cryptography

mirror of https://github.com/saymrwulf/cryptography.git synced 2026-05-14 20:37:55 +00:00

Author	SHA1	Message	Date
Paul Kehrer	1ff0d50948	re-add Cryptography_HAS_TLSEXT_HOSTNAME and bump for 3.3.1 (#5625 ) * re-add Cryptography_HAS_TLSEXT_HOSTNAME and bump for 3.3.1 * review feedback	2020-12-09 19:27:21 -05:00
Alex Gaynor	7e8fff73cf	Prepare for 3.3 release (#5603 )	2020-12-08 16:26:19 -06:00
Alex Gaynor	b5278c9085	Fixed DH tests for latest CentOS FIPS OpenSSL (#5604 ) * Fixed DH tests for latest CentOS FIPS OpenSSL (1.1.1g)	2020-12-08 15:45:30 -06:00
Zoltan Kelemen	6693d55cbe	Add support for RSA signature recovery (#5573 ) * Removed unused argument. * Added support for RSA signature recovery. * Syntatic corrections for passing pep8 tests. * Corrected typo. * Added test of invalid Prehashed parameter to RSA signature recover. * Renamed recover to a more descriptive name. * Extended RSA signature recovery with option to return full data (not only the digest part). * Added missing words to pass spell check.	2020-12-07 23:58:04 -05:00
Alex Gaynor	8686d524b7	Document that PKCS1v1.5 is not constant time (#5600 ) closes #5510	2020-12-06 22:12:44 -06:00
Alex Gaynor	1be144acc6	bump cffi minimum version to help out pyopenssl (#5598 ) fixes https://github.com/pyca/pyopenssl/issues/971	2020-12-01 13:01:43 -06:00
Alex Gaynor	96f2d96d1c	remove legacy debugging code from setup.py (#5597 )	2020-12-01 12:23:39 -06:00
Alex Gaynor	2660f93eca	Document that Firefox doesn't support unencrypted pkcs12 (#5596 )	2020-12-01 10:54:29 -06:00
Alex Gaynor	a209669485	Added tls bindings for new OpenSSL APIs (#5595 ) fixes #5379 closes #5483	2020-12-01 09:10:56 -06:00
Alex Gaynor	6d858c8bac	fixes #4531 -- support encoding SCTs in certificates (#5594 )	2020-11-30 21:56:52 -06:00
Alex Gaynor	f133a3029a	Don't build our custom osrandom engine on libressl (#5593 ) * Don't build our custom osrandom engine on libressl As far as I can tell it's never used on LibreSSL -- they're `RAND_bytes` function unconditionally calls `arc4random_buf` * Update cryptography.py	2020-11-29 12:12:18 -06:00
Paul Kehrer	4645f02c25	disallow p less than 512-bit on DH (#5592 ) * disallow p less than 512-bit on DH OpenSSL 3.0.0 enforces this so we'll go ahead and enforce it everywhere that's practical for us. (Note that we do not enforce on deserializing PKCS1/PKCS8 keys in < 3.0.0, but this PR adds a test so that in the 3.0.0 support branch we can test an error path) * missing test * black * _MIN_MODULUS_SIZE is now a thing * skip on fips	2020-11-29 11:01:16 -05:00
Paul Kehrer	fd7ed67040	don't require errors to be on the stack when loading a key (#5590 ) In OpenSSL 3.0.0 no error is added in many cases for this path and since we don't do anything with the error anyway we should just consume and move on	2020-11-26 15:13:47 -05:00
Paul Kehrer	ac4c22168f	Reduce granularity of error msging when deserializing keys (#5588 ) * Reduce granularity of error msging when deserializing keys In OpenSSL 3.0 it is no longer possible to determine whether the reason a key failed to deserialize is because of an unsupported cipher. Since we want to be more resilient to OpenSSL error code instability we'll just remove these paths. * black * changelog and update docs	2020-11-26 14:07:25 -05:00
Paul Kehrer	d890e2a606	define OAEP properties for all openssl versions (#5589 ) In 3.0 these aren't macros so we can't test this way. All our supported OpenSSLs have these bindings now and LibreSSL does not.	2020-11-26 12:52:47 -05:00
Paul Kehrer	417f684f61	in OpenSSL 1.1.0+ error strings are automatically loaded (#5587 )	2020-11-26 12:10:44 -05:00
Alex Gaynor	5cd265aca0	Start refactoring github actions to reduce duplication (#5583 )	2020-11-23 18:33:44 -06:00
Alex Gaynor	21144be304	Simplify CI scripts (#5582 )	2020-11-21 19:38:08 -06:00
Alex Gaynor	2b85c4d915	Simplify wycheproof pytest code (#5579 )	2020-11-20 11:22:47 -06:00
Alex Gaynor	fd582e8913	Debian sid has python 3.9 now (#5580 )	2020-11-19 23:48:13 -06:00
Alex Gaynor	239fddf2d9	Polish up the fernet limitations language (#5577 )	2020-11-19 13:07:47 -06:00
Alex Gaynor	d22bdc87ee	Move paramiko job to github actions (#5565 )	2020-11-13 18:55:05 -06:00
Alex Gaynor	488cd740bb	Remove two linkcheck ignores (#5570 )	2020-11-13 11:25:43 -06:00
Alex Gaynor	eb02f2127f	Update artifact name for changes from pyca-infra (#5569 )	2020-11-13 10:13:30 -06:00
Alex Gaynor	548b1b2d40	Added python2 removal to the changelog (#5567 ) * Added python2 removal to the changelog * Update CHANGELOG.rst	2020-11-12 11:31:10 -06:00
Alex Gaynor	9e081513a0	Garbage collect more CI code (#5564 )	2020-11-11 18:49:28 -06:00
Paul Kehrer	a07da37f14	port docs and docs-linkcheck (#5563 ) * port docs and docs-linkcheck * allow linkcheck if the commit msg says linkcheck combine docs job into lint jobs * can't get the commit msg at this time on a PR	2020-11-11 18:56:58 -05:00
Alex Gaynor	ce9645a9c7	garbage collect dead code (#5562 )	2020-11-11 15:37:42 -06:00
Paul Kehrer	23ce5638fd	migrate more from Travis to GHA (#5555 ) * migrate more from Travis to GHA * actually upload coverage * use cache checks properly * also do coverage * simplify coverage check * refactor a bit * oops * remove unused things in travis * this needs to be stored to the github env...	2020-11-11 15:27:57 -05:00
Alex Gaynor	49109ce1a6	Always rely on OpenSSL's builtin locking callbacks (#5561 )	2020-11-11 13:35:47 -06:00
Alex Gaynor	d74a477b66	Tighten up this warning message (#5560 )	2020-11-11 10:57:32 -06:00
Alex Gaynor	94f32c14b7	See if we can remove this now that we're on focal (#5559 )	2020-11-11 10:25:29 -06:00
Alex Gaynor	e0b446e2e4	Migrate drownstream tests to GHA (#5554 )	2020-11-11 09:50:02 -06:00
Felix Fontein	b9b921aa89	Fix broken links (#5552 ) * Fix broken links. * Shorter lines.	2020-11-10 21:52:33 -06:00
Paul Kehrer	b59d2de9cf	GCM IV size limits (#5553 ) * GCM IV size limits OpenSSL 3.0.0 is going to enforce these size limits so we might as well put them in now. * fix the tests * black * these cases can't happen if we're limiting IV size already	2020-11-09 13:56:53 -05:00
Benjamin Peterson	15771e2ec2	padding: Tip-toe around bytes subclasses. (#5548 ) This change allows future's newbytes class to be padded again. Fixes https://github.com/pyca/cryptography/issues/5547.	2020-11-04 07:49:47 -08:00
Mads Jensen	4ba0d6ea4a	Fix broken link to security documentation in README.rst (#5551 )	2020-11-04 08:51:17 -06:00
Alex Gaynor	923de98f04	Attempt to move docker builds from travis to GHA (#5545 ) * Attempt to move docker builds from travis to GHA * fix linkcheck	2020-11-03 07:16:06 -08:00
Alex Gaynor	d59b7c235b	Don't tell people to use PGP, it's not good (#5543 )	2020-11-01 08:55:52 -08:00
Paul Kehrer	66654d628d	print some stuff in setup.py to try to educate people (#5539 ) This is likely futile, but maybe it will slightly help out people who run into compilation errors and actually choose to look at the output.	2020-10-31 19:10:10 -04:00
Paul Kehrer	81e5de8986	updated faq entry (#5541 ) the error will be opensslv.h these days and we don't need to talk specifically about macOS	2020-10-31 19:09:07 -04:00
Alex Gaynor	753965c13a	abi3 only on windows (#5537 )	2020-10-31 11:23:44 -07:00
Alex Gaynor	752f966c94	we have abi3 wheels for windows now (#5536 ) * we have abi3 wheels for windows now * Update faq.rst	2020-10-31 11:05:45 -07:00
Alex Gaynor	e06e5c6767	tense (#5538 )	2020-10-31 11:05:21 -07:00
Alex Gaynor	851acb5ab4	Rephrase abi3 FAQ so it stays accurate (#5534 )	2020-10-30 09:55:40 -07:00
Alex Gaynor	a48bcfba2a	Clean up travis scripts now that 1.0.2 is dropped (#5530 )	2020-10-28 22:01:59 -07:00
Alex Gaynor	2ce289fdae	Update installation docs for 3.5 drop (#5531 )	2020-10-28 22:01:37 -07:00
Alex Gaynor	ec8b0b204f	Update .travis.yml for 3.9 (#5482 )	2020-10-28 11:02:46 -07:00
Thomas Grainger	6c43bbce9a	fix Python 2 CryptographyDeprecationWarning guide (#5529 )	2020-10-28 14:02:17 -04:00
Alex Gaynor	95049c5c5f	fedora has python 3.9 now (#5528 )	2020-10-28 08:41:39 -07:00

1 2 3 4 5 ...

8059 commits