saymrwulf/cryptography
1
0
Fork 0
mirror of https://github.com/saymrwulf/cryptography.git synced 2026-05-14 20:37:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
8721 commits 40 branches 135 tags 60 MiB
Commit graph

345 commits

Author SHA1 Message Date
Paul Kehrer
5bd0c10d50
allow parsing of nonstandard country name and jurisdiction country name (#6641) 
The spec requires both of these to be exactly two characters to
correspond with ISO country codes. Reality is sometimes messier, so this
allows parsing (but not encoding) of this invalid data. Parsing will
raise a UserWarning if incorrect lengths are detected.
 2021-11-21 03:16:43 +00:00
Paul Kehrer
78c2dd8a04
add AES SIV vectors (#6608) 2021-11-15 07:19:44 -05:00
Paul Kehrer
c451c1df4e
add AES OCB3 test vectors (#6606) 2021-11-15 01:50:13 +00:00
Alex Gaynor
4da2a68118
Allow parsing CSR extensions with the critical bit having an explicitly encoded default (#6600) 
* Allow parsing CSR extensions with the critical bit having an explicitly encoded default

* Poke for zuul
 2021-11-14 05:42:10 +08:00
Paul Kehrer
bb05d4b5e6
allow multiple identical pem blocks (#6551) 
this matches our behavior to OpenSSL and allows users to pass a chain to
our PEM loaders. To make this a little less magical it is now
documented.
 2021-11-05 07:07:36 -04:00
Paul Kehrer
e333fa3279
deprecate backend part 4 of n (#6522) 2021-11-02 17:49:25 -04:00
Paul Kehrer
ae1e4a4bc4
deprecate backend part 1 of n (#6517) 
* update all custom vector generation scripts to not use backends
* remove references to backends in test-vectors.rst
 2021-11-02 07:05:24 -04:00
Paul Kehrer
f4871a218d
add accvraiz1 bmpstring test vector (#6503) 2021-10-31 07:46:48 -04:00
Felix Fontein
667e7a5f4c
Add new PKCS12 test vectors (#6383) 
* Add new PKCS12 test vectors for #6348.

* Re-create test certs without DSA.

* Forgot to adjust the docs.
 2021-10-06 12:44:38 +08:00
Maximilian Hils
703de3afa0
Accept combined PEM files with multiple sections (#6365) 
* accept combined PEM files with multiple sections

* pass error messages into `find_in_pem`
 2021-10-03 13:26:44 -04:00
Paul Kehrer
51221b2c48
support legacy PEM headers for certificate and CSR (#6356) 2021-10-02 09:52:54 -04:00
Paul Kehrer
ee5c05cfe7
add new x509 request vector (#6313) 2021-09-27 07:06:48 -04:00
Paul Kehrer
cabcc465fc
add several OCSP response vectors (#6298) 
* add several OCSP response vectors

* fix naming
 2021-09-23 08:09:41 -04:00
Alex Gaynor
b1002451c0
Don't internal error on CRL with no nextUpdate value (#6282) 
* Don't internal error on CRL with no nextUpdate value

* Fix typing

* docs
 2021-09-19 09:57:38 +08:00
Paul Kehrer
88e8058088
add vector omitting optional ASN.1 SEQUENCE for an empty CRL (#6279) 2021-09-18 19:50:12 -04:00
match man
e493406486
Make OAEP test vector generating works on python3 (#6255) 
Use always string as output format

Co-authored-by: Baofeng Wang <baofeng.wang67@gmail.com>
 2021-09-06 16:53:29 -04:00
Alex Gaynor
50d51933b2
Correct the documentation on crl_invalid_time.der (#6191) 2021-08-08 10:23:55 -04:00
Paul Kehrer
0034926f2c
add invalid time CRL vector (#6152) 
* add invalid time CRL vector

* more words
 2021-07-01 06:51:55 -04:00
Paul Kehrer
fe1f078673
modify alternate-rsa-sha1-oid to not contain a negative serial number (#6146) 2021-06-27 17:45:10 -04:00
Paul Kehrer
a1dc9f2347
separate test vectors (#6145) 
* separate test vectors

* be correct
 2021-06-27 16:33:39 -04:00
Paul Kehrer
a6499679eb
add certificate policies test vector (#6118) 2021-06-14 23:36:55 -04:00
Paul Kehrer
f3612c8585
name constraint vector with invalid IPv4 netmask (#6114) 2021-06-12 16:29:22 -04:00
Paul Kehrer
229c3f6e1d
add nameconstraints vector with invalid length for IPv6 + netmask (#6112) 2021-06-12 09:42:03 -04:00
Paul Kehrer
11d9622995
add unrecognized extension CRL vector (#6111) 
* add unrecognized extension CRL vector

* sigh

* add test

* always a linter
 2021-06-12 09:41:34 -04:00
Alex Gaynor
acf5db529c
Added more testcases for invalid SCTs (#6103) 2021-06-09 22:26:58 -05:00
Alex Gaynor
b937d25173
Added a test vector for an OCSP response with an unknown hash algorithm (#6065) 2021-05-24 20:55:41 -05:00
Alex Gaynor
f94ce12715
Added a test vector for duplicate extensions in OCSP requests (#6064) 2021-05-24 19:58:33 -05:00
Alex Gaynor
fa2f68dd35
Added a test vector for OCSP with an unknown extension (#6063) 2021-05-23 23:53:33 -05:00
Alex Gaynor
62124e673a
Port OCSP Request extension parsing to Rust (#6005) 
* Port OCSP Request extension parsing to Rust

* Added test for rando oid

* Update src/rust/src/asn1.rs

Co-authored-by: Paul Kehrer <paul.l.kehrer@gmail.com>

Co-authored-by: Paul Kehrer <paul.l.kehrer@gmail.com>
 2021-04-24 14:33:47 -05:00
Alex Gaynor
58bddfd7e9
removed paragraph in docs that was very out of date (#6003) 2021-04-23 08:02:49 -05:00
Alex Gaynor
cd2ab9ec6c
update java sdk download link (#5916) 2021-03-15 08:44:38 -05:00
Alex Gaynor
cfd079a034
Updates for our new main branch (#5818) 2021-02-11 21:15:39 -06:00
Alex Gaynor
e0477596f7
Remove __future__ import from our code (#5610) 2020-12-09 00:35:11 -06:00
Alex Gaynor
ff12a37552
Remove Python2 from CI and code that branched on it (#5607) 
* Remove Python2 from CI and code that branched on it

* Update setup.py

Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>

* remove

* review feedback

Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
 2020-12-08 23:10:10 -06:00
Paul Kehrer
4645f02c25
disallow p less than 512-bit on DH (#5592) 
* disallow p less than 512-bit on DH

OpenSSL 3.0.0 enforces this so we'll go ahead and enforce it everywhere
that's practical for us. (Note that we do not enforce on deserializing
PKCS1/PKCS8 keys in < 3.0.0, but this PR adds a test so that in the
3.0.0 support branch we can test an error path)

* missing test

* black

* _MIN_MODULUS_SIZE is now a thing

* skip on fips
 2020-11-29 11:01:16 -05:00
Alex Gaynor
d3eae8d7db
Delete all the 1.0.2 code (#5511) 2020-10-25 22:41:40 -07:00
Alex Gaynor
0b35c5d701
Remove bindings docs (#5469) 2020-09-20 16:49:09 -05:00
Paul Kehrer
00ba159220
add RSA 4096-bit self-signed CA for some upcoming tests (#5464) 2020-09-14 19:40:05 -04:00
Alex Gaynor
bfe7b455c5
Account for Bruce redoing his website or something (#5461) 2020-09-13 19:03:36 -05:00
Alex Gaynor
63dfc57fca
fixed verify script that couldn't have ever worked (#5443) 2020-08-29 09:39:31 -05:00
Paul Kehrer
872835ea0d
update submitting patches docs to be a bit more true (#5407) 
For now best practice is that they should be optional.
 2020-08-16 15:23:02 -04:00
Paul Kehrer
6d68bfdaee
add basic PKCS7 test vectors (#5370) 2020-08-02 17:28:54 -04:00
Alex Gaynor
6bd3faa114
Tell people to use black in our dev docs (#5328) 
* Tell people to use black in our dev docs

* For codecov
 2020-07-20 15:16:29 -05:00
Alex Gaynor
60aa04481f
Paint it Black by the Rolling Stones (#5324) 2020-07-20 13:06:29 -05:00
Paul Kehrer
c51f7957dd
raise a valueerror on multi-SINGLERESP valued OCSP responses (#5316) 
InternalErrors are bad when we know they're reachable
 2020-07-18 20:59:56 -04:00
Paul Kehrer
7a233b9a60
support 4096 bit DSA parsing from numbers classes (#5301) 
* support 4096 bit DSA parsing from numbers classes

* need to get local linting fixed.

* reorder

* add a link to more reasons why DSA sucks
 2020-07-05 21:19:39 -04:00
Paul Kehrer
c868961033
add unstructured name x509 csr attribute vector (#5302) 
* add unstructured name x509 csr attribute vector

* Update docs/development/test-vectors.rst

Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>

Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
 2020-07-05 21:06:39 -04:00
Paul Kehrer
bd48e0f693
invalid challenge value csr (#5300) 2020-07-05 16:55:24 -04:00
Paul Kehrer
13fae162da
add SubjectInformationAccess extension support (#5295) 
* add SubjectInformationAccess extension support

* fixes
 2020-07-02 01:13:33 -04:00
Alex Gaynor
f0bc6620d9
Fix for linkcheck (#5281) 
* Fix for linkcheck

* attempted linkcheck fix
 2020-06-20 17:39:22 -05:00