saymrwulf/cryptography
1
0
Fork 0
mirror of https://github.com/saymrwulf/cryptography.git synced 2026-05-14 20:37:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
8722 commits 40 branches 135 tags 60 MiB
Commit graph

8722 commits

This branch
This branch
All branches
Author SHA1 Message Date
Alex Gaynor
d09e1eda2b
Final polish on removing backends from places they aren't required (#6644) 2021-11-22 05:01:31 +08:00
Paul Kehrer
5bd0c10d50
allow parsing of nonstandard country name and jurisdiction country name (#6641) 
The spec requires both of these to be exactly two characters to
correspond with ISO country codes. Reality is sometimes messier, so this
allows parsing (but not encoding) of this invalid data. Parsing will
raise a UserWarning if incorrect lengths are detected.
 2021-11-21 03:16:43 +00:00
Paul Kehrer
2b22df182d
remind people we're going to remove verifier/signer (#6640) 2021-11-21 01:58:29 +00:00
Alex Gaynor
b14285eff5
Simplify the code in the AEAD test (#6638) 
Only unhexlify each thing once
 2021-11-21 07:18:20 +08:00
Alex Gaynor
8be0f79b87
Added a CI job for 3.11-dev (#6637) 2021-11-21 07:17:52 +08:00
Alex Gaynor
a9f101f153
Reduce number of windows builders (#6636) 2021-11-20 22:21:09 +00:00
Alex Gaynor
60c846f551
Make randomorder a regular job and not a distro one (#6633) 2021-11-21 05:13:57 +08:00
Alex Gaynor
ccbcd464f0
Remove unused attributes (#6631) 2021-11-21 05:13:17 +08:00
Alex Gaynor
cbc7861acb
Try removing line whose purpose I don't understand (#6632) 2021-11-21 05:12:48 +08:00
Alex Gaynor
d065d82145
fixes #6627 -- added two changes to our 36.0 changelog (#6628) 2021-11-20 02:59:42 +00:00
Paul Kehrer
458e9eb698
support negative serials in certificate parsing (#6626) 
* support negative serials in certificate parsing

but raise a warning every time we see it. also proactively raise on
initial parse of the certificate, not just when accessing the
serial_number attribute

* cargo fmt

* review feedback and changelog

* pssh

* Update CHANGELOG.rst

Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>

Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
 2021-11-20 02:56:55 +00:00
Alex Gaynor
302e2aceb1
fixes #6404 -- attempt to treat OCSP Nonce as being an octet string (#6625) 
This is an awful hybrid, but hopefully puts us on a path to removing this nonsense
 2021-11-20 06:32:00 +08:00
dependabot[bot]
73e8755160
Bump pyo3 from 0.15.0 to 0.15.1 in /src/rust (#6623) 
Bumps [pyo3](https://github.com/pyo3/pyo3) from 0.15.0 to 0.15.1.
- [Release notes](https://github.com/pyo3/pyo3/releases)
- [Changelog](https://github.com/PyO3/pyo3/blob/main/CHANGELOG.md)
- [Commits](https://github.com/pyo3/pyo3/compare/v0.15.0...v0.15.1)

---
updated-dependencies:
- dependency-name: pyo3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-11-19 12:55:47 +00:00
dependabot[bot]
9177dd203b
Bump asn1 from 0.8.6 to 0.8.7 in /src/rust (#6622) 
Bumps [asn1](https://github.com/alex/rust-asn1) from 0.8.6 to 0.8.7.
- [Release notes](https://github.com/alex/rust-asn1/releases)
- [Commits](https://github.com/alex/rust-asn1/compare/0.8.6...0.8.7)

---
updated-dependencies:
- dependency-name: asn1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-11-18 12:49:25 +00:00
Paul Kehrer
4acd53cfb1
disable some workflows on forks (#6619) 
these don't make sense for forks so let's not run them
 2021-11-18 12:22:36 +00:00
dependabot[bot]
868b915e74
Bump actions/setup-python from 2.2.2 to 2.3.0 (#6620) 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2.2.2 to 2.3.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2.2.2...v2.3.0)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-11-18 12:20:10 +00:00
Paul Kehrer
c448809306
more typing (#6616) 2021-11-17 12:37:55 +00:00
Paul Kehrer
edcf395cbc
raise warning on encoded default value in csr (#6615) 2021-11-17 07:05:10 -05:00
Paul Kehrer
cd69204077
type some more things in the tests (#6614) 2021-11-17 07:04:14 -05:00
April King
a9fa8015ae
Update fernet docs to use latest Django recommendations (#6611) 
* Update fernet docs to use latest Django recommendations

* Err, remember how RST works
 2021-11-16 03:44:52 +00:00
Paul Kehrer
78c2dd8a04
add AES SIV vectors (#6608) 2021-11-15 07:19:44 -05:00
Paul Kehrer
ffb40e6228
OCB3 support (#6607) 
* OCB3 support in aead package

* improve comment
 2021-11-14 23:10:06 -05:00
Paul Kehrer
c451c1df4e
add AES OCB3 test vectors (#6606) 2021-11-15 01:50:13 +00:00
Paul Kehrer
43c192b2b3
remove deprecated calls in tests (#6604) 2021-11-14 11:44:40 +00:00
Paul Kehrer
b9b95952f5
support attributes on csrs with an iterable (#6603) 2021-11-14 06:20:11 -05:00
Alex Gaynor
4da2a68118
Allow parsing CSR extensions with the critical bit having an explicitly encoded default (#6600) 
* Allow parsing CSR extensions with the critical bit having an explicitly encoded default

* Poke for zuul
 2021-11-14 05:42:10 +08:00
Paul Kehrer
105400786a
add one more engine binding (#6599) 
we don't support these but advanced users may make use of them
 2021-11-12 21:22:22 -05:00
Alex Gaynor
afaf184674
Mention LibreSSL and BoringSSL in our installation docs (#6597) 2021-11-13 05:07:00 +08:00
Alex Gaynor
8c73dcd966
Make --capture=no and --strict-markers enabled by default for pytest (#6598) 2021-11-13 04:56:24 +08:00
Paul Kehrer
d3e23411a2
boring changelog (#6595) 2021-11-12 08:37:09 -05:00
Paul Kehrer
5e6b8732ab
handle unused bits in distribution point reasons as well (#6594) 2021-11-12 08:36:35 -05:00
Paul Kehrer
7bcfe44e25
encode KeyUsage with unused bits (#6593) 2021-11-12 06:55:34 +00:00
Alex Gaynor
b2c7ded45c
Run tests/hazmat/bindings/test_openssl.py on BoringSSL (#6592) 
Refs #6576
 2021-11-12 06:54:50 +00:00
Paul Kehrer
2426bdc90b
skip pkcs7 tests on boring (#6591) 
* skip pkcs7 tests on boring

* make it work
 2021-11-12 06:31:59 +00:00
Felix Fontein
19da50e93d
Allow to serialize extension values as DER bytes strings (#6346) 
* Allow to serialize extension values as DER bytes string.

* Prepare test for SignedCertificateTimestamps.
 2021-11-12 14:02:17 +08:00
Paul Kehrer
3225358d15
x509 tests for boring (#6590) 2021-11-12 00:38:16 -05:00
Alex Gaynor
17ea93ca73
Run tests/primitives/test_{dh,serialization}.py on BoringSSL (#6589) 
Refs #6576
 2021-11-12 01:00:16 +00:00
Alex Gaynor
749e57387c
Run tests/hazmat/backends/ under BoringSSL (#6588) 
Refs #6576
 2021-11-12 00:39:30 +00:00
Alex Gaynor
d6af9f604c
Run a small number of bindings and backend tests on BoringSSL (#6587) 
Refs #6576
 2021-11-12 07:47:14 +08:00
Alex Gaynor
bf60d3ebba
Run tests/primitives/ (minus a few files) on BoringSSL (#6584) 2021-11-11 22:31:31 +00:00
Alex Gaynor
8245d777ba
Make DH bindings follow style guide (#6586) 2021-11-12 05:43:08 +08:00
Alex Gaynor
858acb2a79
Run tests/wycheproof/ on BoringSSL (#6583) 2021-11-12 05:42:51 +08:00
Felix Fontein
cc9c1cf1d2
Move extension encoding code to new crate x509::extensions (#6571) 
* Move certificate extension encoding code to new crate x509::extensions.

* Move more extension serialization code to x509::extensions.

* Unify extension encoding into one function.

* Move all extension OIDs to x509::extensions.

* Move all OIDs to x509::oid.
 2021-11-11 06:36:03 +08:00
Alex Gaynor
45cf40fa4e
Break down the test/hazmat/ skips (#6578) 
Refs #6576
 2021-11-10 04:51:11 +00:00
Alex Gaynor
55ec7169c7
Run tests/hypothesis/ under boringssl (#6577) 
refs #6576
 2021-11-10 08:51:52 +08:00
Alex Gaynor
610b5f127e
Simplify how we test boring, in a way that'll be extensible to the future (#6575) 
* Simplify how we test boring, in a way that'll be extensible to the future

* Break out what we ignore

* Get fernet tests passing on boringssl
 2021-11-10 08:06:27 +08:00
Alex Gaynor
df50810f7c
try to make the coverage handling of this better (#6574) 2021-11-10 04:40:15 +08:00
Paul Kehrer
226ff0c364
retry paramiko tests if they fail (#6572) 
* retry paramiko tests if they fail

flaky tests are so annoying

* comment
 2021-11-08 23:58:54 -05:00
Alex Gaynor
042876f213
Bump BoringSSL version (#6568) 2021-11-09 04:24:56 +08:00
Alex Gaynor
043f76f460
actions/checkout doesn't work with non-github repos apparently (#6561) 2021-11-08 20:50:37 +08:00