cryptography
cryptography copied to clipboard
pyca
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers.
Currently SSH Key handling methods are mostly considered `hazard materials` in the `hazmat` module. This leads to a lot of boilerplate code to get a key pair. It would be...
This PR fixes two issues with the ASN.1 generated when signing using PKCS#7: ## First issue The [current implementation](https://github.com/pyca/cryptography/blob/bfcdfbefb32c5a9786ef66d4eb0777f70ae5943b/src/rust/src/pkcs7.rs#L103-L109) defines the SMIMECapabilities attribute so that its value is a SEQUENCE...
- [x] https://github.com/pyca/cryptography/pull/8697 - [x] https://github.com/pyca/cryptography/pull/8705 - [x] https://github.com/pyca/cryptography/pull/8263 - [x] https://github.com/pyca/cryptography/pull/8691 - [x] https://github.com/pyca/cryptography/pull/8768 - [x] `aead` - [x] https://github.com/pyca/cryptography/pull/9181 - [x] https://github.com/pyca/cryptography/pull/9399 - [x] https://github.com/pyca/cryptography/pull/10279 - [x] https://github.com/pyca/cryptography/pull/9569...
Thanks to all who worked on the X.509 verification support in version 42. I am trying to use this API for verifying a signing certificate, and realizing that the API...
There are two new ODIs that are being used with Smartcards for Windows Authentication since 2023 and will be mandatory for "strong authentication" starting 2025 (see [KB5014754](https://support.microsoft.com/en-us/topic/kb5014754-certificate-based-authentication-changes-on-windows-domain-controllers-ad2c23b0-15d8-4340-a468-4d4f3b188f16)). It would nice...
I'm writing regarding the planned removal of negative serial number support from the cryptography package in v43.0.0. Would it be possible to allow the parsing of negative serial numbers as...
Hello! I've been working on updating some code to utilize cryptography in favor of PyOpenSSL due to the API deprecation in the older project. The only code that I can...
Still WIP -- the public APIs are not fully filled in yet. Outstanding tasks: - [x] Fill in `build_client_verifier` - [x] Add and implement `ClientVerifier.verify` - [ ] Unit tests...
Part of https://github.com/pyca/cryptography/issues/9795. Now that the Rust bindings needed are in place (https://github.com/sfackler/rust-openssl/pull/2144), this PR adds support for ECDSA deterministic signing (RFC 6979), a new feature in `OpenSSL >= 3.2.0`....
Right now we don't invalidate cache in our test CI job (does not affect wheel builds) when OpenSSL is upgraded. We should fix that and backport before OpenSSL 3.2.1 comes...
