delta/python-packages/cryptography.git/docs, branch dependabot/github_actions/actions/setup-python-v2.2.0 github.com: pyca/cryptography.git Build manylinux2014 wheels (#5642) 2020-12-12T18:45:20+00:00 Alex Gaynor alex.gaynor@gmail.com 2020-12-12T18:45:20+00:00 3e53910e90aaaa7652ff8952c512132481b3de1e 






we didn't actually commit the final doc fixes for the recover PR (#5614)
2020-12-09T15:04:20+00:00

Paul Kehrer
paul.l.kehrer@gmail.com

2020-12-09T15:04:20+00:00

08afd16f28d22c4530b36a42a7504b0a03a594e3












Remove __future__ import from our code (#5610)
2020-12-09T06:35:11+00:00

Alex Gaynor
alex.gaynor@gmail.com

2020-12-09T06:35:11+00:00

e0477596f7117845aa2d8768bf1b75162b3d915b












Switch black to py36 as the minimum version (#5608)
2020-12-09T05:40:21+00:00

Alex Gaynor
alex.gaynor@gmail.com

2020-12-09T05:40:21+00:00

7d4e567e16521288197aed23506f9370beadef66












Remove Python2 from CI and code that branched on it (#5607)
2020-12-09T05:10:10+00:00

Alex Gaynor
alex.gaynor@gmail.com

2020-12-09T05:10:10+00:00

ff12a375521e5b702d9d58c8a04604c65496eb54

* Remove Python2 from CI and code that branched on it

* Update setup.py

Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>

* remove

* review feedback

Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>




* Remove Python2 from CI and code that branched on it

* Update setup.py

Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>

* remove

* review feedback

Co-authored-by: Hugo van Kemenade <hugovk@users.noreply.github.com>






Add support for RSA signature recovery (#5573)
2020-12-08T04:58:04+00:00

Zoltan Kelemen
39551158+misterzed88@users.noreply.github.com

2020-12-08T04:58:04+00:00

6693d55cbe05c98c9e1fe3a8b08639f5491a572a

* Removed unused argument.

* Added support for RSA signature recovery.

* Syntatic corrections for passing pep8 tests.

* Corrected typo.

* Added test of invalid Prehashed parameter to RSA signature recover.

* Renamed recover to a more descriptive name.

* Extended RSA signature recovery with option to return full data (not
only the digest part).

* Added missing words to pass spell check.




* Removed unused argument.

* Added support for RSA signature recovery.

* Syntatic corrections for passing pep8 tests.

* Corrected typo.

* Added test of invalid Prehashed parameter to RSA signature recover.

* Renamed recover to a more descriptive name.

* Extended RSA signature recovery with option to return full data (not
only the digest part).

* Added missing words to pass spell check.






Document that PKCS1v1.5 is not constant time (#5600)
2020-12-07T04:12:44+00:00

Alex Gaynor
alex.gaynor@gmail.com

2020-12-07T04:12:44+00:00

8686d524b7b890bcbe6132b774bd72a3ae37cf0d

closes #5510




closes #5510






Document that Firefox doesn't support unencrypted pkcs12 (#5596)
2020-12-01T16:54:29+00:00

Alex Gaynor
alex.gaynor@gmail.com

2020-12-01T16:54:29+00:00

2660f93eca71be5558cfcb9a120310636791e6ec












disallow p less than 512-bit on DH (#5592)
2020-11-29T16:01:16+00:00

Paul Kehrer
paul.l.kehrer@gmail.com

2020-11-29T16:01:16+00:00

4645f02c25d7d336a6d922e428c72beb55fb04cb

* disallow p less than 512-bit on DH

OpenSSL 3.0.0 enforces this so we'll go ahead and enforce it everywhere
that's practical for us. (Note that we do not enforce on deserializing
PKCS1/PKCS8 keys in < 3.0.0, but this PR adds a test so that in the
3.0.0 support branch we can test an error path)

* missing test

* black

* _MIN_MODULUS_SIZE is now a thing

* skip on fips




* disallow p less than 512-bit on DH

OpenSSL 3.0.0 enforces this so we'll go ahead and enforce it everywhere
that's practical for us. (Note that we do not enforce on deserializing
PKCS1/PKCS8 keys in < 3.0.0, but this PR adds a test so that in the
3.0.0 support branch we can test an error path)

* missing test

* black

* _MIN_MODULUS_SIZE is now a thing

* skip on fips






Reduce granularity of error msging when deserializing keys (#5588)
2020-11-26T19:07:25+00:00

Paul Kehrer
paul.l.kehrer@gmail.com

2020-11-26T19:07:25+00:00

ac4c22168f196921bfe00348250ff138e64bcd37

* Reduce granularity of error msging when deserializing keys

In OpenSSL 3.0 it is no longer possible to determine whether the reason
a key failed to deserialize is because of an unsupported cipher. Since
we want to be more resilient to OpenSSL error code instability we'll
just remove these paths.

* black

* changelog and update docs




* Reduce granularity of error msging when deserializing keys

In OpenSSL 3.0 it is no longer possible to determine whether the reason
a key failed to deserialize is because of an unsupported cipher. Since
we want to be more resilient to OpenSSL error code instability we'll
just remove these paths.

* black

* changelog and update docs