delta/python-packages/cryptography.git/tests/hazmat, branch macos-github-actions github.com: pyca/cryptography.git Fixes #5065 -- skip serialization tests which use RC2 if OpenSSL doesn't have RC2 (#5072) 2019-11-24T23:16:14+00:00 Alex Gaynor alex.gaynor@gmail.com 2019-11-24T23:16:14+00:00 aa7c2992c91ea90dc967e6acc6b2fb190aed0000 * Refs #5065 -- have a CI job with OpenSSL built with no-rc2 * Fixes #5065 -- skip serialization tests which use RC2 if OpenSSL doesn't have RC2 
* Refs #5065 -- have a CI job with OpenSSL built with no-rc2

* Fixes #5065 -- skip serialization tests which use RC2 if OpenSSL doesn't have RC2
Let Oid enforce positive decimal integers (#5053) 2019-11-10T15:45:30+00:00 Noel Remy mocramis@gmail.com 2019-11-10T15:45:30+00:00 68e49ae4400c0ff68aac2e7c5f95725e7af0de40 Failing that would lead to an OpenSSL error when calling OBJ_txt2obj at serialization. Adds basic tests for oids. 
Failing that would lead to an OpenSSL error when calling OBJ_txt2obj at
serialization.

Adds basic tests for oids.
 Deal with the 2.5 deprecations (#5048) 2019-11-03T05:47:13+00:00 Alex Gaynor alex.gaynor@gmail.com 2019-11-03T05:47:13+00:00 9668b000326585339267a42176facd9ff81481ee * Deal with the 2.5 deprecations * pep8 + test fixes * docs typo * Why did I do this? * typo 
* Deal with the 2.5 deprecations

* pep8 + test fixes

* docs typo

* Why did I do this?

* typo
Fixes #5018 -- break users on OpenSSL 1.0.1 (#5022) 2019-10-18T12:47:15+00:00 Alex Gaynor alex.gaynor@gmail.com 2019-10-18T12:47:15+00:00 1c186772f6fd64180bd3387de2e1ef1a6d1ba58e * Fixes #5018 -- break users on OpenSSL 1.0.1 * Grammar * Syntax error * Missing import * Missing import 
* Fixes #5018 -- break users on OpenSSL 1.0.1

* Grammar

* Syntax error

* Missing import

* Missing import
update our test to be more robust wrt some changes from upstream (#4993) 2019-09-11T04:12:30+00:00 Paul Kehrer paul.l.kehrer@gmail.com 2019-09-11T04:12:30+00:00 e575e3d482f976c4a1f3203d63ea0f5007a49a2a 






fix coverage, small cleanups in tests (#4990)
2019-09-09T05:23:35+00:00

Paul Kehrer
paul.l.kehrer@gmail.com

2019-09-09T05:23:35+00:00

73114b39c1afe6061cc45acf02d185934ae08b04












Make DER reader into a context manager (#4957)
2019-07-29T02:58:04+00:00

Alex Gaynor
alex.gaynor@gmail.com

2019-07-29T02:58:04+00:00

9cd41ac714d9bff819ece6d8cdcde064d403c671

* Make DER reader into a context manager

* Added another test case

* flake8





* Make DER reader into a context manager

* Added another test case

* flake8







Remove asn1crypto dependency (#4941)
2019-07-28T17:06:40+00:00

David Benjamin
davidben@google.com

2019-07-28T17:06:40+00:00

2d3b420383fc6aa16675e04caec56ca6b16069a1

* Remove non-test dependencies on asn1crypto.

cryptography.io actually contains two OpenSSL bindings right now, the
expected cffi one, and an optional one hidden in asn1crypto. asn1crypto
contains a lot of things that cryptography.io doesn't use, including a
BER parser and a hand-rolled and not constant-time EC implementation.

Instead, check in a much small DER-only parser in cryptography/hazmat. A
quick benchmark suggests this parser is also faster than asn1crypto:

  from __future__ import absolute_import, division, print_function
  import timeit

  print(timeit.timeit(
      "decode_dss_signature(sig)",
      setup=r"""
  from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature
  sig=b"\x30\x2d\x02\x15\x00\xb5\xaf\x30\x78\x67\xfb\x8b\x54\x39\x00\x13\xcc\x67\x02\x0d\xdf\x1f\x2c\x0b\x81\x02\x14\x62\x0d\x3b\x22\xab\x50\x31\x44\x0c\x3e\x35\xea\xb6\xf4\x81\x29\x8f\x9e\x9f\x08"
  """,
      number=10000))

Python 2.7:
  asn1crypto: 0.25
  _der.py: 0.098

Python 3.5:
  asn1crypto: 0.17
  _der.py: 0.10

* Remove test dependencies on asn1crypto.

The remaining use of asn1crypto was some sanity-checking of
Certificates. Add a minimal X.509 parser to extract the relevant fields.

* Add a read_single_element helper function.

The outermost read is a little tedious.

* Address flake8 warnings

* Fix test for long-form vs short-form lengths.

Testing a zero length trips both this check and the non-minimal long
form check. Use a one-byte length to cover the missing branch.

* Remove support for negative integers.

These never come up in valid signatures. Note, however, this does
change public API.

* Update src/cryptography/hazmat/primitives/asymmetric/utils.py

Co-Authored-By: Alex Gaynor <alex.gaynor@gmail.com>

* Review comments

* Avoid hardcoding the serialization of NULL in decode_asn1.py too.





* Remove non-test dependencies on asn1crypto.

cryptography.io actually contains two OpenSSL bindings right now, the
expected cffi one, and an optional one hidden in asn1crypto. asn1crypto
contains a lot of things that cryptography.io doesn't use, including a
BER parser and a hand-rolled and not constant-time EC implementation.

Instead, check in a much small DER-only parser in cryptography/hazmat. A
quick benchmark suggests this parser is also faster than asn1crypto:

  from __future__ import absolute_import, division, print_function
  import timeit

  print(timeit.timeit(
      "decode_dss_signature(sig)",
      setup=r"""
  from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature
  sig=b"\x30\x2d\x02\x15\x00\xb5\xaf\x30\x78\x67\xfb\x8b\x54\x39\x00\x13\xcc\x67\x02\x0d\xdf\x1f\x2c\x0b\x81\x02\x14\x62\x0d\x3b\x22\xab\x50\x31\x44\x0c\x3e\x35\xea\xb6\xf4\x81\x29\x8f\x9e\x9f\x08"
  """,
      number=10000))

Python 2.7:
  asn1crypto: 0.25
  _der.py: 0.098

Python 3.5:
  asn1crypto: 0.17
  _der.py: 0.10

* Remove test dependencies on asn1crypto.

The remaining use of asn1crypto was some sanity-checking of
Certificates. Add a minimal X.509 parser to extract the relevant fields.

* Add a read_single_element helper function.

The outermost read is a little tedious.

* Address flake8 warnings

* Fix test for long-form vs short-form lengths.

Testing a zero length trips both this check and the non-minimal long
form check. Use a one-byte length to cover the missing branch.

* Remove support for negative integers.

These never come up in valid signatures. Note, however, this does
change public API.

* Update src/cryptography/hazmat/primitives/asymmetric/utils.py

Co-Authored-By: Alex Gaynor <alex.gaynor@gmail.com>

* Review comments

* Avoid hardcoding the serialization of NULL in decode_asn1.py too.







add class methods for poly1305 sign verify operations (#4932)
2019-07-08T20:44:11+00:00

Jeff Yang
jeffjieyang@gmail.com

2019-07-08T20:44:11+00:00

cd59bd275ecc484b1662c86ae9ef0a64eb17d00f












Fix some backend feature checks in tests (#4931)
2019-07-08T20:42:00+00:00

David Benjamin
davidben@google.com

2019-07-08T20:42:01+00:00

9a09f9690890c4b6fa6d4d1625e78dcbaffbf734

* Remove irrelevant DHBackend test conditions

DHBackend provides functions for plain finite-field Diffie-Hellman.
X25519 and X448 are their own algorithms, and Ed25519 and Ed448 aren't
even Diffie-Hellman primitives.

* Add missing backend support checks.

Some new AES and EC tests did not check for whether the corresponding
mode or curve was supported by the backend.

* Add a DummyMode for coverage





* Remove irrelevant DHBackend test conditions

DHBackend provides functions for plain finite-field Diffie-Hellman.
X25519 and X448 are their own algorithms, and Ed25519 and Ed448 aren't
even Diffie-Hellman primitives.

* Add missing backend support checks.

Some new AES and EC tests did not check for whether the corresponding
mode or curve was supported by the backend.

* Add a DummyMode for coverage