cryptography
cryptography copied to clipboard
pyca
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers.
Would it be possible to make legacy provider (when compiled with OpenSSL 3) optional? AFAICT, it's currently not really possible to use cryptography without a legacy provider being available, but...
Currently, cryptography contains no functionality to validate a certificate chain against a trusted root certificate. This is a fairly standard operation; it is described in detail by [RFC 5280](https://tools.ietf.org/html/rfc5280#section-6). I...
I came across this piece of code in the openssl backend: https://github.com/pyca/cryptography/blob/4a4f4d94ce5a641de3020042c70c1734af265d5e/src/cryptography/hazmat/backends/openssl/backend.py#L2194-L2202 It's part of [what gets called when creating a PKXS#12 file](https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization/?highlight=pkcs12#cryptography.hazmat.primitives.serialization.pkcs12.serialize_key_and_certificates) and It uses 3DES for the encryption....
### Versions * Python: 3.10.4 * cryptography: 37.01 * cffi: 1.15.0 * setuptools: 60.2.0 All packages are installed using pip. ### Issue The ASN.1 parser assumes that the attributes in...
This uses [workflow commands](https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions) to do grouping, hiding the verbose tox output. The implementation is a bit inelegant here and it'd be better to try to get tox to support...
We have previously not added it due to issues with their OpenSSL patches, but let's see what we get this time.
Now that `register_interface` is gone we have no use for `verify_interface`, but https://github.com/aws/aws-encryption-sdk-python/issues/464 is a blocker for removing it.
Add fallback LegacyPKCS12TripleDESEncryption for compatibility with The Past(tm) fixes #7043
It's been deprecated since 2019 and this is a tracking issue for removing it.
For the purpose of verifying MRTD (biometric passport) trust-chain, I'm using `cryptography` to verify signatures of CSCA and DSC x509 certificates issued by some countries . These certificates don't use...
