Upgrade cryptography from 2.5 to 3.3
Source code is from https://github.com/pyca/cryptography/tree/3.3.x
Run setup.py locally and rename _openssl.so/_padding.so
Bug: 205265538
Test: None
Change-Id: If031739ef5830ba2fb177add74515e4660e2906e
diff --git a/docs/development/c-bindings.rst b/docs/development/c-bindings.rst
index 1b58dab..e53e0ba 100644
--- a/docs/development/c-bindings.rst
+++ b/docs/development/c-bindings.rst
@@ -5,7 +5,7 @@
.. _cffi: https://cffi.readthedocs.io
-Bindings live in :py:mod:`cryptography.hazmat.bindings`.
+Bindings live in ``cryptography.hazmat.bindings``.
When modifying the bindings you will need to recompile the C extensions to
test the changes. This can be accomplished with ``pip install -e .`` in the
@@ -189,9 +189,9 @@
Sometimes, a set of loosely related features are added in the same
version, and it's impractical to create ``#ifdef`` statements for each
one. In that case, it may make sense to either check for a particular
-version. For example, to check for OpenSSL 1.1.0 or newer::
+version. For example, to check for OpenSSL 1.1.1 or newer::
- #if CRYPTOGRAPHY_OPENSSL_110_OR_GREATER
+ #if CRYPTOGRAPHY_OPENSSL_111_OR_GREATER
Sometimes, the version of a library on a particular platform will have
features that you thought it wouldn't, based on its version.
diff --git a/docs/development/custom-vectors/arc4/generate_arc4.py b/docs/development/custom-vectors/arc4/generate_arc4.py
index 3dee44a..2ca85c9 100644
--- a/docs/development/custom-vectors/arc4/generate_arc4.py
+++ b/docs/development/custom-vectors/arc4/generate_arc4.py
@@ -12,10 +12,14 @@
_RFC6229_KEY_MATERIALS = [
- (True,
- 8 * '0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20'),
- (False,
- 8 * '1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a')
+ (
+ True,
+ 8 * "0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20",
+ ),
+ (
+ False,
+ 8 * "1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a",
+ ),
]
@@ -37,42 +41,43 @@
3056,
3072,
4080,
- 4096
+ 4096,
]
-_SIZES_TO_GENERATE = [
- 160
-]
+_SIZES_TO_GENERATE = [160]
def _key_for_size(size, keyinfo):
msb, key = keyinfo
if msb:
- return key[:size // 4]
+ return key[: size // 4]
else:
- return key[-size // 4:]
+ return key[-size // 4 :]
def _build_vectors():
count = 0
output = []
key = None
- plaintext = binascii.unhexlify(32 * '0')
+ plaintext = binascii.unhexlify(32 * "0")
for size in _SIZES_TO_GENERATE:
for keyinfo in _RFC6229_KEY_MATERIALS:
key = _key_for_size(size, keyinfo)
cipher = ciphers.Cipher(
algorithms.ARC4(binascii.unhexlify(key)),
None,
- default_backend())
+ default_backend(),
+ )
encryptor = cipher.encryptor()
current_offset = 0
for offset in _RFC6229_OFFSETS:
if offset % 16 != 0:
raise ValueError(
- "Offset {} is not evenly divisible by 16"
- .format(offset))
+ "Offset {} is not evenly divisible by 16".format(
+ offset
+ )
+ )
while current_offset < offset:
encryptor.update(plaintext)
current_offset += len(plaintext)
@@ -80,19 +85,23 @@
count += 1
output.append("KEY = {}".format(key))
output.append("OFFSET = {}".format(offset))
- output.append("PLAINTEXT = {}".format(
- binascii.hexlify(plaintext)))
- output.append("CIPHERTEXT = {}".format(
- binascii.hexlify(encryptor.update(plaintext))))
+ output.append(
+ "PLAINTEXT = {}".format(binascii.hexlify(plaintext))
+ )
+ output.append(
+ "CIPHERTEXT = {}".format(
+ binascii.hexlify(encryptor.update(plaintext))
+ )
+ )
current_offset += len(plaintext)
assert not encryptor.finalize()
return "\n".join(output)
def _write_file(data, filename):
- with open(filename, 'w') as f:
+ with open(filename, "w") as f:
f.write(data)
-if __name__ == '__main__':
- _write_file(_build_vectors(), 'arc4.txt')
+if __name__ == "__main__":
+ _write_file(_build_vectors(), "arc4.txt")
diff --git a/docs/development/custom-vectors/cast5/generate_cast5.py b/docs/development/custom-vectors/cast5/generate_cast5.py
index a0e28e3..5208b90 100644
--- a/docs/development/custom-vectors/cast5/generate_cast5.py
+++ b/docs/development/custom-vectors/cast5/generate_cast5.py
@@ -14,7 +14,7 @@
cipher = base.Cipher(
algorithms.CAST5(binascii.unhexlify(key)),
mode(binascii.unhexlify(iv)),
- default_backend()
+ default_backend(),
)
encryptor = cipher.encryptor()
ct = encryptor.update(binascii.unhexlify(plaintext))
@@ -23,33 +23,36 @@
def build_vectors(mode, filename):
- vector_file = open(filename, "r")
-
count = 0
output = []
key = None
iv = None
plaintext = None
- for line in vector_file:
- line = line.strip()
- if line.startswith("KEY"):
- if count != 0:
- output.append("CIPHERTEXT = {}".format(
- encrypt(mode, key, iv, plaintext))
- )
- output.append("\nCOUNT = {}".format(count))
- count += 1
- name, key = line.split(" = ")
- output.append("KEY = {}".format(key))
- elif line.startswith("IV"):
- name, iv = line.split(" = ")
- iv = iv[0:16]
- output.append("IV = {}".format(iv))
- elif line.startswith("PLAINTEXT"):
- name, plaintext = line.split(" = ")
- output.append("PLAINTEXT = {}".format(plaintext))
- output.append("CIPHERTEXT = {}".format(encrypt(mode, key, iv, plaintext)))
+ with open(filename, "r") as vector_file:
+ for line in vector_file:
+ line = line.strip()
+ if line.startswith("KEY"):
+ if count != 0:
+ output.append(
+ "CIPHERTEXT = {}".format(
+ encrypt(mode, key, iv, plaintext)
+ )
+ )
+ output.append("\nCOUNT = {}".format(count))
+ count += 1
+ name, key = line.split(" = ")
+ output.append("KEY = {}".format(key))
+ elif line.startswith("IV"):
+ name, iv = line.split(" = ")
+ iv = iv[0:16]
+ output.append("IV = {}".format(iv))
+ elif line.startswith("PLAINTEXT"):
+ name, plaintext = line.split(" = ")
+ output.append("PLAINTEXT = {}".format(plaintext))
+ output.append(
+ "CIPHERTEXT = {}".format(encrypt(mode, key, iv, plaintext))
+ )
return "\n".join(output)
diff --git a/docs/development/custom-vectors/hkdf/generate_hkdf.py b/docs/development/custom-vectors/hkdf/generate_hkdf.py
index 767aedd..aa2fc27 100644
--- a/docs/development/custom-vectors/hkdf/generate_hkdf.py
+++ b/docs/development/custom-vectors/hkdf/generate_hkdf.py
@@ -13,27 +13,31 @@
IKM = binascii.unhexlify(b"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b")
L = 1200
OKM = HKDF(
- algorithm=hashes.SHA256(), length=L, salt=None, info=None,
- backend=default_backend()
+ algorithm=hashes.SHA256(),
+ length=L,
+ salt=None,
+ info=None,
+ backend=default_backend(),
).derive(IKM)
def _build_vectors():
- output = []
- output.append("COUNT = 0")
- output.append("Hash = SHA-256")
- output.append("IKM = " + binascii.hexlify(IKM).decode("ascii"))
- output.append("salt = ")
- output.append("info = ")
- output.append("L = {}".format(L))
- output.append("OKM = " + binascii.hexlify(OKM).decode("ascii"))
+ output = [
+ "COUNT = 0",
+ "Hash = SHA-256",
+ "IKM = " + binascii.hexlify(IKM).decode("ascii"),
+ "salt = ",
+ "info = ",
+ "L = {}".format(L),
+ "OKM = " + binascii.hexlify(OKM).decode("ascii"),
+ ]
return "\n".join(output)
def _write_file(data, filename):
- with open(filename, 'w') as f:
+ with open(filename, "w") as f:
f.write(data)
-if __name__ == '__main__':
- _write_file(_build_vectors(), 'hkdf.txt')
+if __name__ == "__main__":
+ _write_file(_build_vectors(), "hkdf.txt")
diff --git a/docs/development/custom-vectors/idea/generate_idea.py b/docs/development/custom-vectors/idea/generate_idea.py
index 2eb6996..0030956 100644
--- a/docs/development/custom-vectors/idea/generate_idea.py
+++ b/docs/development/custom-vectors/idea/generate_idea.py
@@ -8,7 +8,7 @@
cipher = base.Cipher(
algorithms.IDEA(binascii.unhexlify(key)),
mode(binascii.unhexlify(iv)),
- backend
+ backend,
)
encryptor = cipher.encryptor()
ct = encryptor.update(binascii.unhexlify(plaintext))
@@ -29,8 +29,10 @@
line = line.strip()
if line.startswith("KEY"):
if count != 0:
- output.append("CIPHERTEXT = {0}".format(
- encrypt(mode, key, iv, plaintext))
+ output.append(
+ "CIPHERTEXT = {0}".format(
+ encrypt(mode, key, iv, plaintext)
+ )
)
output.append("\nCOUNT = {0}".format(count))
count += 1
diff --git a/docs/development/custom-vectors/idea/verify_idea.py b/docs/development/custom-vectors/idea/verify_idea.py
index 89713c8..d356de0 100644
--- a/docs/development/custom-vectors/idea/verify_idea.py
+++ b/docs/development/custom-vectors/idea/verify_idea.py
@@ -8,11 +8,13 @@
def encrypt(mode, key, iv, plaintext):
- encryptor = botan.Cipher("IDEA/{0}/NoPadding".format(mode), "encrypt",
- binascii.unhexlify(key))
+ encryptor = botan.Cipher(
+ "IDEA/{0}/NoPadding".format(mode), "encrypt", binascii.unhexlify(key)
+ )
- cipher_text = encryptor.cipher(binascii.unhexlify(plaintext),
- binascii.unhexlify(iv))
+ cipher_text = encryptor.cipher(
+ binascii.unhexlify(plaintext), binascii.unhexlify(iv)
+ )
return binascii.hexlify(cipher_text)
@@ -22,12 +24,7 @@
vectors = load_nist_vectors(vector_file)
for vector in vectors:
- ct = encrypt(
- mode,
- vector["key"],
- vector["iv"],
- vector["plaintext"]
- )
+ ct = encrypt(mode, vector["key"], vector["iv"], vector["plaintext"])
assert ct == vector["ciphertext"]
diff --git a/docs/development/custom-vectors/rsa-oaep-sha2/generate_rsa_oaep_sha2.py b/docs/development/custom-vectors/rsa-oaep-sha2/generate_rsa_oaep_sha2.py
index bd5148f..a43e150 100644
--- a/docs/development/custom-vectors/rsa-oaep-sha2/generate_rsa_oaep_sha2.py
+++ b/docs/development/custom-vectors/rsa-oaep-sha2/generate_rsa_oaep_sha2.py
@@ -62,9 +62,8 @@
dmq1=private["dmq1"],
iqmp=private["iqmp"],
public_numbers=rsa.RSAPublicNumbers(
- e=private["public_exponent"],
- n=private["modulus"]
- )
+ e=private["public_exponent"], n=private["modulus"]
+ ),
).private_key(backend)
count = 1
@@ -74,8 +73,8 @@
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA1()),
algorithm=hashes.SHA1(),
- label=None
- )
+ label=None,
+ ),
)
assert message == binascii.unhexlify(example["message"])
ct = pkey.encrypt(
@@ -83,8 +82,8 @@
padding.OAEP(
mgf=padding.MGF1(algorithm=mgf1alg),
algorithm=hashalg,
- label=None
- )
+ label=None,
+ ),
)
output.append(
b"# OAEP Example {0} alg={1} mgf1={2}".format(
@@ -116,13 +115,12 @@
hashes.SHA512(),
]
for hashtuple in itertools.product(hashalgs, hashalgs):
- if (
- isinstance(hashtuple[0], hashes.SHA1) and
- isinstance(hashtuple[1], hashes.SHA1)
+ if isinstance(hashtuple[0], hashes.SHA1) and isinstance(
+ hashtuple[1], hashes.SHA1
):
continue
write_file(
build_vectors(hashtuple[0], hashtuple[1], oaep_path),
- "oaep-{0}-{1}.txt".format(hashtuple[0].name, hashtuple[1].name)
+ "oaep-{0}-{1}.txt".format(hashtuple[0].name, hashtuple[1].name),
)
diff --git a/docs/development/custom-vectors/secp256k1/generate_secp256k1.py b/docs/development/custom-vectors/secp256k1/generate_secp256k1.py
index d6a2071..bfb150b 100644
--- a/docs/development/custom-vectors/secp256k1/generate_secp256k1.py
+++ b/docs/development/custom-vectors/secp256k1/generate_secp256k1.py
@@ -10,9 +10,7 @@
from cryptography_vectors import open_vector_file
-from tests.utils import (
- load_fips_ecdsa_signing_vectors, load_vectors_from_file
-)
+from tests.utils import load_fips_ecdsa_signing_vectors, load_vectors_from_file
HASHLIB_HASH_TYPES = {
"SHA-1": hashlib.sha1,
@@ -32,13 +30,13 @@
return self
def digest(self):
- return self.hasher.digest()[:256 // 8]
+ return self.hasher.digest()[: 256 // 8]
def build_vectors(fips_vectors):
vectors = defaultdict(list)
for vector in fips_vectors:
- vectors[vector['digest_algorithm']].append(vector['message'])
+ vectors[vector["digest_algorithm"]].append(vector["message"])
for digest_algorithm, messages in vectors.items():
if digest_algorithm not in HASHLIB_HASH_TYPES:
@@ -55,8 +53,9 @@
# Sign the message using warner/ecdsa
secret_key = SigningKey.generate(curve=SECP256k1)
public_key = secret_key.get_verifying_key()
- signature = secret_key.sign(message, hashfunc=hash_func,
- sigencode=sigencode_der)
+ signature = secret_key.sign(
+ message, hashfunc=hash_func, sigencode=sigencode_der
+ )
r, s = sigdecode_der(signature, None)
@@ -79,12 +78,8 @@
dest_path = os.path.join("asymmetric", "ECDSA", "SECP256K1", "SigGen.txt")
fips_vectors = load_vectors_from_file(
- source_path,
- load_fips_ecdsa_signing_vectors
+ source_path, load_fips_ecdsa_signing_vectors
)
with open_vector_file(dest_path, "w") as dest_file:
- write_file(
- build_vectors(fips_vectors),
- dest_file
- )
+ write_file(build_vectors(fips_vectors), dest_file)
diff --git a/docs/development/custom-vectors/secp256k1/verify_secp256k1.py b/docs/development/custom-vectors/secp256k1/verify_secp256k1.py
index b236d77..f721b00 100644
--- a/docs/development/custom-vectors/secp256k1/verify_secp256k1.py
+++ b/docs/development/custom-vectors/secp256k1/verify_secp256k1.py
@@ -6,12 +6,10 @@
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.asymmetric.utils import (
- encode_dss_signature
+ encode_dss_signature,
)
-from tests.utils import (
- load_fips_ecdsa_signing_vectors, load_vectors_from_file
-)
+from tests.utils import load_fips_ecdsa_signing_vectors, load_vectors_from_file
CRYPTOGRAPHY_HASH_TYPES = {
"SHA-1": hashes.SHA1,
@@ -23,37 +21,32 @@
def verify_one_vector(vector):
- digest_algorithm = vector['digest_algorithm']
- message = vector['message']
- x = vector['x']
- y = vector['y']
- signature = encode_dss_signature(vector['r'], vector['s'])
+ digest_algorithm = vector["digest_algorithm"]
+ message = vector["message"]
+ x = vector["x"]
+ y = vector["y"]
+ signature = encode_dss_signature(vector["r"], vector["s"])
- numbers = ec.EllipticCurvePublicNumbers(
- x, y,
- ec.SECP256K1()
- )
+ numbers = ec.EllipticCurvePublicNumbers(x, y, ec.SECP256K1())
key = numbers.public_key(default_backend())
verifier = key.verifier(
- signature,
- ec.ECDSA(CRYPTOGRAPHY_HASH_TYPES[digest_algorithm]())
+ signature, ec.ECDSA(CRYPTOGRAPHY_HASH_TYPES[digest_algorithm]())
)
verifier.update(message)
- return verifier.verify()
+ verifier.verify()
def verify_vectors(vectors):
for vector in vectors:
- assert verify_one_vector(vector)
+ verify_one_vector(vector)
vector_path = os.path.join("asymmetric", "ECDSA", "SECP256K1", "SigGen.txt")
secp256k1_vectors = load_vectors_from_file(
- vector_path,
- load_fips_ecdsa_signing_vectors
+ vector_path, load_fips_ecdsa_signing_vectors
)
verify_vectors(secp256k1_vectors)
diff --git a/docs/development/custom-vectors/seed/generate_seed.py b/docs/development/custom-vectors/seed/generate_seed.py
index 5c62d67..046fcfb 100644
--- a/docs/development/custom-vectors/seed/generate_seed.py
+++ b/docs/development/custom-vectors/seed/generate_seed.py
@@ -8,7 +8,7 @@
cipher = base.Cipher(
algorithms.SEED(binascii.unhexlify(key)),
mode(binascii.unhexlify(iv)),
- backend
+ backend,
)
encryptor = cipher.encryptor()
ct = encryptor.update(binascii.unhexlify(plaintext))
@@ -29,8 +29,10 @@
line = line.strip()
if line.startswith("KEY"):
if count != 0:
- output.append("CIPHERTEXT = {0}".format(
- encrypt(mode, key, iv, plaintext))
+ output.append(
+ "CIPHERTEXT = {0}".format(
+ encrypt(mode, key, iv, plaintext)
+ )
)
output.append("\nCOUNT = {0}".format(count))
count += 1
diff --git a/docs/development/custom-vectors/seed/verify_seed.py b/docs/development/custom-vectors/seed/verify_seed.py
index e626428..252088d 100644
--- a/docs/development/custom-vectors/seed/verify_seed.py
+++ b/docs/development/custom-vectors/seed/verify_seed.py
@@ -6,11 +6,13 @@
def encrypt(mode, key, iv, plaintext):
- encryptor = botan.Cipher("SEED/{0}/NoPadding".format(mode), "encrypt",
- binascii.unhexlify(key))
+ encryptor = botan.Cipher(
+ "SEED/{0}/NoPadding".format(mode), "encrypt", binascii.unhexlify(key)
+ )
- cipher_text = encryptor.cipher(binascii.unhexlify(plaintext),
- binascii.unhexlify(iv))
+ cipher_text = encryptor.cipher(
+ binascii.unhexlify(plaintext), binascii.unhexlify(iv)
+ )
return binascii.hexlify(cipher_text)
@@ -20,12 +22,7 @@
vectors = load_nist_vectors(vector_file)
for vector in vectors:
- ct = encrypt(
- mode,
- vector["key"],
- vector["iv"],
- vector["plaintext"]
- )
+ ct = encrypt(mode, vector["key"], vector["iv"], vector["plaintext"])
assert ct == vector["ciphertext"]
diff --git a/docs/development/getting-started.rst b/docs/development/getting-started.rst
index cc333e4..1d939a9 100644
--- a/docs/development/getting-started.rst
+++ b/docs/development/getting-started.rst
@@ -81,7 +81,7 @@
...
py27: commands succeeded
ERROR: pypy: InterpreterNotFound: pypy
- py34: commands succeeded
+ py38: commands succeeded
docs: commands succeeded
pep8: commands succeeded
diff --git a/docs/development/reviewing-patches.rst b/docs/development/reviewing-patches.rst
index bd3ee96..0844618 100644
--- a/docs/development/reviewing-patches.rst
+++ b/docs/development/reviewing-patches.rst
@@ -7,18 +7,18 @@
When reviewing a patch try to keep each of these concepts in mind:
-Architecture
-------------
-
-* Is the proposed change being made in the correct place? Is it a fix in a
- backend when it should be in the primitives?
-
Intent
------
* What is the change being proposed?
* Do we want this feature or is the bug they're fixing really a bug?
+Architecture
+------------
+
+* Is the proposed change being made in the correct place? Is it a fix in a
+ backend when it should be in the primitives?
+
Implementation
--------------
diff --git a/docs/development/submitting-patches.rst b/docs/development/submitting-patches.rst
index ec00aa5..b4ed175 100644
--- a/docs/development/submitting-patches.rst
+++ b/docs/development/submitting-patches.rst
@@ -19,9 +19,10 @@
----
When in doubt, refer to :pep:`8` for Python code. You can check if your code
-meets our automated requirements by running ``flake8`` against it. If you've
-installed the development requirements this will automatically use our
-configuration. You can also run the ``tox`` job with ``tox -e pep8``.
+meets our automated requirements by formatting it with ``black`` and running
+``flake8`` against it. If you've installed the development requirements this
+will automatically use our configuration. You can also run the ``tox`` job with
+``tox -e pep8``.
`Write comments as complete sentences.`_
@@ -80,10 +81,9 @@
output in order to allow transparent upgrading of the algorithms in use, as
the algorithms or parameters needed to achieve a given security margin evolve.
-APIs at the :doc:`/hazmat/primitives/index` layer should always take an
-explicit backend, APIs at the recipes layer should automatically use the
-:func:`~cryptography.hazmat.backends.default_backend`, but optionally allow
-specifying a different backend.
+APIs at the :doc:`/hazmat/primitives/index` and recipes layer should
+automatically use the :func:`~cryptography.hazmat.backends.default_backend`,
+but optionally allow specifying a different backend.
C bindings
~~~~~~~~~~
@@ -156,6 +156,6 @@
.. _`Write comments as complete sentences.`: https://nedbatchelder.com/blog/201401/comments_should_be_sentences.html
.. _`syntax`: https://www.sphinx-doc.org/en/master/usage/restructuredtext/domains.html#info-field-lists
-.. _`Studies have shown`: https://smartbear.com/SmartBear/media/pdfs/11_Best_Practices_for_Peer_Code_Review.pdf
+.. _`Studies have shown`: https://smartbear.com/learn/code-review/best-practices-for-peer-code-review/
.. _`our mailing list`: https://mail.python.org/mailman/listinfo/cryptography-dev
.. _`doc8`: https://github.com/openstack/doc8
diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst
index df1ecfa..f952337 100644
--- a/docs/development/test-vectors.rst
+++ b/docs/development/test-vectors.rst
@@ -23,7 +23,7 @@
continuous integration environments.
We have ensured all test vectors are used as of commit
-``c313761979d74b0417230eddd0f87d0cfab2b46b``.
+``2196000605e45d91097147c9c71f26b72af58003``.
Asymmetric ciphers
~~~~~~~~~~~~~~~~~~
@@ -78,6 +78,8 @@
* ``asymmetric/PEM_Serialization/rsa_public_key.pem`` and
``asymmetric/DER_Serialization/rsa_public_key.der``- Contains an RSA 2048
bit public generated using OpenSSL from ``rsa_private_key.pem``.
+* ``asymmetric/PEM_Serialization/dsa_4096.pem`` - Contains a 4096-bit DSA
+ private key generated using OpenSSL.
* ``asymmetric/PEM_Serialization/dsaparam.pem`` - Contains 2048-bit DSA
parameters generated using OpenSSL; contains no keys.
* ``asymmetric/PEM_Serialization/dsa_private_key.pem`` - Contains a DSA 2048
@@ -86,6 +88,11 @@
* ``asymmetric/PEM_Serialization/dsa_public_key.pem`` and
``asymmetric/DER_Serialization/dsa_public_key.der`` - Contains a DSA 2048 bit
key generated using OpenSSL from ``dsa_private_key.pem``.
+* ``asymmetric/DER_Serialization/dsa_public_key_no_params.der`` - Contains a
+ DSA public key with the optional parameters removed.
+* ``asymmetric/DER_Serialization/dsa_public_key_invalid_bit_string.der`` -
+ Contains a DSA public key with the bit string padding value set to 2 rather
+ than the required 0.
* ``asymmetric/PKCS8/unenc-dsa-pkcs8.pem`` and
``asymmetric/DER_Serialization/unenc-dsa-pkcs8.der`` - Contains a DSA 1024
bit key generated using OpenSSL.
@@ -102,6 +109,8 @@
* ``x509/custom/ca/ca_key.pem`` - An unencrypted PCKS8 ``secp256r1`` key. It is
the private key for the certificate ``x509/custom/ca/ca.pem``. This key is
encoded in several of the PKCS12 custom vectors.
+* ``x509/custom/ca/rsa_key.pem`` - An unencrypted PCKS8 4096 bit RSA key. It is
+ the private key for the certificate ``x509/custom/ca/rsa_ca.pem``.
* ``asymmetric/EC/compressed_points.txt`` - Contains compressed public points
generated using OpenSSL.
* ``asymmetric/X448/x448-pkcs8-enc.pem`` and
@@ -111,6 +120,13 @@
contain an unencrypted X448 key.
* ``asymmetric/X448/x448-pub.pem`` and ``asymmetric/X448/x448-pub.der`` contain
an X448 public key.
+* ``asymmetric/Ed25519/ed25519-pkcs8-enc.pem`` and
+ ``asymmetric/Ed25519/ed25519-pkcs8-enc.der`` contain an Ed25519 key encrypted
+ with AES 256 CBC with the password ``password``.
+* ``asymmetric/Ed25519/ed25519-pkcs8.pem`` and
+ ``asymmetric/Ed25519/ed25519-pkcs8.der`` contain an unencrypted Ed25519 key.
+* ``asymmetric/Ed25519/ed25519-pub.pem`` and
+ ``asymmetric/Ed25519/ed25519-pub.der`` contain an Ed25519 public key.
* ``asymmetric/X25519/x25519-pkcs8-enc.pem`` and
``asymmetric/X25519/x25519-pkcs8-enc.der`` contain an X25519 key encrypted
with AES 256 CBC with the password ``password``.
@@ -118,6 +134,13 @@
``asymmetric/X25519/x25519-pkcs8.der`` contain an unencrypted X25519 key.
* ``asymmetric/X25519/x25519-pub.pem`` and ``asymmetric/X25519/x25519-pub.der``
contain an X25519 public key.
+* ``asymmetric/Ed448/ed448-pkcs8-enc.pem`` and
+ ``asymmetric/Ed448/ed448-pkcs8-enc.der`` contain an Ed448 key encrypted
+ with AES 256 CBC with the password ``password``.
+* ``asymmetric/Ed448/ed448-pkcs8.pem`` and
+ ``asymmetric/Ed448/ed448-pkcs8.der`` contain an unencrypted Ed448 key.
+* ``asymmetric/Ed448/ed448-pub.pem`` and ``asymmetric/Ed448/ed448-pub.der``
+ contain an Ed448 public key.
Key exchange
@@ -161,6 +184,8 @@
``vectors/cryptography_vectors/asymmetric/DH/dhkey_rfc5114_2.der`` and
``vectors/cryptography_vectors/asymmetric/DH/dhpub_rfc5114_2.der`` contains
are the above parameters and keys in DER format.
+* ``vectors/cryptography_vectors/asymmetric/DH/dh_key_256.pem`` contains
+ a PEM PKCS8 encoded DH key with a 256-bit key size.
* ``vectors/cryptoraphy_vectors/asymmetric/ECDH/brainpool.txt`` contains
Brainpool vectors from :rfc:`7027`.
@@ -217,6 +242,17 @@
UTCTime in its validity->not_after.
* ``letsencryptx3.pem`` - A subordinate certificate used by Let's Encrypt to
issue end entity certificates.
+* ``ed25519-rfc8410.pem`` - A certificate containing an X25519 public key with
+ an ``ed25519`` signature taken from :rfc:`8410`.
+* ``root-ed25519.pem`` - An ``ed25519`` root certificate (``ed25519`` signature
+ with ``ed25519`` public key) from the OpenSSL test suite.
+ (`root-ed25519.pem`_)
+* ``server-ed25519-cert.pem`` - An ``ed25519`` server certificate (RSA
+ signature with ``ed25519`` public key) from the OpenSSL test suite.
+ (`server-ed25519-cert.pem`_)
+* ``server-ed448-cert.pem`` - An ``ed448`` server certificate (RSA
+ signature with ``ed448`` public key) from the OpenSSL test suite.
+ (`server-ed448-cert.pem`_)
Custom X.509 Vectors
~~~~~~~~~~~~~~~~~~~~
@@ -371,9 +407,19 @@
a ``policyConstraints`` extension with a ``requireExplicitPolicy`` value.
* ``freshestcrl.pem`` - A self-signed certificate containing a ``freshestCRL``
extension.
+* ``sia.pem`` - An RSA 2048 bit self-signed certificate containing a subject
+ information access extension with both a CA repository entry and a custom
+ OID entry.
* ``ca/ca.pem`` - A self-signed certificate with ``basicConstraints`` set to
true. Its private key is ``ca/ca_key.pem``. This certificate is encoded in
several of the PKCS12 custom vectors.
+* ``negative_serial.pem`` - A certificate with a serial number that is a
+ negative number.
+* ``rsa_pss.pem`` - A certificate with an RSA PSS signature.
+* ``root-ed448.pem`` - An ``ed448`` self-signed CA certificate
+ using ``ed448-pkcs8.pem`` as key.
+* ``ca/rsa_ca.pem`` - A self-signed RSA certificate with ``basicConstraints``
+ set to true. Its private key is ``ca/rsa_key.pem``.
Custom X.509 Request Vectors
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -406,6 +452,14 @@
critical.
* ``invalid_signature.pem`` - A certificate signing request for an RSA
1024 bit key containing an invalid signature with correct padding.
+* ``challenge.pem`` - A certificate signing request for an RSA 2048 bit key
+ containing a challenge password.
+* ``challenge-invalid.der`` - A certificate signing request for an RSA 2048 bit
+ key containing a challenge password attribute that has been encoded as an
+ ASN.1 integer rather than a string.
+* ``challenge-unstructured.pem`` - A certificate signing request for an RSA
+ 2048 bit key containing a challenge password attribute and an unstructured
+ name attribute.
Custom X.509 Certificate Revocation List Vectors
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -480,6 +534,12 @@
contains a revoked certificate and no ``nextUpdate`` value.
* ``x509/ocsp/resp-invalid-signature-oid.der`` - An OCSP response that was
modified to contain an MD2 signature algorithm object identifier.
+* ``x509/ocsp/resp-single-extension-reason.der`` - An OCSP response that
+ contains a ``CRLReason`` single extension.
+* ``x509/ocsp/resp-sct-extension.der`` - An OCSP response containing a
+ ``CT Certificate SCTs`` single extension, from the SwissSign OCSP responder.
+* ``x509/ocsp/ocsp-army.deps.mil-resp.der`` - An OCSP response containing
+ multiple ``SINGLERESP`` values.
Custom X.509 OCSP Test Vectors
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -515,6 +575,49 @@
(``x509/custom/ca/ca.pem``) encrypted via AES 256 CBC with the
password ``cryptography`` and no private key.
+Custom PKCS7 Test Vectors
+~~~~~~~~~~~~~~~~~~~~~~~~~
+* ``pkcs7/isrg.pem`` - A PEM encoded PKCS7 file containing the ISRG X1 root
+ CA.
+* ``pkcs7/amazon-roots.p7b`` - A DER encoded PCKS7 file containing Amazon Root
+ CA 2 and 3.
+* ``pkcs7/enveloped.pem`` - A PEM encoded PKCS7 file with enveloped data.
+
+Custom OpenSSH Test Vectors
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Generated by
+``asymmetric/OpenSSH/gen.sh``
+using command-line tools from OpenSSH_7.6p1 package.
+
+* ``dsa-nopsw.key``, ``dsa-nopsw.key.pub``, ``dsa-nopsw.key-cert.pub`` -
+ DSA-1024 private key; and corresponding public key in plain format
+ and with self-signed certificate.
+* ``dsa-psw.key``, ``dsa-psw.key.pub`` -
+ Password-protected DSA-1024 private key and corresponding public key.
+ Password is "password".
+* ``ecdsa-nopsw.key``, ``ecdsa-nopsw.key.pub``,
+ ``ecdsa-nopsw.key-cert.pub`` -
+ SECP256R1 private key; and corresponding public key in plain format
+ and with self-signed certificate.
+* ``ecdsa-psw.key``, ``ecdsa-psw.key.pub`` -
+ Password-protected SECP384R1 private key and corresponding public key.
+ Password is "password".
+* ``ed25519-nopsw.key``, ``ed25519-nopsw.key.pub``,
+ ``ed25519-nopsw.key-cert.pub`` -
+ Ed25519 private key; and corresponding public key in plain format
+ and with self-signed certificate.
+* ``ed25519-psw.key``, ``ed25519-psw.key.pub`` -
+ Password-protected Ed25519 private key and corresponding public key.
+ Password is "password".
+* ``rsa-nopsw.key``, ``rsa-nopsw.key.pub``,
+ ``rsa-nopsw.key-cert.pub`` -
+ RSA-2048 private key; and corresponding public key in plain format
+ and with self-signed certificate.
+* ``rsa-psw.key``, ``rsa-psw.key.pub`` -
+ Password-protected RSA-2048 private key and corresponding public key.
+ Password is "password".
+
Hashes
~~~~~~
@@ -593,6 +696,11 @@
* AES-128, AES-192, AES-256, 3DES from `NIST SP-800-38B`_
+Poly1305
+~~~~~~~~
+
+* Test vectors from :rfc:`7539`.
+
Creating test vectors
---------------------
@@ -629,7 +737,7 @@
.. _`IETF`: https://www.ietf.org/
.. _`Project Wycheproof`: https://github.com/google/wycheproof
.. _`NIST CAVP`: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program
-.. _`Bruce Schneier's vectors`: https://www.schneier.com/code/vectors.txt
+.. _`Bruce Schneier's vectors`: https://www.schneier.com/wp-content/uploads/2015/12/vectors-2.txt
.. _`Camellia page`: https://info.isl.ntt.co.jp/crypt/eng/camellia/
.. _`CRYPTREC`: https://www.cryptrec.go.jp
.. _`OpenSSL's test vectors`: https://github.com/openssl/openssl/blob/97cf1f6c2854a3a955fd7dd3a1f113deba00c9ef/crypto/evp/evptests.txt#L232
@@ -654,13 +762,16 @@
.. _`NIST SP-800-38B`: https://csrc.nist.gov/publications/detail/sp/800-38b/archive/2005-05-01
.. _`NIST PKI Testing`: https://csrc.nist.gov/Projects/PKI-Testing
.. _`testx509.pem`: https://github.com/openssl/openssl/blob/master/test/testx509.pem
-.. _`DigiCert Global Root G3`: https://cacerts.digicert.com/DigiCertGlobalRootG3.crt
+.. _`DigiCert Global Root G3`: http://cacerts.digicert.com/DigiCertGlobalRootG3.crt
.. _`root data`: https://hg.mozilla.org/projects/nss/file/25b2922cc564/security/nss/lib/ckfw/builtins/certdata.txt#l2053
.. _`asymmetric/public/PKCS1/dsa.pub.pem`: https://github.com/ruby/ruby/blob/4ccb387f3bc436a08fc6d72c4931994f5de95110/test/openssl/test_pkey_dsa.rb#L53
.. _`Mozilla bug`: https://bugzilla.mozilla.org/show_bug.cgi?id=233586
-.. _`Russian CA`: https://e-trust.gosuslugi.ru/MainCA
+.. _`Russian CA`: https://e-trust.gosuslugi.ru/
.. _`test/evptests.txt`: https://github.com/openssl/openssl/blob/2d0b44126763f989a4cbffbffe9d0c7518158bb7/test/evptests.txt
.. _`unknown signature OID`: https://bugzilla.mozilla.org/show_bug.cgi?id=405966
.. _`botan`: https://github.com/randombit/botan/blob/57789bdfc55061002b2727d0b32587612829a37c/src/tests/data/pubkey/dh.vec
.. _`DHKE`: https://sandilands.info/sgordon/diffie-hellman-secret-key-exchange-with-openssl
.. _`Botan's key wrap vectors`: https://github.com/randombit/botan/blob/737f33c09a18500e044dca3e2ae13bd2c08bafdd/src/tests/data/keywrap/nist_key_wrap.vec
+.. _`root-ed25519.pem`: https://github.com/openssl/openssl/blob/2a1e2fe145c6eb8e75aa2e1b3a8c3a49384b2852/test/certs/root-ed25519.pem
+.. _`server-ed25519-cert.pem`: https://github.com/openssl/openssl/blob/2a1e2fe145c6eb8e75aa2e1b3a8c3a49384b2852/test/certs/server-ed25519-cert.pem
+.. _`server-ed448-cert.pem`: https://github.com/openssl/openssl/blob/2a1e2fe145c6eb8e75aa2e1b3a8c3a49384b2852/test/certs/server-ed448-cert.pem