saymrwulf/cryptography
1
0
Fork 0
mirror of https://github.com/saymrwulf/cryptography.git synced 2026-05-14 20:37:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
7105 commits 40 branches 135 tags 60 MiB
Commit graph

1910 commits

Author SHA1 Message Date
Alex Gaynor
56669aae2a update security docs to indicate we staticaly link openssl on linux too (#3949) 
* update security docs to indicate we staticaly link openssl there too

* spelling
 2017-10-05 09:25:55 +08:00
Paul Kehrer
fce63a57b4 disable smart quotes in sphinx to workaround a spellchecker issue (#3946) 
This makes it so we don't have to pin sphinx while we wait for
sphinxcontrib-spelling to properly handle smart quotes
 2017-10-03 21:16:50 -04:00
Paul Kehrer
a397d75a1e Add support for AES XTS (#3900) 
* Add support for AES XTS

We drop the non-byte aligned test vectors because according to NIST
http://csrc.nist.gov/groups/STM/cavp/documents/aes/XTSVS.pdf
"An implementation may support a data unit length that is not a
multiple of 8 bits." OpenSSL does not support this, so we can't
use those test vectors.

* fix docs and pep8

* docs fix

* the spellchecker is so frustrating

* add note about AES 192 for XTS (it's not supported)

* docs work

* enforce key length on ECB mode in AES as well (thanks XTS)

* a few more words about why we exclude some test vectors for XTS
 2017-10-01 22:03:20 -04:00
Alex Gaynor
dd567cbf73 Declare that 2.1 is the last version to support Python 2.6 (#3944) 
* Declare that 2.1 is the last version to support Python 2.6

* It's the Final Countdown!
 2017-10-01 09:22:07 +08:00
Paul Kehrer
62ebb429fe add ChaCha20 support (#3919) 
* add ChaCha20 support

* review feedback

* 256 divided by 8 is what again?

* ...
 2017-09-28 11:46:49 -04:00
Alex Gaynor
e6859232d4 Update the list of macOS versions we test on to match reality (#3942) 2017-09-27 08:03:53 +08:00
Paul Kehrer
b76bcf88bd FreshestCRL extension support (#3937) 
* add freshest CRL support

* add tests

* add changelog

* add tests for FreshestCRL generation
 2017-09-23 20:44:12 -04:00
Paul Kehrer
5e3cc98473 support delta crl indicator extension (#3936) 
This is an extension for CRLs
 2017-09-22 09:29:36 -04:00
Paul Kehrer
1b86dc527d docs for what bytes means for DNSName, URI, and RFC822Name (#3904) 2017-09-20 11:42:34 -04:00
Paul Kehrer
d02842b03b add Freshest CRL and Delta CRL Indicator test vectors (#3932) 2017-09-20 11:40:05 -04:00
Alex Gaynor
b5c5bbe478 Mark our custom sphinx extension as parallel safe (#3935) 2017-09-20 22:14:56 +08:00
Paul Kehrer
ce4d0845f5 correct the docs for CRLReason (#3930) 2017-09-20 10:14:26 -04:00
Alex Gaynor
53e4505861 Switch NIST PDFs from nvlpubs to csrc which is HTTPS (#3929) 2017-09-20 21:57:47 +08:00
Alex Gaynor
20721c9ad9 Update the rest of the NIST urls to their new HTTPS homes (#3928) 2017-09-20 16:39:45 +08:00
Paul Kehrer
ba7041596e add unique identifier test vector (#3925) 
* add unique identifier test vector

* wrap a line I didn't even touch...
 2017-09-19 20:03:11 -04:00
Alex Gaynor
8cb1d36690 Update PKITS link (#3923) 2017-09-20 06:46:21 +08:00
Alex Gaynor
e3fc93af73 Update NIST CAVP url (#3922) 2017-09-19 13:28:53 +08:00
Paul Kehrer
d8371a8290 add chacha20 test vectors from RFC 7539 (#3918) 2017-09-14 08:38:40 -04:00
Paul Kehrer
c7ecb45684 add a faq note about having a compiler that is too old (#3902) 
* add a faq note about having a compiler that is too old

Also add a bit of text explaining what to do on OpenBSD 6.1 and earlier
since that is the most likely place this will occur.

* I always forget it spell checks titles
 2017-09-11 22:26:33 -04:00
Paul Kehrer
5d66966032 [WIP] add support for the TLSFeature extension in x509 (#3899) 
* add support for the TLSFeature extension in x509

This extension is used for OCSP Must-Staple.

* fix changelog link

* pep8

* refactor to support the sequence properly and add status_request_v2

* update some language

* add test vector, implement eq/ne/hash on TLSFeature

* address review comments
 2017-09-10 21:16:34 -04:00
Paul Kehrer
52067bc300 add X509 test vector with a TLS Feature (RFC 7633) extension (#3898) 2017-09-08 19:02:22 -04:00
Paul Kehrer
2b01c55736 oaep label vector (#3895) 
* oaep label vector

* add count so we can use the nist vector loader

* add RSA key from the boring vectors as well

https://boringssl.googlesource.com/boringssl/+/ce3773f9fe25c3b54390bc51d72572f251c7d7e6/crypto/evp/evp_tests.txt#8
 2017-09-07 07:14:25 -04:00
Paul Kehrer
9a8e29eda7 add initial OCSP request test vector (#3890) 2017-09-07 07:11:47 -04:00
Alex Gaynor
13e9a6f9e9 Document that we care about our infrastructure's security as well (#3874) 2017-08-24 04:46:55 +08:00
David Sanders
c3de566e05 Fix load_rsa_public_numbers documentation (#3871) 2017-08-20 07:17:16 -04:00
David Sanders
c4a23fb077 Fix mistake in RSAPublicKey.verify documentation (#3872) 2017-08-20 07:17:01 -04:00
Paul Kehrer
64dc16b9f9 add test vector with invalid basicconstraints (#3866) 
* add test vector with invalid basicconstraints

* sigh
 2017-08-15 21:17:01 -04:00
Paul Kehrer
f944c40c86 add changelog and a warning for is_signature_valid on crl (#3861) 
* add changelog and a warning

* document this properly
 2017-08-12 09:52:55 -04:00
Vincent Pelletier
6c02ee85bc Add is_signature_valid method on CertificateRevocationList (#3849) 2017-08-12 08:05:00 -05:00
Paul Kehrer
3e15ca5ee2 deprecate unicode input for RFC822Name (#3836) 
* deprecate unicode input for RFC822Name

* pep8...?
 2017-08-01 22:21:19 -04:00
Paul Kehrer
6c29d74cfb deprecate auto-idna on UniformResourceIdentifier (#3832) 
* deprecate auto-idna on UniformResourceIdentifier

* fix repr test

* docs

* some updated language
 2017-08-01 20:27:06 -04:00
Paul Kehrer
908bbd3a9f note version added and deprecated for bytes_value/value on DNSName (#3833) 2017-08-01 12:39:21 -04:00
Alex Gaynor
cdaf3ff72f Begin the deprecation of auto-idna for x509.DNSName (#3830) 
* Begin the deprecation of auto-idna for x509.DNSName

Refs #3357

* fix warning

* py3k fixes

* fix docs

* sigh

* flake8

* these are words

* words

* tests for coverage

* another test

* do idna things

* more idna things
 2017-07-30 12:08:51 -05:00
Alex Gaynor
d7e73c257e Updating doing a release to have a correct path (#3790) 2017-07-17 20:59:29 +02:00
Paul Kehrer
ab4a0b39d0 update docs to reflect #3364 (#3786) 2017-07-17 09:01:23 -04:00
Paul Kehrer
a2173583d9 add AESGCM AEAD support (#3785) 
* add AESGCM AEAD support

* remove stray newline

* move AESGCM docs above CCM
 2017-07-17 07:10:14 -04:00
Paul Kehrer
165743ee63 move tag_length to the AESCCM constructor (#3783) 
* move tag_length to the AESCCM constructor

* review feedback
 2017-07-16 11:34:42 -04:00
Paul Kehrer
1a2e817f14 AESCCM support (#3700) 2017-07-16 10:46:13 -04:00
Alex Gaynor
d58c6ad13d Fixed #3777 -- document an additional dependency (#3779) 2017-07-14 14:04:18 +02:00
Alex Gaynor
601ed631ad Attempt to use coverage to quantify how many of the CONDITIONAL_NAMES we really use (#3763) 
* Attempt to use coverage to quantify how many of the CONDITIONAL_NAMES we really use

* rewrite file to improve coverage

* Write it this way so we can use line coverage

* lost this one :-(

* fix comment and flake8

* update the docs as well

* flake8
 2017-07-08 19:35:02 -05:00
Paul Kehrer
bf128a470b add rfc 3526 DH groups (#3767) 2017-07-08 18:36:58 -04:00
Paul Kehrer
3ba1d8a9a5 we forgot to document these DH methods (#3757) 2017-07-06 22:52:28 -04:00
Paul Kehrer
765a3e494e write some words about encrypt/decrypt in fernet (#3756) 2017-07-06 00:00:41 -04:00
Paul Kehrer
f92f2d4d64 update static wheel install docs (#3754) 
* update static wheel install docs

* parentheses
 2017-07-04 17:00:08 -04:00
Alex Gaynor
a509496e48 Order our supported OpenSSL versions reasonably (#3752) 2017-07-03 17:00:52 -05:00
Alex Gaynor
b7912eea2a Fixes #3745 -- add the any EKU EKU (#3750) 
* Fixes #3745 -- add the any EKU EKU

* docs

* whitespace

* versionadded
 2017-07-03 09:07:02 -05:00
Paul Kehrer
1eeaabbbbc update linux install docs and release instructions (#3746) 
* update linux install docs and release instructions

* rhel/centos is so bad they don't even have python3
 2017-07-01 15:34:36 -07:00
Paul Kehrer
a857fe6650 don't use long keys because they can be confusing wrt bits/bytes (#3734) 
* don't use long keys because they can be confusing wrt bits/bytes

* make sure we say bytes everywhere

* shorten the scrypt output to 32 bytes as well
 2017-06-28 21:03:29 -07:00
Paul Kehrer
491fd7cc5a Funcs macros gone (#3695) 
* No more FUNCS/MACROS distinction

* change the docs to not talk about MACROS since they're gone

* remove out of date comment
 2017-06-27 14:15:37 -07:00
Paul Kehrer
e3a2fb209b remove python 3.3 from CI (#3729) 
* remove python 3.3 from CI

* remove 3.3 everywhere, not just from CI
 2017-06-26 21:08:33 -04:00