summaryrefslogtreecommitdiff
path: root/docs
Commit message (Collapse)AuthorAgeFilesLines
* Fix gitlab URLs for linkcheck (#8938)Alex Gaynor2023-05-171-2/+2
|
* There are wheels for basically all linux distros now (#8923)Alex Gaynor2023-05-151-5/+4
|
* Remove linkcheck skip (#8915)Alex Gaynor2023-05-131-2/+0
| | | It now has a trusted issuer
* support X.509 certificate PSS signing (#8888)Paul Kehrer2023-05-101-1/+17
| | | | | | | | | | | | | * support X.509 certificate PSS signing no CSR, CRL, etc * handle PSS.(MAX_LENGTH, DIGEST_LENGTH), review feedback * name the kwarg * test improvements * skip if sha3 isn't supported
* add RSA PSS SHA1 hash algorithm + SHA1 MGF1 test vector (#8906)Paul Kehrer2023-05-111-0/+2
|
* add signature_algorithm_parameters to certificate (#8795)Paul Kehrer2023-05-071-0/+52
| | | | this allows easier verification of cert signatures, but more specifically allows PSS signature verification
* invalid visible string support (#8884)Paul Kehrer2023-05-071-0/+2
| | | | | | | | | | | | * invalid visible string support this allows utf8 in visiblestring, which is not valid DER. we raise a warning when this happens, but allow it since belgian eIDs, among others, have encoding errors. Belgium fixed this by 2021 (and possibly earlier), but their eID certificates have 10 year validity. * review comments * clippy
* Fix for #8854 (#8855)Harmin Parra Rueda2023-05-031-0/+6
| | | | | | | | | | | | | | | * Fix for #8854 Fix for issue #8854 * Fix for issue #8854 Fix for issue #8854 * versionadded --------- Co-authored-by: Paul Kehrer <paul.l.kehrer@gmail.com>
* Switch the vectors pacakge to use modern pyproject.toml (#8853)Alex Gaynor2023-05-021-3/+2
|
* Automate the version bump (#8828)Alex Gaynor2023-04-261-3/+2
|
* modernize intersphinx_mapping configuration (#8806)Alex Gaynor2023-04-241-2/+1
|
* add one more RSA PSS invalid test vector (#8798)Paul Kehrer2023-04-231-0/+2
|
* add two RSA PSS certificate vectors that have invalid encodings (#8797)Paul Kehrer2023-04-232-0/+6
| | | | | | | * add two RSA PSS certificate vectors that have invalid encodings The signatures on these vectors are not valid. * spelling
* update MAC docs (#8777)Paul Kehrer2023-04-212-2/+2
| | | | | * Update hmac.rst * Update poly1305.rst
* Update FAQ (#8773)Alex Gaynor2023-04-211-10/+17
| | | Add a Q on the scope of our issue tracker, and remove a legacy Q.
* add support for aes256-gcm@openssh.com decryption for SSH keys (#8738)Paul Kehrer2023-04-151-0/+4
| | | | | | | * add support for aes256-gcm@openssh.com decryption for SSH keys * review feedback * skip when bcrypt isn't present
* update docs for rust versions in debian and rhel (#8702)Paul Kehrer2023-04-101-3/+3
|
* Fix alpine installation docs (#8701)Alex Gaynor2023-04-101-1/+1
|
* we made WithSerialization an alias to the main types long ago (#8698)Paul Kehrer2023-04-105-82/+14
| | | stop documenting them entirely
* OCSP responses are responses, not certificates (#8696)Paul Kehrer2023-04-101-2/+2
|
* Support msCertificateTemplate extension (#8695)Paul Kehrer2023-04-102-0/+36
| | | | | | | * support ms certificate template * contortions for rust coverage * review feedback
* update docs for macOS dev with rust openssl (#8653)Paul Kehrer2023-04-021-18/+4
|
* Switch from tox to nox (#8651)Alex Gaynor2023-04-023-33/+15
|
* Added support for OCSP AcceptableResponses extension (#8617)Alex Gaynor2023-03-272-1/+32
| | | fixes #8589
* fix copyright years (#8595)Alex Gaynor2023-03-251-1/+1
| | | | | * fix copyright year in docs * update copyright year
* update MSRV 1.48.0 -> 1.56.0 (#8587)Paul Kehrer2023-03-241-2/+2
| | | | | * update MSRV 1.48.0 -> 1.56.0 * bump some deps for MSRV
* drop python 3.6 support (#8448)Paul Kehrer2023-03-241-3/+3
| | | | | | | | | | | * drop python 3.6 support * Update tests/hazmat/bindings/test_openssl.py Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com> --------- Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* drop support for openssl < 1.1.1d (#8449)Paul Kehrer2023-03-241-80/+2
| | | | | This removes the OS random engine, which contained the only CPython PSF licensed code in the repository. Accordingly, that license has now been removed.
* update docs about testing, switch to 3.1.0 across more of our CI (#8558)Paul Kehrer2023-03-211-4/+6
|
* Added support for handling python buffers in Rust code (#8556)Alex Gaynor2023-03-212-1/+6
| | | This is extra mega cursed, and strictly speaking unsound. It does, however, match the status quo ante, where someone mutating a buffer while its being used in cffi code will basically always be UB.
* Ressurect the PoC of OpenSSL from Rust (#7164)Alex Gaynor2023-03-151-11/+12
|
* Fix sample code for policy extension (#8489)shane-kearns2023-03-101-1/+1
|
* remove out of date details in random numbers docs (#8482)Alex Gaynor2023-03-101-5/+2
|
* On Windows, os.urandom doesn't use CryptGenRandom anymore (deprecated) (#8481)Alexandre Duc2023-03-091-1/+1
| | | but BCryptGenRandom()
* Make Union type aliases a documented public API (#8168)Marti Raudsepp2023-03-074-110/+205
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Rename Union type aliases to CamelCase Many `typing.Union` type aliases were previously using `UPPER_SNAKE_CASE`, but Python's convention is `CamelCase` for these (e.g. https://docs.python.org/3/library/typing.html#type-aliases) * Add utils.deprecated for the old non-underscore type aliases * Added documentation for new type aliases & minor tweaks * Use 'versionadded:: 40.0.0' * Fix CertificatePublicKeyTypes vs CertificateIssuerPublicKeyTypes. Rename CertificatePrivateKeyTypes to CertificateIssuerPrivateKeyTypes * Fix imports (ruff) * Fix one more versionadded * Tweak docs & Reorder: CertificateIssuerPublicKeyTypes before CertificateIssuerPrivateKeyTypes * Fix test mypy errors using cast() * Fix black, oops * Revert "Fix black, oops" This reverts commit 85344e231d697bdc0940e105f7aed729445f9743. * Revert "Fix test mypy errors using cast()" This reverts commit b272d8ca95fbbbc62060663f9e8930a139a7a43e. * Revert type of SubjectKeyIdentifier.from_public_key arg * Changelog tweak
* Update serialization.rst (#8464)Marty Hill2023-03-061-1/+1
| | | Proposed update to parameter in example call to pkcs12.serialize_key_and_certificates() on line 908.
* ignore ntt in linkcheck (#8423)Alex Gaynor2023-03-021-0/+2
|
* Update to the new wycheproof (#8403)Alex Gaynor2023-02-281-1/+1
|
* improve the custom build script slightly (#8392)Paul Kehrer2023-02-261-1/+1
| | | this will make it more robust to some upcoming pip changes
* fixes #8374 -- removed docs for removed method (#8377)Alex Gaynor2023-02-221-16/+0
| | | | | * fixes #8374 -- removed docs for removed method * Update CHANGELOG.rst
* Add shortcut methods for exporting EC keys as raw bytes (#8357)David Buchanan2023-02-224-0/+108
| | | | | | | | | | | | | | | | | * WIP: Add raw export alias method for x25519 keys * Ditto for x448, ed448, ed25519 * Document new private_bytes_raw public_bytes_raw methods * docs: Populate versionadded to be 40 * docs: Fix PublicFormat -> PrivateFormat where applicable * formatting * Update tests for test_pub_priv_bytes_raw in x25519, x448, ed448 (TODO: ed25519) * Add test_pub_priv_bytes_raw test for Ed25519
* Fix SSHCertificateBuilder sample code (#8373)Jake2023-02-221-3/+2
| | | | | Update SSHCertificateBuilder sample code to: * Correctly use the signing key when signing the certificate, rather than the user's own private key. * Generate the user's public key in one line, making it clearer to the reader that only the public key is an input to the certificate builder.
* embrace my inner nitpicker (#8361)Paul Kehrer2023-02-206-38/+38
| | | fixes all our versionadded/changed to match actual versions we released
* use the modern invocation for our sphinx rtd theme (#8243)Paul Kehrer2023-02-081-1/+1
| | | | | * use the modern invocation for our sphinx rtd theme * works with sphinx6?
* document that inheritance is not the way (#8204)Alex Gaynor2023-02-031-0/+3
| | | resolves #8186
* add support for bytes-like objects in data and associated_data in aead ↵Mat2023-02-021-19/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | algorithms (#8187) * add support for bytes-like objects in data and associated_data in aead algorithms * flake * flake again * rework AESSIV _check_params * flake and 80char columns * associated_data cannot be None in _check_params, set to [] in calling function * Update src/cryptography/hazmat/primitives/ciphers/aead.py Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com> * flake fix --------- Co-authored-by: mat gas <none@none.com> Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* update our security reporting instructions (#8171)Alex Gaynor2023-01-311-7/+6
|
* add CRL vector with an inner/outer signature OID mismatch (#8163)Paul Kehrer2023-01-291-0/+3
|
* Use the ruff 'pyupgrade' checks (#8104)Alex Gaynor2023-01-2010-48/+38
|
* test on jammy arm64 (and not focal) (#8101)Paul Kehrer2023-01-191-1/+1
| | | | | * test on jammy arm64 (and not focal) * actually py310
View Lorry Controller Status