* add unsafe_skip_rsa_key_validation
This allows users to skip RSA key validation when calling
load_pem_private_key, load_der_private_key, and
RSAPrivateNumbers.private_key. This is a significant performance
improvement but is **only safe if you know the key is valid**. If you
use this when the key is invalid OpenSSL makes no guarantees about what
might happen. Infinite loops, crashes, and all manner of terrible things
become possible if that occurs. Beware, beware, beware.
* Apply suggestions from code review
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* remove unneeded variable
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* docs: update of ChaCha20 specification in hazmat
Clarification of the term nonce, because it is not clear to the user that is the concatenation of 4-byte counter and 12-byte nonce. That is important for compatibility with other implementations.
* docs: reformat of ChaCha20 specification
* Update docs/hazmat/primitives/symmetric-encryption.rst
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* support setting more PKCS12 serialization encryption options
This is limited support, but makes it possible to set two different PBES
choices as well as set KDF rounds and MAC algorithm
* Apply suggestions from code review
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* review feedback redux
* Update docs/hazmat/primitives/asymmetric/serialization.rst
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
These let developers be more explicit about the allowable key lengths
for an AES key and make auditing the codebase a bit easier.
But that's not really why we're adding them. In some upcoming
serialization features we need to be able to specify AES 128 vs AES 256
and the current class doesn't work for that since it computes key
length from the key you provide it when instantiating the class.
That's incompatible with serialization where the key is derived
later in the process. C'est la vie.
* KBKDF: add CounterLocation.MiddleFixed
* tests_kbkdf: add new tests
- Test CounterLocation.MiddleFixed and blocation=
* test_kbkdf_vectors: make use of MIDDLE_FIXED
* docs: document KBKDF CounterLocation.MiddleFixed
* s/blocation/break_location/g
* CHANGELOG: document KBKDF{HMAC,CMAC} CounterLocation.MiddleFixed #7489
* kbkdf: fixed is static across n iterations, only the counter changes
* kbkdf: check break_location is 0..len(fixed)
- Update tests to assert exception is raised when
break_location < 0 or > len(fixed)
- When asserting for "break_location is ignored when MiddleFixed",
use break_location=0 instead of =10,
to ensure we don't raise because of break_location > len(fixed)
- Assert that the right error messages are returned to the user.
* kbkdf: keyword-only break_location
* docs: document kw-only KBKDF{HMAC,CMAC}
* support 12-15 byte nonce sizes in OCB3
* Update tests/hazmat/primitives/test_aead.py
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* PKCS12 serialization wrapper supports PKCS12Certificate cas
* Added code from Felix's gist to serialize_key_and_certificate_to_pkcs12. Doesn't break current behaviour/tests, need to write validate new behaviour, write tests, and format code.
* Simplified instance check
* Tried to write tests, but I cannot figure out how to read the friendlyName from parsed_more_certs.
* Fixed test function and renamed it.
* Fixed formatting.
* Commiting before trying black
* Formatted updates to make flake8 and black happy.
* Fixed first review comments.
* remove forgotten print statement
* use backend.openssl_assert instead of if ...
* Documented changes.
* Updated documentation.
* Propose a new load_key_and_certificates_with_name API to return the PKCS12 'friendly name' as well.
* Extend load_key_and_certificates_with_name to return friendly names for all certificates; add serialize_key_and_certificates_with_names; add X509_alias_set1 to cffi; add basic tests for all these.
* Add changelog entry and documentation.
* Revert "Extend load_key_and_certificates_with_name to return friendly names for all certificates; add serialize_key_and_certificates_with_names; add X509_alias_set1 to cffi; add basic tests for all these."
This reverts commit 125935e8cf1d27028c5b593bb058e2716311fd72.
* Create new interface.
* Rename load_key_and_certificates_object -> load_pkcs12.
* Add constructor validation, improve repr tests.
* Mention '... or None'.
* Allow all private key types.
* Fix/improve tests.
* Ignore type errors when intentionally passing wrong types.
* Fix type; linting.
* Use correct ignore.
* Implement KBKDFCMAC
Also adjust KBKDFHMAC to avoid code duplication.
* Add KBKDFCMAC unit tests
* Enable KBKDFCMAC vector tests
* Fix doc8 too long line issue in changelog
Adding bullet list entries after line 30 in the CHANGELOG.rst leads to
doc8 D001 error in line 30. Looks like a doc8 bug. Breaking the line in
the middle of the cross-reference solves the problem for now.
Also replace the trailing comma with a dot.
* Add KBKDFCMAC documentation and update changelog
1. In signature generation code example, add a `key' assignment so it can be run solely.
2. In verify() code example, add a positive case before the negative one. Also use copy() to do self authentication.
Co-authored-by: Baofeng Wang <baofeng.wang67@gmail.com>
* Added information on what encrypt raises
Added a note on RSA's Encrypt explanation for newcomers such as myself, so that they don't have to waste 4 hours trying to figure out what is causing the ValueError like I did 😅
* Moved the note under the raises ValueError section
* Removed whitespaces causing issues
* Update rsa.rst
* Update docs/hazmat/primitives/asymmetric/rsa.rst
Co-authored-by: Paul Kehrer <paul.l.kehrer@gmail.com>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
Co-authored-by: Paul Kehrer <paul.l.kehrer@gmail.com>
