* drop python 3.6 support
* Update tests/hazmat/bindings/test_openssl.py
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
---------
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
This removes the OS random engine, which contained the only CPython PSF
licensed code in the repository. Accordingly, that license has now been
removed.
This is extra mega cursed, and strictly speaking unsound. It does, however, match the status quo ante, where someone mutating a buffer while its being used in cffi code will basically always be UB.
The theory here is that we're already doing sufficient validation key loading, and this is purely duplicative.
Note that there's at least _some_ validationg that was previously occurring only ECDH, the LowOrderPublic check that can be seen in wycheproof.
* Rename Union type aliases to CamelCase
Many `typing.Union` type aliases were previously using `UPPER_SNAKE_CASE`, but Python's convention is `CamelCase` for these (e.g. https://docs.python.org/3/library/typing.html#type-aliases)
* Add utils.deprecated for the old non-underscore type aliases
* Added documentation for new type aliases & minor tweaks
* Use 'versionadded:: 40.0.0'
* Fix CertificatePublicKeyTypes vs CertificateIssuerPublicKeyTypes. Rename CertificatePrivateKeyTypes to CertificateIssuerPrivateKeyTypes
* Fix imports (ruff)
* Fix one more versionadded
* Tweak docs & Reorder: CertificateIssuerPublicKeyTypes before CertificateIssuerPrivateKeyTypes
* Fix test mypy errors using cast()
* Fix black, oops
* Revert "Fix black, oops"
This reverts commit 85344e231d697bdc0940e105f7aed729445f9743.
* Revert "Fix test mypy errors using cast()"
This reverts commit b272d8ca95fbbbc62060663f9e8930a139a7a43e.
* Revert type of SubjectKeyIdentifier.from_public_key arg
* Changelog tweak
* double the speed of our rsa tests
this both creates a reusable fixture for our most commonly used private
keys as well as disables key validation. as always, disabling key
validation should not be done unless you never parse untrusted key
input. unsurprisingly, our tests are trusted and understood input (and
we also continue to have tests where we run check key to verify that it
catches corrupt things)
* fix typing
* explain why we don't use the rsa_key_2048 fixture in the blinding test
* Enforce max number of SSH certificate principals
There is an undocumented limit for the maximum number of valid principals accepted by the openssh tooling, as seen at:
* 2726764269/sshkey.h (L108)
* 25c8a2bbcc/sshkey.c (L1801)
* 6180b0fa4f/ssh-keygen.c (L1833)
This change enforces that same restriction as currently a SSH certificate can be generated that is invalid against the default sshd server. Consideration might be given for any non openssh servers that accept openssh certificates, if they exist and want to allow a greater number of principals.
Of note, the 256 limit is not found in the spec for SSH certificates as defined at https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.certkeys. It instead seems to be arbitrarily chosen by the project as some limit was needed.
* Address formatting error.
* Comment on valid_prinicpals size limit plus test added.
---------
Co-authored-by: Jake <jake@vaultish.com>
* WIP: Add raw export alias method for x25519 keys
* Ditto for x448, ed448, ed25519
* Document new private_bytes_raw public_bytes_raw methods
* docs: Populate versionadded to be 40
* docs: Fix PublicFormat -> PrivateFormat where applicable
* formatting
* Update tests for test_pub_priv_bytes_raw in x25519, x448, ed448 (TODO: ed25519)
* Add test_pub_priv_bytes_raw test for Ed25519
* fix some binding declarations
also adds a comment about why we deliberately incorrectly declare some
of them, sigh
* it's actually safe to do this since no high bit mode options exist
* Disallow wildcards in DNSName for name constraints
As discussed in #8253, wildcards are unnecessary according to RFC 5280, and cause issues with at least Firefox.
* update changelog
