* GCM IV size limits
OpenSSL 3.0.0 is going to enforce these size limits so we might as well
put them in now.
* fix the tests
* black
* these cases can't happen if we're limiting IV size already
* PKCS7SignatureBuilder now supports three serializations
PEM, DER, and SMIME. SMIME embeds the S/MIME headers and has the
detached signature concept.
* thanks libre
* smime signer support
* fix ed25519 check
* change some wording
* python 2.7...
* review feedback
* s/secure/signed
* do some verification in the tests
* review feedback
* doc return value
X509 signing for RSA keys that are too small. Let's just say signing
failed and attach the more specific problem as the error stack. A bit
uglier, but far more generic and stable to OpenSSL/LibreSSL/BoringSSL
Also be a bit more generic for OCSP signing
* disable the osrandom engine on 1.1.1d+
* skip (and run) some tests on 1.1.1d+
* simplify our conditionals
* Update src/_cffi_src/openssl/src/osrandom_engine.c
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* words
* more words
* language
* get coverage more cleverly
* a word
* Update .github/workflows/ci.yml
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* support x509 request challenge password parsing
* switch to a more generic (but not too generic) attribute parsing
* make it raise a valueerror
* Update tests/x509/test_x509.py
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* Support parsing SCTs in OCSPResponse
* s/typically/only and pep8
* remove unused vector
Co-authored-by: Szilárd Pfeiffer <szilard.pfeiffer@balasys.hu>
* Disallow ttl=None in (Multi)Fernet.decrypt_at_time()
Since the introduction of the _at_time() methods in #5256[1] there's
been this little voice in the back of my mind telling me that maybe it's
not the best idea to allow ttl=None in decrypt_at_time(). It's been like
this for convenience and code reuse reasons.
Then I submitted a patch for cryptography stubs in typeshed[2] and I had
to decide whether to define decrypt_at_time()'s ttl as int and be
incompatible with cryptography's behavior or Optional[int] and advertise
an API that can be misused much too easily. I went ahead with int.
Considering the above I decided to propose this patch. Some amount of
redundancy (and a new test to properly cover the
MultiFernet.decrypt_at_time() implementation) is a price to prevent
clients from shooting themselves in the foot with the tll=None gun since
setting ttl to None disabled timestamp checks even if current_time was
provided.
[1] https://github.com/pyca/cryptography/pull/5256
[2] https://github.com/python/typeshed/pull/4238
* Actually test the return value here
* Fix formatting
The CRL is missing a CRL number and should mark the delta CRL extension
as critical. RFC 5280 says the following:
Section 5.2.3:
> CRL issuers conforming to this profile MUST include this extension
> [CRL number] in all CRLs and MUST mark this extension as
> non-critical.
Section 5.2.4:
> The delta CRL indicator is a critical CRL extension that identifies a
> CRL as being a delta CRL.
> When a conforming CRL issuer generates a delta CRL, the delta CRL
> MUST include a critical delta CRL indicator extension.
Sadly, RFC 5280 is often unclear about the difference between issuer
requirements and verifier requirements, but test certificates should
conform to issuer requirements where possible, in case the underly
library becomes stricter. Section 5.2.4 includes further text which
implies a delta CRL without a CRL number is unusable for a verifier
anyway:
> A complete CRL and a delta CRL MAY be combined if the following four
> conditions are satisfied:
>
> [...]
>
> (d) The CRL number of the complete CRL is less than the CRL number
> of the delta CRL. That is, the delta CRL follows the complete
> CRL in the numbering sequence.
Note I have not updated the signature in crl_delta_crl_indicator.pem.
The test does not care, and it is unclear which key to sign it with.
* ssh.py contains load/serialize code.
* Add PrivateFormat.OpenSSH to .private_bytes() format.
* Add load_ssh_private_key().
* Use new code for PublicFormat.OpenSSH too.
* load_ssh_public_key() now supports reading signed public keys.
* Supported algorithms: rsa, dsa, ec, ed25519.
* Optional dependency on 'bcrypt' package via [ssh] extra
* Add a way to pass current time to Fernet
The motivation behind this is to be able to unit test code using Fernet
easily without having to monkey patch global state.
* Reformat to satisfy flake8
* Trigger a Fernet.encrypt() branch missing from coverage
* Revert specifying explicit current time in MultiFernet.rotate()
Message's timestamp is not verified anyway since ttl is None.
* Change the Fernet's explicit current time API slightly
This's been suggested in code review.
* Fix a typo
* Fix a typo
* Restore full MultiFernet test coverage and fix a typo
* Restore more coverage
time.time() is not called by MultiFernet.rotate() anymore so the monkey
patching and lambda need to go, because the patched function is not used
and coverage calculation will rightfully notice it.
* Remove an unused import
* Document when the *_at_time Fernet methods were added
* Additional tests for public/private_bytes
They expose few places that raise TypeError and AssertionError!
before, and ValueError later.
* Cleanup of private_bytes() backend
Also pass key itself down to backend.
* Cleanup of public_bytes() backend
* Test handling of unsupported key type
