep8 fixes
* Fix test_serialization
* Add dhx_serialization_supported method to DHBacked
* document q in dh_parameters_supported
* Rename dhx_serialization_supported to dh_x942_serialization_supported
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add support for update_into on CipherContext
This allows you to provide your own buffer (like recv_into) to improve
performance when repeatedly calling encrypt/decrypt on large payloads.
* another skip_if
* more skip_if complexity
* maybe do this right
* correct number of args
* coverage for the coverage gods
* add a cffi minimum test tox target and travis builder
This tests against macOS so we capture some commoncrypto branches
* extra arg
* need to actually install py35
* fix
* coverage for GCM decrypt in CC
* no longer relevant
* 1.8 now
* pep8
* dramatically simplify
* update docs
* remove unneeded test
* changelog entry
* test improvements
* coverage fix
* add some comments to example
* move the comments to their own line
* fix and move comment
|
| |
|
|
|
|
|
|
|
| |
If pyca/cryptography sees any errors on the error stack during its own
initialization it immediately raises InternalError and refuses to
proceed. This was a safety measure since we weren't sure if it was
safe to proceed. However, reality has intervened and we have to
bow to the god of pragmatism and just clear the error queue. In
practice this is safe since we religiously check the error queue
in operation.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* switch the PEM password callback to a C implementation
Calling from C to Python is fraught with edge cases, especially in
subinterpreter land. This commit moves the PEM password callback logic
into a small C function and then removes all the infrastructure for the
cffi callbacks (as we no longer have any)
* review feedback and update tests
* rename the struct
* aaand one more fix
|
| |
|
|
|
|
|
|
|
|
| |
* enforce password must be bytes when loading PEM/DER asymmetric keys
Previously we were using an ffi.buffer on the Python string, which was
allowing text implicitly, but our documentation explicitly requires
bytes.
* add changelog entry
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* replace pyasn1 with asn1crypto
* allow trailing bytes
* fix x509 test
* update CHANGELOG.rst
* fix assert
* make asn1crypto code more idiomatic
* find tag
* final clean-up
* leave trailing byte logic unchanged
* document dependency change
* spelling
* fix spelling
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* DH keys support serialization
* Add DH serialization documentation
* Add tests for DH keys serialization in DER encoding
* update version to 1.8
* Allow only SubjectPublicKeyInfo serialization
* Remove support in TraditionalOpenSSL format
* Fix pep8
* Refactor dh serialization tests
|
| |
|
|
|
|
|
|
|
|
| |
* add memory limit check for scrypt
fixes #3323
* test a pass
* move _MEM_LIMIT to the scrypt module
|
| |
|
|
|
|
|
|
|
|
| |
* add openssl_version_number & doc openssl_version_text
fixes #3315
* more docs + actually assert on the test...
* text
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* delete the 1.0.0 support
* drop the version check
* drop the AES-CTR stuff
* Update the example
* openssl truncates for us now
* delete unused test
* unused imports
* Remove a bunch of conditional bindings for NPN
* no more 1.0.0 builders
* libressl fix
* update the docs
* remove dead branches
* oops
* this is a word, damnit
* spelling
* try removing this
* this test is not needed
* unused import
|
| |
|
|
|
|
| |
* fix a regression in int_from_bytes
* add a new test file
|
