saymrwulf/cryptography
1
0
Fork 0
mirror of https://github.com/saymrwulf/cryptography.git synced 2026-05-14 20:37:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
13457 commits 40 branches 135 tags 60 MiB
Commit graph

3854 commits

Author SHA1 Message Date
dependabot[bot]
87b4565884
chore(deps): bump cc from 1.2.12 to 1.2.13 (#12421) 
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.2.12 to 1.2.13.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/cc-v1.2.12...cc-v1.2.13)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-10 12:18:13 +00:00
Ivan Desiatov
2734b1503c
ExtensionPolicy changes required for Python callback support. (#12417) 
* Prepare ExtensionPolicy to accept python validator callbacks.

* Remove code that is not yet used.

* ExtensionPolicy uses VerificationCertificate.
 2025-02-08 12:35:42 -05:00
Ivan Desiatov
94349a876c
Add public ExtensionPolicy constructors for webpki policies. (#12416) 2025-02-08 10:02:15 -05:00
Ivan Desiatov
4f9ca1c92c
PyPolicyDefinition and related Verifier API changes (#12390) 
* Add PyPolicyDefinition, make accessible via verifiers.

* Add python Policy to x509.pyi

* Expose PyPolicyDefinition to Python.

* Rename PyPolicyDefinition to PyPolicy to match python name.

* `test_verification` uses `policy` property.

* Add additional PyPolicy tests.

* Add back direct getters on verifiers with deprecation warnings.

* Correct Policy.subject return type in x509.pyi

* Rename x509.verify.py_policy module to x509.verify.policy

* x509.verify uses mod.rs convention

* Use Optional<SubjectOwner> instead of adding None value to SubjectOwner.

* PyPolicy stores original subject + naming changes in Verifiers.
 2025-02-05 12:46:43 -08:00
dependabot[bot]
69c676436d
chore(deps): bump cc from 1.2.11 to 1.2.12 (#12398) 
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.2.11 to 1.2.12.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/cc-v1.2.11...cc-v1.2.12)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-05 06:58:55 -08:00
Alex Gaynor
dfe822b3dd
We need more cowbell^WOID (#12395) 2025-02-04 14:47:55 -08:00
László Vaskó
d860aaa543
Remove conflicting name of rssassaPss OID (#12389) 
The same OID is used as a signature algorithm and public key
algorithm, so they have to be defined twice, but they should be added
to `_OID_NAMES` only once.

Used the later introduced `rsassaPss` long name, instead of
`RSASSA-PSS` short name, as other algorithms also use long
names (i.e. `sha1WithRSAEncryption` instead of `RSA-SHA1`).

Resolves: #12388
 2025-02-03 16:35:19 +00:00
Ivan Desiatov
a6d5311393
CryptoOps::PolicyExtra to allow passing user data inside a Policy. (#12387) 2025-02-03 07:53:08 -08:00
Paul Kehrer
0ef7c1fa19
add XOFHash (#12380) 
* add XOFHash

* refactors for comments

* use cfg_if

* fix docs, fix linting

* don't expose squeeze on unsupported things

* smaller strides

* ellipsis
 2025-02-01 17:26:59 -08:00
Alex Gaynor
fd23bdac4f
Format all rust imports consistently (#12381) 2025-02-01 16:48:32 -08:00
Alex Gaynor
13a2e6f780
Turn openssl-sys into a workspace dep (#12379) 
Annoyingly matching is done on the crate name, not the package name, so renaming a workspace dep doesn't work.
 2025-02-01 13:02:26 -08:00
dependabot[bot]
c774223bbb
chore(deps): bump cc from 1.2.10 to 1.2.11 (#12376) 
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.2.10 to 1.2.11.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/cc-v1.2.10...cc-v1.2.11)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-01 17:17:12 +00:00
Alex Gaynor
aa531827c8
Added a utility for hex decoding (#12374) 2025-01-31 23:56:02 +00:00
Paul Kehrer
d20eea8809
raise ValueError if DH parameter numbers are invalid (#12373) 2025-01-31 23:34:21 +00:00
Alex Gaynor
9b59bb671e
Emit warnings on BER PKCS#7 and PKCS#12 (#12372) 
* Emit warnings on BER PKCS#7 and PKCS#12

* Update src/rust/src/pkcs7.rs

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-01-31 15:14:42 -08:00
Alex Gaynor
63a93bc0e6
Added PBKDF1, for use in #12296 (#12369) 2025-01-31 12:32:42 -08:00
Alex Gaynor
26a4ee8f6d
fixes #10247 -- clarify negative serial number warning (#12365) 2025-01-30 18:28:10 -08:00
Alex Gaynor
11b15a309f
fixes #10808 -- allow empty plaintexts for aes-gcm-siv (#12355) 
* fixes #10808 -- allow empty plaintexts for aes-gcm-siv

* Update src/rust/build.rs

Co-authored-by: Nick Pope <nick@nickpope.me.uk>

---------

Co-authored-by: Nick Pope <nick@nickpope.me.uk>
 2025-01-29 12:21:40 -08:00
Alex Gaynor
cf55513de0
Added OID for 3DES-EDE-CBC (#12349) 2025-01-27 14:50:17 +00:00
Alex Gaynor
535f134411
Extract ec_params_to_group from SPKI parsing (#12348) 
To be used in #12296
 2025-01-27 06:43:17 -08:00
Alex Gaynor
f0ca2140a9
Use workspace openssl version everywhere (#12346) 2025-01-27 06:39:00 -08:00
dependabot[bot]
d7f40fad8f
chore(deps): bump openssl from 0.10.68 to 0.10.69 (#12345) 
Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.68 to 0.10.69.
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.68...openssl-v0.10.69)

---
updated-dependencies:
- dependency-name: openssl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-27 07:57:59 -05:00
Alex Gaynor
652867baaa
fixes #12307 -- added unsafe_skip_rsa_key_validation kwarg to ssh private key loading (#12342) 2025-01-25 17:29:54 +00:00
Alex Gaynor
50e465ead1
When parsing a PKCS#12 from OpenSSL, don't directly use its pkey (#12339) 
This is in preparation for doing our own key parsing.
 2025-01-24 16:05:48 -08:00
Robert Sherwood
4dc0746fdc
ObjectIdentifer constructor parameter name mismatch (#12318) 
Fixes #12317
 2025-01-21 08:09:17 -05:00
Alex Gaynor
d5e7266870
move pkcs#12 into a crate for crypto (#12314) 2025-01-20 15:24:46 -08:00
Alex Gaynor
2fe2b5a19f
Support AES-GCM-SIV on BoringSSL (#12294) 2025-01-19 07:55:20 -08:00
Alex Gaynor
9343b496c3
Move PKCS#8 type to proper module (#12311) 2025-01-19 07:53:30 -08:00
dependabot[bot]
1c069cd0d1
chore(deps): bump cc from 1.2.9 to 1.2.10 (#12304) 
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.2.9 to 1.2.10.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/cc-v1.2.9...cc-v1.2.10)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-17 08:31:25 -05:00
Alex Gaynor
da62c2fce7
fixes #12070 -- made SSH private key loading more consistent with other key loading (#12286) 2025-01-15 09:25:43 -07:00
Alex Gaynor
78d354711b
Revert "Silence new clippy warning (#12208)" (#12279) 
This reverts commit 9543b64d97.
 2025-01-13 06:44:59 -08:00
dependabot[bot]
cf8ec12472
chore(deps): bump cc from 1.2.7 to 1.2.9 (#12277) 
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.2.7 to 1.2.9.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/cc-v1.2.7...cc-v1.2.9)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-13 07:48:54 -05:00
Hanno Böck
e818efc0b5
Reject d, e values <= 1 (#12272) 
* Reject d, e values <= 1

This avoids a potential infinite loop (e.g. with d=e=1 or d=e=-1).

* Add tests for possible loop/DoS in rsa_recover_prime_factors()
 2025-01-12 16:58:03 -05:00
Alex Gaynor
d7596d0f1f
fixes #12257 -- raise the correct error on an unsupported curve (#12271) 2025-01-11 18:35:46 -08:00
Alex Gaynor
4c8aa4e3b5
Bump to ruff 0.9 (#12259) 2025-01-09 11:44:10 -08:00
William Woodruff
286c891288
x509/verification: allow DNS wildcard patterns to match NCs (#12253) 
* x509/verification: allow DNS wildcard patterns to match NCs

Fixes #12250.

* Bump x509-limbo and/or wycheproof in CI

* finish renaming

* document inner_name

---------

Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com>
 2025-01-08 01:22:53 +00:00
Alex Gaynor
8640c1a0fc
Implement fixes to ruff check --preview (#12230) 2025-01-03 17:28:57 +01:00
dependabot[bot]
df9c968e7b
chore(deps): bump cc from 1.2.6 to 1.2.7 (#12229) 
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.2.6 to 1.2.7.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/cc-v1.2.6...cc-v1.2.7)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-03 13:05:10 +01:00
Alex Gaynor
96dbd56065
Bump year for copyright (#12219) 2025-01-01 07:05:07 +01:00
Quentin Retourne
6143683d87
PKCS7: added encryption with AES-256-CBC (#12172) 
* feat: added encryption with AES-256-CBC

added & updated tests accordingly

updated documentation

removed useless test vector

* fixing coverage

* last python coverage fix

* restraining the number of classes

changed name to content_encryption_algorithm

simplified the rust code accordingly

tried to simplify the documentation

* python 3.8 artefacts

* passed content encryption algo locally

adapted rust code accordingly
 2024-12-29 13:02:20 -05:00
dependabot[bot]
a5deb3f081
chore(deps): bump cc from 1.2.5 to 1.2.6 (#12202) 
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/cc-v1.2.5...cc-v1.2.6)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-27 13:16:20 +00:00
Alex Gaynor
9543b64d97
Silence new clippy warning (#12208) 
it triggers a zillion times in pyo3 generated code
 2024-12-27 12:58:01 +00:00
Alex Gaynor
cc7123de8d
Final deprecation of Python 3.7 (#12196) 2024-12-25 15:34:11 +00:00
Alex Gaynor
4f0f5cfa84
fix typing in ciphers.pyi (#12180) 2024-12-20 19:40:01 +01:00
Jordan Borean
efb39ac655
Fix up aead generate_key kwarg name to bit_length (#12170) 
Fixes the aead.pyi type definition for the AEAD ciphers generate_key
method to correctly reflect the argument name used in the rust source
code.
 2024-12-19 20:27:43 +00:00
dependabot[bot]
4fd9015312
chore(deps): bump cc from 1.2.4 to 1.2.5 (#12166) 
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.2.4 to 1.2.5.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/cc-v1.2.4...cc-v1.2.5)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-19 13:09:25 +01:00
Alex Gaynor
88e85851da
Simplify code that was randomly overly complicated (#12158) 2024-12-17 19:13:35 -05:00
dm
065a98d010
Add identifiers for Hash algorithms (#12154) 2024-12-16 09:44:06 -05:00
Brian Sipos
f6ee2a5106
Add RFC9174 OIDs (#12143) 
* Add BUNDLE_SECURITY EKU

* Adding Other Name Form OIDs

* Adding public access to OtherNameFormOID

* Sorting names for lint

* Sort imports

* Fix format

* Adding OID docs

* Add specific next version
 2024-12-13 19:17:50 +00:00
dependabot[bot]
b95fc68a37
chore(deps): bump cc from 1.2.3 to 1.2.4 (#12140) 
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/cc-v1.2.3...cc-v1.2.4)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-13 12:06:54 +00:00