summaryrefslogtreecommitdiff
path: root/src/cryptography/hazmat
Commit message (Collapse)AuthorAgeFilesLines
* fix signature of EllipticCurvePublicKey.verify() (#5808)Markus Wamser2021-02-101-1/+1
| | | The signature change was introduced in https://github.com/pyca/cryptography/pull/5729 but is inconsistent with respect to related methods, breaks backward compatibility and compatibility with the OpenSSL backend (and maybe other backends) when named arguments are used.
* fixed a circular import error (due to type hints) (#5800)Alex Gaynor2021-02-091-2/+2
| | | | fixes #5794 closes #5795
* fix import cycle with asymmetricpadding (#5758)Paul Kehrer2021-02-073-10/+19
| | | | | * fix import cycle with asymmetricpadding * Update src/cryptography/hazmat/primitives/_asymmetric.py
* port changelog and fix back to master for CVE-2020-36242 (#5748)Paul Kehrer2021-02-071-1/+1
|
* Added typing for a bunch of random stuff (#5743)Alex Gaynor2021-02-047-27/+42
|
* Added typing for more of ciphers (#5738)Alex Gaynor2021-02-015-29/+43
|
* Added typing for a bunch of methods (#5737)Alex Gaynor2021-02-017-23/+26
|
* rsa type hinting (#5733)Paul Kehrer2021-02-013-68/+182
| | | | | | | | | | | | | | | | | | | * rsa type hinting * remove unused import * missed return type * type fixes * ignores no longer required * black gets me every time * Update src/cryptography/hazmat/backends/openssl/rsa.py Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com> Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* KDF type hinting (#5735)Paul Kehrer2021-02-017-67/+115
| | | | | | | * KDF type hinting * more types * less contortions
* add optional block_size to the HashAlgorithm interface (#5736)Paul Kehrer2021-02-011-0/+14
| | | This makes typing ConcatKDF easier
* type hints for asym utils (#5734)Paul Kehrer2021-02-011-3/+5
|
* x25519/x448 type hints (#5731)Paul Kehrer2021-01-314-36/+68
| | | | | * x25519 type hints * x448 type hints
* poly1305 type hints (#5732)Paul Kehrer2021-01-311-6/+6
|
* add type hinting for ed25519 (#5728)Paul Kehrer2021-01-312-20/+37
|
* add EC type hinting (#5729)Paul Kehrer2021-01-312-60/+146
|
* ed448 type hints (#5730)Paul Kehrer2021-01-312-20/+37
|
* dsa type hinting (#5726)Paul Kehrer2021-01-313-127/+139
|
* reorg some types to prevent an import cycle (#5727)Paul Kehrer2021-01-312-1/+57
|
* DH types (#5725)Paul Kehrer2021-01-312-93/+118
|
* remove DSAParametersWithNumbers (#5724)Paul Kehrer2021-01-312-3/+4
| | | | Merged into DSAParameters, just like we did years ago for everything else. Somehow we missed this one.
* type updates from turning on unchecked-defs on tests (#5720)Paul Kehrer2021-01-316-44/+30
| | | test changes themselves will be in a separate PR
* make PrivateKeyWithSerialization an alias of PrivateKey (#5722)Paul Kehrer2021-01-319-27/+29
| | | | | * make PrivateKeyWithSerialization an alias of PrivateKey * black
* add serialization type hinting (#5718)Paul Kehrer2021-01-305-35/+134
| | | | | | | | | * add serialization type hinting * reorganize to prevent circular dependency * review feedback * damn you black
* type hinting for symmetric ciphers (#5719)Paul Kehrer2021-01-305-117/+153
| | | | | * type hinting for symmetric ciphers * make our interface verifier happy
* add type hints for twofactor (#5717)Paul Kehrer2021-01-303-15/+39
| | | | | * add type hints for twofactor * fix import ordering
* Apply type annotations to x509 ct and ocsp (#5712)Alex Gaynor2021-01-302-39/+43
|
* add typing to padding and constant time modules (#5714)Paul Kehrer2021-01-302-34/+51
|
* add typing to keywrap (#5715)Paul Kehrer2021-01-301-6/+19
|
* type hinting for hashes, hmac, and cmac (#5713)Paul Kehrer2021-01-306-57/+56
|
* Apply type annotations to the core x509 types (#5711)Alex Gaynor2021-01-302-84/+85
|
* Introduce the most very basic mypy type checking (#5706)Alex Gaynor2021-01-283-37/+35
| | | Nothing is really annotated, just getting to clean.
* Add ssl version constants (#5662)Maximilian Hils2020-12-211-0/+1
| | | | | | | | | | | | | | | * add ssl version constants * try to fix ci * try harder to fix ci * security: if unavailable, set protocol constants to nonexistent version * make linter happy * remove dtls constants * remove superfluous comment
* Update APIs to use non-deprecated OpenSSL ones where possible (#5633)Alex Gaynor2020-12-103-7/+7
| | | cherry picked from #4920
* Complete removal of py2 (#5533)Alex Gaynor2020-12-0926-215/+102
| | | | | * Drop Python 2 * Black everything
* we didn't actually commit the final doc fixes for the recover PR (#5614)Paul Kehrer2020-12-091-1/+1
|
* Remove utils.int_from_bytes (#5609)Alex Gaynor2020-12-093-5/+5
|
* Remove __future__ import from our code (#5610)Alex Gaynor2020-12-0970-81/+0
|
* Switch black to py36 as the minimum version (#5608)Alex Gaynor2020-12-082-2/+2
|
* Remove Python2 from CI and code that branched on it (#5607)Alex Gaynor2020-12-084-56/+17
| | | | | | | | | | | | | * Remove Python2 from CI and code that branched on it * Update setup.py Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com> * remove * review feedback Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>
* Add support for RSA signature recovery (#5573)Zoltan Kelemen2020-12-073-12/+70
| | | | | | | | | | | | | | | | | | * Removed unused argument. * Added support for RSA signature recovery. * Syntatic corrections for passing pep8 tests. * Corrected typo. * Added test of invalid Prehashed parameter to RSA signature recover. * Renamed recover to a more descriptive name. * Extended RSA signature recovery with option to return full data (not only the digest part). * Added missing words to pass spell check.
* Added tls bindings for new OpenSSL APIs (#5595)Alex Gaynor2020-12-011-0/+10
| | | | fixes #5379 closes #5483
* fixes #4531 -- support encoding SCTs in certificates (#5594)Alex Gaynor2020-11-302-3/+17
|
* disallow p less than 512-bit on DH (#5592)Paul Kehrer2020-11-292-2/+15
| | | | | | | | | | | | | | | | * disallow p less than 512-bit on DH OpenSSL 3.0.0 enforces this so we'll go ahead and enforce it everywhere that's practical for us. (Note that we do not enforce on deserializing PKCS1/PKCS8 keys in < 3.0.0, but this PR adds a test so that in the 3.0.0 support branch we can test an error path) * missing test * black * _MIN_MODULUS_SIZE is now a thing * skip on fips
* don't require errors to be on the stack when loading a key (#5590)Paul Kehrer2020-11-261-2/+1
| | | | | In OpenSSL 3.0.0 no error is added in many cases for this path and since we don't do anything with the error anyway we should just consume and move on
* Reduce granularity of error msging when deserializing keys (#5588)Paul Kehrer2020-11-261-17/+9
| | | | | | | | | | | | * Reduce granularity of error msging when deserializing keys In OpenSSL 3.0 it is no longer possible to determine whether the reason a key failed to deserialize is because of an unsupported cipher. Since we want to be more resilient to OpenSSL error code instability we'll just remove these paths. * black * changelog and update docs
* in OpenSSL 1.1.0+ error strings are automatically loaded (#5587)Paul Kehrer2020-11-261-2/+0
|
* Always rely on OpenSSL's builtin locking callbacks (#5561)Alex Gaynor2020-11-112-29/+1
|
* Fix broken links (#5552)Felix Fontein2020-11-101-5/+8
| | | | | * Fix broken links. * Shorter lines.
* GCM IV size limits (#5553)Paul Kehrer2020-11-092-7/+9
| | | | | | | | | | | | * GCM IV size limits OpenSSL 3.0.0 is going to enforce these size limits so we might as well put them in now. * fix the tests * black * these cases can't happen if we're limiting IV size already
* padding: Tip-toe around bytes subclasses. (#5548)Benjamin Peterson2020-11-041-2/+8
| | | | | This change allows future's newbytes class to be padded again. Fixes https://github.com/pyca/cryptography/issues/5547.
View Lorry Controller Status