cryptography

mirror of https://github.com/saymrwulf/cryptography.git synced 2026-05-14 20:37:55 +00:00

Author	SHA1	Message	Date
William Woodruff	972a7b5896	verification: add test_verify_tz_aware (#10229 ) * verification: add test_verify_tz_aware Signed-off-by: William Woodruff <william@trailofbits.com> * py_to_datetime handles tzinfo, add test Signed-off-by: William Woodruff <william@trailofbits.com> * Update src/rust/src/x509/common.rs Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com> * x509/common: coverage for the coverage god Signed-off-by: William Woodruff <william@trailofbits.com> --------- Signed-off-by: William Woodruff <william@trailofbits.com> Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>	2024-01-22 22:14:50 +00:00
Facundo Tuesca	41daf2d86d	Migrate PKCS7 backend to Rust (#10228 ) * Migrate PKCS7 backend to Rust * Disable PKCS7 functions under BoringSSL * Misc PKCS7 fixes	2024-01-22 21:22:05 +00:00
Alex Gaynor	d54093e62e	Remove some skips in tests that aren't needed anymore (#10223 )	2024-01-22 07:07:53 -06:00
Alex Gaynor	6b4a4de78a	Migrate SPKI parsing from OpenSSL to Rust (#10121 )	2024-01-21 15:11:17 -03:00
Alex Gaynor	39e3011170	Remove unused test utility (#10216 )	2024-01-21 07:39:18 -03:00
Alex Gaynor	895cddf591	Consistently use EllipticCurve instances in various places (#10189 )	2024-01-17 13:03:56 -03:00
Alex Gaynor	9409479c9a	fixes #10187 -- handle passing a curve class when generating an EC key (#10188 )	2024-01-15 15:48:49 -02:00
Alex Gaynor	94e5167a12	Migrate ChaCha20Poly1305 AEAD to Rust (#9399 ) * Migrate ChaCha20Poly1305 AEAD to Rust * Remove FixedPool	2024-01-12 22:16:39 -03:00
Alex Gaynor	efb98b43f8	Remove now unused OpenSSL password callback (#10145 )	2024-01-10 21:26:45 -03:00
Paul Kehrer	98b6354c3f	add tests for the new vectors (#10135 ) just verifying basic loading works for these curve names	2024-01-05 19:44:15 +00:00
Alex Gaynor	e31a34398e	Another test case for explicit parameter private key (#10132 )	2024-01-05 12:57:12 -03:00
Alex Gaynor	bbf2544c79	Added two test cases for unsupported EC private keys (#10126 )	2024-01-05 07:19:16 -03:00
Alex Gaynor	a97438b14c	Make extension handling in x.509 verifier less meta-programmed (#10054 ) We now iterate over the extensions only once.	2024-01-04 14:41:22 -03:00
Paul Kehrer	d713dfbcad	fix a typo in a benchmark name (#10122 )	2024-01-04 00:55:02 +00:00
Alex Gaynor	35dce91bab	Migrate private key parsing to Rust (#10064 ) It's still OpenSSL, but now there's more Rust	2024-01-03 11:05:24 -03:00
Alex Gaynor	87959ea4f4	Migrate PolicyBuilder to Rust (#10069 )	2024-01-03 10:32:15 -03:00
Alex Gaynor	ba9131eaf2	Migrate DH Numbers to Rust (#10081 )	2024-01-02 22:06:30 -03:00
Alex Gaynor	6c921f7189	Migrate EC Numbers to Rust (#10079 )	2024-01-02 20:59:28 -03:00
Alex Gaynor	de3a225e0d	Parse PEM public keys in Rust (#10094 )	2024-01-02 17:18:02 -03:00
Johnny Hsieh	91541cf726	Add support for GCM mode of SM4 cipher (#10072 ) * Add support for SM4-GCM cipher ref: #7503 ref: https://github.com/openssl/openssl/issues/13667 * Update SM4 GCM tests to use external test vector * Cite SM4 test vectors sources in document * Add tests for SM4ModeGCM finalize_with_tag * Update CHANGELOG.rst	2023-12-29 10:56:29 -03:00
Alex Gaynor	eb06a6a83d	Added a benchmark for x.509 verification (#10042 )	2023-12-23 12:55:21 -03:00
William Woodruff	3763aa79b6	add initial X.509 path validation implementation (#8873 )	2023-12-22 16:40:08 -05:00
Alex Gaynor	d844fd4556	Split wycheproof tests up by file (#10025 ) This provides greater parallelism. 25% faster at running wycheproof tests locally	2023-12-21 12:16:49 -06:00
Alex Gaynor	fb4c72c8bf	Added wycheproof vectors for pbkdf2 (#10024 )	2023-12-21 08:30:36 -06:00
Paul Kehrer	2525eb048a	support RSA PSS for CRLs (#10013 ) adds rsa_padding kwarg to sign and also adds signature_algorithm_parameters as a method to CRLs	2023-12-18 17:54:38 -05:00
Alex Gaynor	9ca6fd1e15	Remove unused argument (#10012 )	2023-12-18 08:26:51 -06:00
Paul Kehrer	d06a6a17cb	regenerate x509/custom/ca/ca.pem to expire in 2100 (#9964 ) The existing cert doesn't expire until late 2038 but this simplifies 2038 checks for some downstream consumers. We shift the original cert/key into a new pkcs12/ca directory so that we don't need to regenerate all the PKCS12 vectors (which don't care about expiry anyway)	2023-12-05 09:21:37 -05:00
Facundo Tuesca	ca4f40621d	Add support for AES-GCM-SIV using OpenSSL>=3.2.0 (#9843 )	2023-12-02 09:39:19 -06:00
Alex Gaynor	f1817f8077	Slightly alter AEAD benchmark code to solve problem AES-GCM-SIV hit (#9948 )	2023-12-01 18:42:42 -06:00
Paul Kehrer	3165db8efc	raise an exception instead of returning an empty list for pkcs7 cert loading (#9947 ) * raise an exception instead of returning an empty list as davidben points out in #9926 we are calling a specific load certificates function and an empty value doesn't necessarily mean empty because PKCS7 contains multitudes. erroring is more correct. * changelog * Update CHANGELOG.rst Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com> --------- Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>	2023-12-01 14:26:38 -05:00
Dimitri Papadopoulos Orfanos	3fa1405c71	Apply a couple refurb suggestions (#9944 ) * Apply refurb suggestion [FURB138]: Consider using list comprehension * Apply refurb suggestion [FURB108]: Replace `x == y or x == z` with `x in (y, z)`	2023-11-30 11:10:23 -05:00
Alex Gaynor	1e7b4d074e	Fixed crash when loading a PKCS#7 bundle with no certificates (#9926 )	2023-11-27 18:08:17 +00:00
William Woodruff	9ba13da437	verification: add VerificationError, doc APIs (#9873 ) Signed-off-by: William Woodruff <william@trailofbits.com>	2023-11-13 16:21:32 -05:00
William Woodruff	f89ce7bcc5	tests, ci: plumb x509-limbo-root (#9871 ) Signed-off-by: William Woodruff <william@trailofbits.com>	2023-11-13 19:48:28 +00:00
Alex Gaynor	65d98809f5	Rewrite the chunking test to use mmap (#9864 ) This makes it no longer rely on implementation details	2023-11-12 10:29:00 -06:00
Alex Gaynor	08fcf8ef70	Remove unused monkeypatches (#9865 )	2023-11-12 08:40:47 -06:00
Alex Gaynor	1fb0d8a277	Added a test for update_into with an empty out buf (#9863 ) refs #9859	2023-11-11 21:40:14 +00:00
Alex Gaynor	1e7136bd81	Added another test (#9862 ) We only have one for encryptor	2023-11-11 15:34:24 -06:00
Alex Gaynor	4c5d2a4748	Expand and improve tests for GCM limits (#9860 ) refs #9859	2023-11-11 14:23:40 -06:00
Alex Gaynor	dafb7fd49c	Raise an exception if a tag is provided 2x: (#9861 ) Once in GCM() and a second time via finalize_with_tag	2023-11-11 14:22:02 -06:00
Alex Gaynor	f1faacceb0	Fixes #9845 -- raise correct exception on unsupported HMAC hash (#9850 )	2023-11-10 09:11:56 -06:00
Alex Gaynor	420ad4e245	Fix some warnings from `ruff --preview` (#9842 )	2023-11-09 17:37:56 -06:00
William Woodruff	7d451dbd9a	src, tests: add max_chain_depth to validation API (#9844 ) * src, tests: all max_chain_depth to validation API Signed-off-by: William Woodruff <william@trailofbits.com> * docs: document max_chain_depth Signed-off-by: William Woodruff <william@trailofbits.com> * verify: simplify type Signed-off-by: William Woodruff <william@trailofbits.com> * validation: document DEFAULT_MAX_CHAIN_DEPTH Signed-off-by: William Woodruff <william@trailofbits.com> --------- Signed-off-by: William Woodruff <william@trailofbits.com>	2023-11-09 20:34:27 +00:00
Paul Kehrer	e958374785	add support for signing PKCS7 using RSA PSS (#9829 ) * add support for signing PKCS7 using RSA PSS * mypy fixes	2023-11-04 04:59:39 +00:00
Alex Gaynor	77bcf278d6	Run this test on libressl 3.8.0+ (#9827 )	2023-11-03 17:56:27 +00:00
Alex Gaynor	1d5a5b12c4	Refactor key conversion to be in rust (#9826 ) * Refactor key conversion to be in rust removes a lot of unsafe * GHA * Update keys.rs	2023-11-03 10:48:41 -07:00
Alex Gaynor	f11a5ce9f7	Convert CMAC to Rust (#9639 )	2023-11-01 14:33:26 -07:00
William Woodruff	d643b04eb7	Add top-level ServerVerifier.verify API (#9805 ) * Add top-level ServerVerifier.verify API This is a breakout from #8873, with just the interface/types and a `NotImplementedError` stub. Signed-off-by: William Woodruff <william@trailofbits.com> * verification: move Store into PolicyBuilder/ServerVerifier Signed-off-by: William Woodruff <william@trailofbits.com> * verification: docs Signed-off-by: William Woodruff <william@trailofbits.com> * lintage Signed-off-by: William Woodruff <william@trailofbits.com> * docs: document ServerVerifier.store Signed-off-by: William Woodruff <william@trailofbits.com> --------- Signed-off-by: William Woodruff <william@trailofbits.com>	2023-10-31 15:03:35 -04:00
Alex Gaynor	e9dedc3dcc	Reformat tests/x509/test_x509_ext.py (#9772 ) this matches both ruff and black style	2023-10-25 11:11:05 -05:00
Alex Gaynor	6b966a9b21	Reformat most remaining tests (#9771 ) this matches both ruff and black style	2023-10-25 11:10:42 -05:00

1 2 3 4 5 ...

2412 commits