* Add top-level ServerVerifier.verify API
This is a breakout from #8873, with just the interface/types and
a `NotImplementedError` stub.
Signed-off-by: William Woodruff <william@trailofbits.com>
* verification: move Store into PolicyBuilder/ServerVerifier
Signed-off-by: William Woodruff <william@trailofbits.com>
* verification: docs
Signed-off-by: William Woodruff <william@trailofbits.com>
* lintage
Signed-off-by: William Woodruff <william@trailofbits.com>
* docs: document ServerVerifier.store
Signed-off-by: William Woodruff <william@trailofbits.com>
---------
Signed-off-by: William Woodruff <william@trailofbits.com>
* src, tests: flatten all changes
Signed-off-by: William Woodruff <william@trailofbits.com>
validation: remove Profile abstract from public APIs
One step towards removing it entirely
Signed-off-by: William Woodruff <william@trailofbits.com>
policy: disambiguate references
Signed-off-by: William Woodruff <william@trailofbits.com>
policy: remove separate rfc5280 profile
Signed-off-by: William Woodruff <william@trailofbits.com>
policy: remove profile abstraction entirely
Signed-off-by: William Woodruff <william@trailofbits.com>
rust: permitted_algorithms filtering
Signed-off-by: William Woodruff <william@trailofbits.com>
verify: simplify policy API substantially
No more manual monomorphization.
Signed-off-by: William Woodruff <william@trailofbits.com>
src, tests: remove verification code
Signed-off-by: William Woodruff <william@trailofbits.com>
validation: remove more validation code
Signed-off-by: William Woodruff <william@trailofbits.com>
* cryptography, rust: lintage
Signed-off-by: William Woodruff <william@trailofbits.com>
* cryptography, rust: lintage, add Policy.subject API
Signed-off-by: William Woodruff <william@trailofbits.com>
* src, tests: initial PolicyBuilder tests
Signed-off-by: William Woodruff <william@trailofbits.com>
* verify: Policy.validation_time getter
Signed-off-by: William Woodruff <william@trailofbits.com>
* push Store into rust
Signed-off-by: William Woodruff <william@trailofbits.com>
* cleanup, fixup
Signed-off-by: William Woodruff <william@trailofbits.com>
* tests: lintage
Signed-off-by: William Woodruff <william@trailofbits.com>
* src: lintage
Signed-off-by: William Woodruff <william@trailofbits.com>
* tests: fix linter warning
* policy: apply the relevant parts of trail-of-forks/cryptography/pull/3
Signed-off-by: William Woodruff <william@trailofbits.com>
* policy: typo
Signed-off-by: William Woodruff <william@trailofbits.com>
* fixup type hints
Signed-off-by: William Woodruff <william@trailofbits.com>
* drop dep
Not used, yet.
Signed-off-by: William Woodruff <william@trailofbits.com>
* Revert "drop dep"
This reverts commit a5154e1245e666a79838cd73784884fad6743e7f.
* mod: remove permits_* bodies
Will include these in a subsequent PR.
Signed-off-by: William Woodruff <william@trailofbits.com>
* src: drop certificate helpers as well
Not needed yet.
Signed-off-by: William Woodruff <william@trailofbits.com>
* verify: remove unneeded explicit lifetimes
Signed-off-by: William Woodruff <william@trailofbits.com>
* tests: builder API coverage
Signed-off-by: William Woodruff <william@trailofbits.com>
* tests: more coverage
Signed-off-by: William Woodruff <william@trailofbits.com>
* type hints
Signed-off-by: William Woodruff <william@trailofbits.com>
* unused derives
Signed-off-by: William Woodruff <william@trailofbits.com>
* validation: more coverage
Signed-off-by: William Woodruff <william@trailofbits.com>
* policy: more cov
Signed-off-by: William Woodruff <william@trailofbits.com>
* policy: more coverage
Signed-off-by: William Woodruff <william@trailofbits.com>
* policy: add some known bad testcases
Signed-off-by: William Woodruff <william@trailofbits.com>
* policy: coverage
Signed-off-by: William Woodruff <william@trailofbits.com>
* validation: remove trust_store
Not yet used.
Signed-off-by: William Woodruff <william@trailofbits.com>
* ops: add NullOps test
Signed-off-by: William Woodruff <william@trailofbits.com>
* x509: reimplement verify_directly_issued_by via CryptoOps
Tests fail, but this gets the right coverage.
Signed-off-by: William Woodruff <william@trailofbits.com>
* ops: use results
Signed-off-by: William Woodruff <william@trailofbits.com>
* src, tests: last cov, hopefully
Signed-off-by: William Woodruff <william@trailofbits.com>
* test: lintage
Signed-off-by: William Woodruff <william@trailofbits.com>
* docs: fill in API docs
Signed-off-by: William Woodruff <william@trailofbits.com>
* rust: uniform imports
Signed-off-by: William Woodruff <william@trailofbits.com>
* minimize for MVP
No configurable profile, Web PKI only.
Signed-off-by: William Woodruff <william@trailofbits.com>
* verify: remove old NOTE
Signed-off-by: William Woodruff <william@trailofbits.com>
* verify: remove another old NOTE
Signed-off-by: William Woodruff <william@trailofbits.com>
* src, tests: fixup tests
Signed-off-by: William Woodruff <william@trailofbits.com>
* docs: cleanup
Signed-off-by: William Woodruff <william@trailofbits.com>
* src, tests: drop support for missing subjects
As part of the MVP.
Signed-off-by: William Woodruff <william@trailofbits.com>
* profile: remove old comments
Signed-off-by: William Woodruff <william@trailofbits.com>
* policy: remove some verify-adjacent APIs
Paring down for review.
Signed-off-by: William Woodruff <william@trailofbits.com>
* policy: remove more verify-adjacent APIs
Signed-off-by: William Woodruff <william@trailofbits.com>
* policy: remove some From impls
Signed-off-by: William Woodruff <william@trailofbits.com>
* policy: remove rfc5280 constructor
Signed-off-by: William Woodruff <william@trailofbits.com>
* docs: declutter diff
Signed-off-by: William Woodruff <william@trailofbits.com>
* profile: prune even more state
Signed-off-by: William Woodruff <william@trailofbits.com>
* policy: remove old TODO
Signed-off-by: William Woodruff <william@trailofbits.com>
* policy: remove PolicyError
For now.
Signed-off-by: William Woodruff <william@trailofbits.com>
* docs: typo
Signed-off-by: William Woodruff <william@trailofbits.com>
* ops: remove NullOps
Signed-off-by: William Woodruff <william@trailofbits.com>
* rust: remove dev-dep, don't use import
Signed-off-by: William Woodruff <william@trailofbits.com>
* rust: fix IP_ADDRESS rename
Signed-off-by: William Woodruff <william@trailofbits.com>
* docs: clarify time behavior
Signed-off-by: William Woodruff <william@trailofbits.com>
* rename webpki() to new()
Since it doesn't actually do anything WebPKI related at the moment.
Signed-off-by: William Woodruff <william@trailofbits.com>
* docs: relocate
Signed-off-by: William Woodruff <william@trailofbits.com>
* verify: FixedPolicy -> PyCryptoPolicy
Signed-off-by: William Woodruff <william@trailofbits.com>
* verify: simplify SubjectOwner substantially
Signed-off-by: William Woodruff <william@trailofbits.com>
* verify: remove getter helper
Signed-off-by: William Woodruff <william@trailofbits.com>
* verify: reloc TODO
Signed-off-by: William Woodruff <william@trailofbits.com>
---------
Signed-off-by: William Woodruff <william@trailofbits.com>
Co-authored-by: Facundo Tuesca <facundo.tuesca@trailofbits.com>
* Adapt ChaCha20 test vectors to 64-bit counter
* Add ChaCha20 test vectors for counter overflow
These vectors test the behavior during counter overflow. Since
different implementations use different counter sizes (e.g. OpenSSL
uses a 64-bit counter, whereas BoringSSL uses a 32-bit counter),
it's important to ensure that the behavior during counter overflow
is consistent between implementations.
These vectors take into account both 32-bit and 64-bit overflows.
* Restore missing section from ChaCha20 docs
This change fixes the indentation of a note inside the ChaCha20
section of the docs, which caused the note to not render in the
resulting HTML.
* Fix ChaCha20 docs to specify non RFC-compliance
Currently, cryptography uses OpenSSL's ChaCha20 implementation,
which is based on the original algorithm designed by Daniel J.
Bernstein rather than the later standardized version (RFC 7539).
Since the documentation does not reflect this (it describes the RFC
version of the algorithm, rather than the original version we use),
this change fixes that.
* Remove random counter from ChaCha20 example docs
This changes the ChaCha20 example in the documentation to use a
normal user-defined variable for the counter part of the nonce,
rather than a randomized counter.
* tolerate NULL params in ECDSA SHA2 AlgorithmIdentifier
Java 11 does this incorrectly. It was fixed in Java16+ and they are
planning to do a backport, but we'll need to tolerate this invalid
encoding for a while.
* test both inner and outer
* admit to the existence of nuance in HKDF
* Update docs/hazmat/primitives/key-derivation-functions.rst
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
---------
Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
RFC 4055 section 2.1 states "All implementations MUST accept both
NULL and absent parameters as legal and equivalent encodings".
It also makes some somewhat conflicting statements after that, but
LibreSSL omits the null params for PSS, and OpenSSL parses this
without issue so tolerance it is.
* support X.509 certificate PSS signing
no CSR, CRL, etc
* handle PSS.(MAX_LENGTH, DIGEST_LENGTH), review feedback
* name the kwarg
* test improvements
* skip if sha3 isn't supported
* invalid visible string support
this allows utf8 in visiblestring, which is not valid DER. we raise a
warning when this happens, but allow it since belgian eIDs, among
others, have encoding errors. Belgium fixed this by 2021 (and possibly
earlier), but their eID certificates have 10 year validity.
* review comments
* clippy
* Fix for #8854
Fix for issue #8854
* Fix for issue #8854
Fix for issue #8854
* versionadded
---------
Co-authored-by: Paul Kehrer <paul.l.kehrer@gmail.com>
