* fix parsing for CRLs with TLVs > 65535 bytes (#7575)
* add CRL test vector with 9,999 revoked items
* bump rust-asn1
* add large CRL test
this tests CRLs larger than 65535 bytes in size. rust-asn1 supports up
to 4GiB TLVs now, but we'll avoid putting a test vector that big for now
* changelog and 38.0.1 bump
* support setting more PKCS12 serialization encryption options
This is limited support, but makes it possible to set two different PBES
choices as well as set KDF rounds and MAC algorithm
* Apply suggestions from code review
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* review feedback redux
* Update docs/hazmat/primitives/asymmetric/serialization.rst
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
These let developers be more explicit about the allowable key lengths
for an AES key and make auditing the codebase a bit easier.
But that's not really why we're adding them. In some upcoming
serialization features we need to be able to specify AES 128 vs AES 256
and the current class doesn't work for that since it computes key
length from the key you provide it when instantiating the class.
That's incompatible with serialization where the key is derived
later in the process. C'est la vie.
* KBKDF: add CounterLocation.MiddleFixed
* tests_kbkdf: add new tests
- Test CounterLocation.MiddleFixed and blocation=
* test_kbkdf_vectors: make use of MIDDLE_FIXED
* docs: document KBKDF CounterLocation.MiddleFixed
* s/blocation/break_location/g
* CHANGELOG: document KBKDF{HMAC,CMAC} CounterLocation.MiddleFixed #7489
* kbkdf: fixed is static across n iterations, only the counter changes
* kbkdf: check break_location is 0..len(fixed)
- Update tests to assert exception is raised when
break_location < 0 or > len(fixed)
- When asserting for "break_location is ignored when MiddleFixed",
use break_location=0 instead of =10,
to ensure we don't raise because of break_location > len(fixed)
- Assert that the right error messages are returned to the user.
* kbkdf: keyword-only break_location
* docs: document kw-only KBKDF{HMAC,CMAC}
The previous wording (to me) sounded as if an instance of the specific
`ExtensionType` subclass would be returned.
But the methods actually return an `Extension` instance, from which the
specific `ExtensionType` instance can be accessed through the `value`
property.
* Add `tbs_precertificate_bytes` property
* docs/x509: document `tbs_precertificate_bytes`
Signed-off-by: William Woodruff <william@trailofbits.com>
* tests/x509: add two trivial tests
Signed-off-by: William Woodruff <william@trailofbits.com>
* x509/base: fix lint
Signed-off-by: William Woodruff <william@trailofbits.com>
* oid: add CERTIFICATE_TRANSPARENCY (1.3.6.1.4.1.11129.2.4.4)
Signed-off-by: William Woodruff <william@trailofbits.com>
* hazmat/oid: rehome CERTIFICATE_TRANSPARENCY under ExtendedKeyUsageOID
Signed-off-by: William Woodruff <william@trailofbits.com>
* docs/x509: fix link, help the spellchecker
Signed-off-by: William Woodruff <william@trailofbits.com>
* x509: Raise ValueError when we can't filter SCT list extension
* tests: Expect a `ValueError` when accessing `tbs_precertificate_bytes`
in default example
* tests, vectors: Add TBS precert vector for test comparison
* docs/x509: document the `CERTIFICATE_TRANSPARENCY` OID
Signed-off-by: William Woodruff <william@trailofbits.com>
* docs/x509: elaborate `tbs_precertificate_bytes`
Signed-off-by: William Woodruff <william@trailofbits.com>
* rust/x509: remove unused OID
Signed-off-by: William Woodruff <william@trailofbits.com>
* x509/certificate: tweak error
Signed-off-by: William Woodruff <william@trailofbits.com>
* tests/x509: reorganize
Signed-off-by: William Woodruff <william@trailofbits.com>
* Update src/rust/src/x509/certificate.rs
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* tests/x509: more reorg, rename
Signed-off-by: William Woodruff <william@trailofbits.com>
* docs: document new testvector
Signed-off-by: William Woodruff <william@trailofbits.com>
* docs: coax the spellchecker
Signed-off-by: William Woodruff <william@trailofbits.com>
* tests/x509: use a cert that doesn't require SHA-1
Signed-off-by: William Woodruff <william@trailofbits.com>
* tests/x509: test for no extensions at all
Signed-off-by: William Woodruff <william@trailofbits.com>
Co-authored-by: Alex Cameron <asc@tetsuo.sh>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* Update install docs now that we test on Windows 2022
* Update installation.rst
* Update spelling_wordlist.txt
* Update docs/installation.rst
Co-authored-by: Paul Kehrer <paul.l.kehrer@gmail.com>
Co-authored-by: Paul Kehrer <paul.l.kehrer@gmail.com>
* WIP
* x509: remove TBS work for now
Signed-off-by: William Woodruff <william@yossarian.net>
* CT: flake8
Signed-off-by: William Woodruff <william@yossarian.net>
* CT: remove TODO, add links
Signed-off-by: William Woodruff <william@yossarian.net>
* CT/SCT: strong enums for HashAlgorithm and SignatureAlgorithm
Signed-off-by: William Woodruff <william@yossarian.net>
* tests: add SCT hash/signature algorithm tests
Signed-off-by: William Woodruff <william@yossarian.net>
* tests: fix SignatureAlgorithm test, add signature contents test
Signed-off-by: William Woodruff <william@yossarian.net>
* rust: unit tests for {Hash,Signature}Algorithm
Signed-off-by: William Woodruff <william@yossarian.net>
* x509/sct: code coverage shenanigans
Signed-off-by: William Woodruff <william@yossarian.net>
* asn1, sct: pesky coverage
Signed-off-by: William Woodruff <william@yossarian.net>
* x509/sct: simplify parsing
Signed-off-by: William Woodruff <william@yossarian.net>
* docs: document new SCT APIs
Signed-off-by: William Woodruff <william@yossarian.net>
* docs: add refs to RFC 5246
Signed-off-by: William Woodruff <william@yossarian.net>
* SCT: forbid nonsense hash and signature algos
No tests, yet.
Signed-off-by: William Woodruff <william@yossarian.net>
* tests: add invalid hash/sig algo tests
Signed-off-by: William Woodruff <william@yossarian.net>
* sct: remove ToAttr trait
Inline impl into each struct's impl.
Signed-off-by: William Woodruff <william@yossarian.net>
* sct: remove invalid hash/sig variants
These should never appear in the context of SCTs.
Signed-off-by: William Woodruff <william@yossarian.net>
* sct: collapse matches
Handle invalid/unknown variants together.
Signed-off-by: William Woodruff <william@yossarian.net>
* tests: update SCT tests
Signed-off-by: William Woodruff <william@yossarian.net>
* sct: add a TODO
Signed-off-by: William Woodruff <william@yossarian.net>
* sct: return a primitives.hashes object instead of a custom enum
Signed-off-by: William Woodruff <william@yossarian.net>
Co-authored-by: Alex Cameron <asc@tetsuo.sh>
CRL versions only go up to v2 (numeric value 1) and CSRs only define v1
(numeric value 0). See
https://www.rfc-editor.org/rfc/rfc5280.html#section-5.1 and
https://www.rfc-editor.org/rfc/rfc2986.html#section-4. Some of the
inputs used in tests were misissued.
Unfortunately, the corresponding private keys for these test vectors
weren't provided, so I've just editted the inputs with der-ascii and
left the signatures invalid. The tests in question don't seem to rely on
valid signatures.
* add x509 pss certificate and public key
the cert is signed using rsa_pss_2048.pem and the public key is the
public components of that private key
* Update docs/development/test-vectors.rst
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* tests: better testid generation for fernet vectors
Use the vector filename and array index for the pytest id rather than a
concatenation of the vector content.
eg: `tests/test_fernet.py::TestFernet::test_invalid[invalid.json:2]`
* (Multi)Fernet: allow str tokens for decryption
Remove some developer friction by allowing string tokens to be passed to
Fernet decryption methods. Because a valid token as generated by
`Fernet.encrypt()` is url-safe base64-encoded, a non-ASCII token is
definitely invalid.
The stdlib base64 function already accepts and checks ASCII str values
so delegate to that.
* Kick CI
* check for invalid keys that RSA_check_key misses
RSA_check_key checks for primality but that fails to catch this case
since 2 is prime. Instead we fetch p and q and verify that they are odd
and if not reject the key as invalid.
* circleci sucks
* Initial tests
* Implement.
Required updating many many tests based on my read of the RFC. Should be reviewed closely.
* Fix for py36
* flake8
* Improve coverage on hypothesis test
* Remove bad assertion in hypothesis test
* Update docs
* fix docs
* Fixed unicode support
* review
* docs review
* support 12-15 byte nonce sizes in OCB3
* Update tests/hazmat/primitives/test_aead.py
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* PKCS12 serialization wrapper supports PKCS12Certificate cas
* Added code from Felix's gist to serialize_key_and_certificate_to_pkcs12. Doesn't break current behaviour/tests, need to write validate new behaviour, write tests, and format code.
* Simplified instance check
* Tried to write tests, but I cannot figure out how to read the friendlyName from parsed_more_certs.
* Fixed test function and renamed it.
* Fixed formatting.
* Commiting before trying black
* Formatted updates to make flake8 and black happy.
* Fixed first review comments.
* remove forgotten print statement
* use backend.openssl_assert instead of if ...
* Documented changes.
* Updated documentation.
* Added OID
* Added to docuemntation for IPSec SAs
* Update docs/x509/reference.rst to correct the version change.
Co-authored-by: Paul Kehrer <paul.l.kehrer@gmail.com>
Co-authored-by: Paul Kehrer <paul.l.kehrer@gmail.com>
