pool/python-cryptography
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
cb3e8c6d77
python-cryptography/python-cryptography.spec

126 lines
4.0 KiB
RPMSpec
Raw Normal View History

Accepting request 223686 from home:mvyskocil:branches:devel:languages:python add package to d:l:p, needed for new pyOpenSSL OBS-URL: https://build.opensuse.org/request/show/223686 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=1
2014-02-24 15:01:28 +01:00
#
- split tests in a multibuild variant to optimize rebuild time a bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=143
2022-02-16 20:00:35 +01:00
# spec file
Accepting request 223686 from home:mvyskocil:branches:devel:languages:python add package to d:l:p, needed for new pyOpenSSL OBS-URL: https://build.opensuse.org/request/show/223686 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=1
2014-02-24 15:01:28 +01:00
#
- update to 39.0.0: * **BACKWARDS INCOMPATIBLE:** Support for OpenSSL 1.1.0 has been removed. Users on older version of OpenSSL will need to upgrade. * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.5. The new minimum LibreSSL version is 3.5.0. Going forward our policy is to support versions of LibreSSL that are available in versions of OpenBSD that are still receiving security support. * **BACKWARDS INCOMPATIBLE:** Removed the ``encode_point`` and ``from_encoded_point`` methods on :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicNumbers`, which had been deprecated for several years. :meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.public_bytes` and :meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.from_encoded_point` should be used instead. * **BACKWARDS INCOMPATIBLE:** Support for using MD5 or SHA1 in :class:`~cryptography.x509.CertificateBuilder`, other X.509 builders, and PKCS7 has been removed. * **ANNOUNCEMENT:** The next version of ``cryptography`` (40.0) will change the way we link OpenSSL. This will only impact users who build ``cryptography`` from source (i.e., not from a ``wheel``), and specify their own version of OpenSSL. For those users, the ``CFLAGS``, ``LDFLAGS``, ``INCLUDE``, ``LIB``, and ``CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS`` environment variables will no longer be respected. Instead, users will need to configure their builds `as documented here`_. * Added support for disabling the legacy provider in OpenSSL 3.0.x * Added support for disabling RSA key validation checks when loading RSA keys via ~cryptography.hazmat.primitives.serialization.load_pem_private_key OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=167
2023-01-02 20:50:55 +01:00
# Copyright (c) 2023 SUSE LLC
Accepting request 223686 from home:mvyskocil:branches:devel:languages:python add package to d:l:p, needed for new pyOpenSSL OBS-URL: https://build.opensuse.org/request/show/223686 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=1
2014-02-24 15:01:28 +01:00
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
- Fix fdupes call OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=104
2018-12-06 12:48:48 +01:00
# Please submit bugfixes or comments via https://bugs.opensuse.org/
Accepting request 223686 from home:mvyskocil:branches:devel:languages:python add package to d:l:p, needed for new pyOpenSSL OBS-URL: https://build.opensuse.org/request/show/223686 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=1
2014-02-24 15:01:28 +01:00
#
Accepting request 934514 from home:dirkmueller:Factory - update to 36.0.0: * FINAL DEPRECATION Support for verifier and signer on our asymmetric key classes was deprecated in version 2.1. These functions had an extended deprecation due to usage, however the next version of cryptography will drop support. Users should migrate to sign and verify. * The entire X.509 layer is now written in Rust. This allows alternate asymmetric key implementations that can support cloud key management services or hardware security modules provided they implement the necessary interface (for example: EllipticCurvePrivateKey). * Deprecated the backend argument for all functions. * Added support for AESOCB3. * Added support for iterating over arbitrary request attributes. * Deprecated the get_attribute_for_oid method on CertificateSigningRequest in favor of get_attribute_for_oid() on the new Attributes object. * Fixed handling of PEM files to allow loading when certificate and key are in the same file. * Fixed parsing of CertificatePolicies extensions containing legacy BMPString values in their explicitText. * Allow parsing of negative serial numbers in certificates. Negative serial numbers are prohibited by RFC 5280 so a deprecation warning will be raised whenever they are encountered. A future version of cryptography will drop support for parsing them. * Added support for parsing PKCS12 files with friendly names for all certificates with load_pkcs12(), which will return an object of type PKCS12KeyAndCertificates. * rfc4514_string() and related methods now have an optional attr_name_overrides parameter to supply custom OID to name mappings, which can be used to match vendor-specific extensions. * BACKWARDS INCOMPATIBLE: Reverted the nonstandard formatting of email address fields as E in rfc4514_string() methods from version 35.0. * The previous behavior can be restored with: OBS-URL: https://build.opensuse.org/request/show/934514 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=140
2021-11-29 12:07:36 +01:00
%global rustflags '-Clink-arg=-Wl,-z,relro,-z,now'
- split tests in a multibuild variant to optimize rebuild time a bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=143
2022-02-16 20:00:35 +01:00
%global flavor @BUILD_FLAVOR@%{nil}
%if "%{flavor}" == "test"
%define psuffix -test
%bcond_without test
%else
%define psuffix %{nil}
%bcond_with test
%endif
Accepting request 1081377 from home:dirkmueller:acdc:as_python3_module SR for python stack proposal OBS-URL: https://build.opensuse.org/request/show/1081377 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=182
2023-04-22 08:18:33 +02:00
%{?sle15_python_module_pythons}
- split tests in a multibuild variant to optimize rebuild time a bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=143
2022-02-16 20:00:35 +01:00
Name: python-cryptography%{psuffix}
- update to 41.0.1: * Temporarily allow invalid ECDSA signature algorithm parameters in X.509 certificates, which are generated by older versions of Java. * Allow null bytes in pass phrases when serializing private keys. * **BACKWARDS INCOMPATIBLE:** Support for OpenSSL less than 1.1.1d has been removed. Users on older version of OpenSSL will need to upgrade. * **BACKWARDS INCOMPATIBLE:** Support for Python 3.6 has been removed. * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.6. * Updated the minimum supported Rust version (MSRV) to 1.56.0, from 1.48.0. * Added support for the :class:`~cryptography.x509.OCSPAcceptableResponses` OCSP extension. * Added support for the :class:`~cryptography.x509.MSCertificateTemplate` proprietary Microsoft certificate extension. * Implemented support for equality checks on all asymmetric public key types. * Added support for ``aes256-gcm@openssh.com`` encrypted keys in :func:`~cryptography.hazmat.primitives.serialization.load_ssh _private_key`. * Added support for obtaining X.509 certificate signature algorithm parameters (including PSS) OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=184
2023-06-19 22:44:25 +02:00
Version: 41.0.1
Accepting request 223686 from home:mvyskocil:branches:devel:languages:python add package to d:l:p, needed for new pyOpenSSL OBS-URL: https://build.opensuse.org/request/show/223686 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=1
2014-02-24 15:01:28 +01:00
Release: 0
Summary: Python library which exposes cryptographic recipes and primitives
Accepting request 538281 from home:mimi_vx:branches:devel:languages:python - fix BuildRequires conditions for python3 OBS-URL: https://build.opensuse.org/request/show/538281 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=74
2017-11-02 16:19:19 +01:00
License: Apache-2.0 OR BSD-3-Clause
Accepting request 223686 from home:mvyskocil:branches:devel:languages:python add package to d:l:p, needed for new pyOpenSSL OBS-URL: https://build.opensuse.org/request/show/223686 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=1
2014-02-24 15:01:28 +01:00
Group: Development/Languages/Python
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=95
2018-03-27 14:55:23 +02:00
URL: https://cryptography.io/en/latest/
Accepting request 483837 from devel:languages:python:singlespec - Switch to singlespec approach OBS-URL: https://build.opensuse.org/request/show/483837 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=59
2017-03-30 16:12:18 +02:00
Source0: https://files.pythonhosted.org/packages/source/c/cryptography/cryptography-%{version}.tar.gz
Accepting request 934514 from home:dirkmueller:Factory - update to 36.0.0: * FINAL DEPRECATION Support for verifier and signer on our asymmetric key classes was deprecated in version 2.1. These functions had an extended deprecation due to usage, however the next version of cryptography will drop support. Users should migrate to sign and verify. * The entire X.509 layer is now written in Rust. This allows alternate asymmetric key implementations that can support cloud key management services or hardware security modules provided they implement the necessary interface (for example: EllipticCurvePrivateKey). * Deprecated the backend argument for all functions. * Added support for AESOCB3. * Added support for iterating over arbitrary request attributes. * Deprecated the get_attribute_for_oid method on CertificateSigningRequest in favor of get_attribute_for_oid() on the new Attributes object. * Fixed handling of PEM files to allow loading when certificate and key are in the same file. * Fixed parsing of CertificatePolicies extensions containing legacy BMPString values in their explicitText. * Allow parsing of negative serial numbers in certificates. Negative serial numbers are prohibited by RFC 5280 so a deprecation warning will be raised whenever they are encountered. A future version of cryptography will drop support for parsing them. * Added support for parsing PKCS12 files with friendly names for all certificates with load_pkcs12(), which will return an object of type PKCS12KeyAndCertificates. * rfc4514_string() and related methods now have an optional attr_name_overrides parameter to supply custom OID to name mappings, which can be used to match vendor-specific extensions. * BACKWARDS INCOMPATIBLE: Reverted the nonstandard formatting of email address fields as E in rfc4514_string() methods from version 35.0. * The previous behavior can be restored with: OBS-URL: https://build.opensuse.org/request/show/934514 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=140
2021-11-29 12:07:36 +01:00
# use `osc service disabledrun` to regenerate
- update to 37.0.2: * Fixed an issue where parsing an encrypted private key with the public loader functions would hang waiting for console input on OpenSSL 3.0.x rather than raising an error. * Restored some legacy symbols for older ``pyOpenSSL`` users. These will be removed again in the future, so ``pyOpenSSL`` users should still upgrade to the latest version of that package when they upgrade ``cryptography``. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.2. * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL 2.9.x and 3.0.x. The new minimum LibreSSL version is 3.1+. * **BACKWARDS INCOMPATIBLE:** Removed ``signer`` and ``verifier`` methods from the public key and private key classes. These methods were originally deprecated in version 2.0, but had an extended deprecation timeline due to usage. Any remaining users should transition to ``sign`` and ``verify``. * Deprecated OpenSSL 1.1.0 support. OpenSSL 1.1.0 is no longer supported by the OpenSSL project. The next release of ``cryptography`` will be the last to support compiling with OpenSSL 1.1.0. * Deprecated Python 3.6 support. Python 3.6 is no longer supported by the Python core team. Support for Python 3.6 will be removed in a future ``cryptography`` release. * Deprecated the current minimum supported Rust version (MSRV) of 1.41.0. In the next release we will raise MSRV to 1.48.0. Users with the latest ``pip`` will typically get a wheel and not need Rust installed, but check :doc:`/installation` for documentation on installing a newer ``rustc`` if required. * Deprecated :class:`~cryptography.hazmat.primitives.ciphers.algorithms.CAST5`, :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`, :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA`, and :class:`~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish` because OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=153
2022-05-24 08:59:20 +02:00
Source2: vendor.tar.zst
Accepting request 934514 from home:dirkmueller:Factory - update to 36.0.0: * FINAL DEPRECATION Support for verifier and signer on our asymmetric key classes was deprecated in version 2.1. These functions had an extended deprecation due to usage, however the next version of cryptography will drop support. Users should migrate to sign and verify. * The entire X.509 layer is now written in Rust. This allows alternate asymmetric key implementations that can support cloud key management services or hardware security modules provided they implement the necessary interface (for example: EllipticCurvePrivateKey). * Deprecated the backend argument for all functions. * Added support for AESOCB3. * Added support for iterating over arbitrary request attributes. * Deprecated the get_attribute_for_oid method on CertificateSigningRequest in favor of get_attribute_for_oid() on the new Attributes object. * Fixed handling of PEM files to allow loading when certificate and key are in the same file. * Fixed parsing of CertificatePolicies extensions containing legacy BMPString values in their explicitText. * Allow parsing of negative serial numbers in certificates. Negative serial numbers are prohibited by RFC 5280 so a deprecation warning will be raised whenever they are encountered. A future version of cryptography will drop support for parsing them. * Added support for parsing PKCS12 files with friendly names for all certificates with load_pkcs12(), which will return an object of type PKCS12KeyAndCertificates. * rfc4514_string() and related methods now have an optional attr_name_overrides parameter to supply custom OID to name mappings, which can be used to match vendor-specific extensions. * BACKWARDS INCOMPATIBLE: Reverted the nonstandard formatting of email address fields as E in rfc4514_string() methods from version 35.0. * The previous behavior can be restored with: OBS-URL: https://build.opensuse.org/request/show/934514 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=140
2021-11-29 12:07:36 +01:00
# use `osc service disabledrun` to regenerate
Source3: cargo_config
- split tests in a multibuild variant to optimize rebuild time a bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=143
2022-02-16 20:00:35 +01:00
Source4: python-cryptography.keyring
Accepting request 521999 from home:vitezslav_cizek:branches:devel:languages:python - Disable memleak tests to fix build with OpenSSL 1.1 (bsc#1055478) * add skip_openssl_memleak_test.patch OBS-URL: https://build.opensuse.org/request/show/521999 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=69
2017-09-07 16:49:40 +02:00
Patch2: skip_openssl_memleak_test.patch
Accepting request 981552 from home:gladiac:mailman3 - Remove Python 3.6 deprecation warning on openSUSE Leap. * Added remove_python_3_6_deprecation_warning.patch Note: This fixes the mailman:test OBS-URL: https://build.opensuse.org/request/show/981552 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=156
2022-06-13 08:38:29 +02:00
%if 0%{?sle_version} && 0%{?sle_version} <= 150400
Patch3: remove_python_3_6_deprecation_warning.patch
%endif
Accepting request 924948 from home:bnavigator:branches:devel:languages:python - Add disable-RustExtension.patch in order to avoid a build requirement setuptools_rust - Next version (35.0) needs a full Rust toolchain. - Clean runtime, build and test requirements - Disable python2 build: Not supported anymore OBS-URL: https://build.opensuse.org/request/show/924948 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=139
2021-10-13 02:59:08 +02:00
BuildRequires: %{python_module cffi >= 1.12}
Accepting request 483837 from devel:languages:python:singlespec - Switch to singlespec approach OBS-URL: https://build.opensuse.org/request/show/483837 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=59
2017-03-30 16:12:18 +02:00
BuildRequires: %{python_module devel}
Accepting request 1041287 from home:yarunachalam:branches:devel:languages:python - Update to version 38.0.4 * Fixed compilation when using LibreSSL 3.6.0. * Fixed error when using py2app to build an application with a cryptography dependency. OBS-URL: https://build.opensuse.org/request/show/1041287 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=165
2022-12-08 12:47:57 +01:00
BuildRequires: %{python_module exceptiongroup}
Accepting request 934514 from home:dirkmueller:Factory - update to 36.0.0: * FINAL DEPRECATION Support for verifier and signer on our asymmetric key classes was deprecated in version 2.1. These functions had an extended deprecation due to usage, however the next version of cryptography will drop support. Users should migrate to sign and verify. * The entire X.509 layer is now written in Rust. This allows alternate asymmetric key implementations that can support cloud key management services or hardware security modules provided they implement the necessary interface (for example: EllipticCurvePrivateKey). * Deprecated the backend argument for all functions. * Added support for AESOCB3. * Added support for iterating over arbitrary request attributes. * Deprecated the get_attribute_for_oid method on CertificateSigningRequest in favor of get_attribute_for_oid() on the new Attributes object. * Fixed handling of PEM files to allow loading when certificate and key are in the same file. * Fixed parsing of CertificatePolicies extensions containing legacy BMPString values in their explicitText. * Allow parsing of negative serial numbers in certificates. Negative serial numbers are prohibited by RFC 5280 so a deprecation warning will be raised whenever they are encountered. A future version of cryptography will drop support for parsing them. * Added support for parsing PKCS12 files with friendly names for all certificates with load_pkcs12(), which will return an object of type PKCS12KeyAndCertificates. * rfc4514_string() and related methods now have an optional attr_name_overrides parameter to supply custom OID to name mappings, which can be used to match vendor-specific extensions. * BACKWARDS INCOMPATIBLE: Reverted the nonstandard formatting of email address fields as E in rfc4514_string() methods from version 35.0. * The previous behavior can be restored with: OBS-URL: https://build.opensuse.org/request/show/934514 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=140
2021-11-29 12:07:36 +01:00
BuildRequires: %{python_module setuptools-rust}
Accepting request 924948 from home:bnavigator:branches:devel:languages:python - Add disable-RustExtension.patch in order to avoid a build requirement setuptools_rust - Next version (35.0) needs a full Rust toolchain. - Clean runtime, build and test requirements - Disable python2 build: Not supported anymore OBS-URL: https://build.opensuse.org/request/show/924948 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=139
2021-10-13 02:59:08 +02:00
BuildRequires: %{python_module setuptools}
- update to 41.0.1: * Temporarily allow invalid ECDSA signature algorithm parameters in X.509 certificates, which are generated by older versions of Java. * Allow null bytes in pass phrases when serializing private keys. * **BACKWARDS INCOMPATIBLE:** Support for OpenSSL less than 1.1.1d has been removed. Users on older version of OpenSSL will need to upgrade. * **BACKWARDS INCOMPATIBLE:** Support for Python 3.6 has been removed. * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.6. * Updated the minimum supported Rust version (MSRV) to 1.56.0, from 1.48.0. * Added support for the :class:`~cryptography.x509.OCSPAcceptableResponses` OCSP extension. * Added support for the :class:`~cryptography.x509.MSCertificateTemplate` proprietary Microsoft certificate extension. * Implemented support for equality checks on all asymmetric public key types. * Added support for ``aes256-gcm@openssh.com`` encrypted keys in :func:`~cryptography.hazmat.primitives.serialization.load_ssh _private_key`. * Added support for obtaining X.509 certificate signature algorithm parameters (including PSS) OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=184
2023-06-19 22:44:25 +02:00
BuildRequires: cargo >= 1.56.0
Accepting request 538281 from home:mimi_vx:branches:devel:languages:python - fix BuildRequires conditions for python3 OBS-URL: https://build.opensuse.org/request/show/538281 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=74
2017-11-02 16:19:19 +01:00
BuildRequires: fdupes
BuildRequires: libopenssl-devel
BuildRequires: pkgconfig
Accepting request 483837 from devel:languages:python:singlespec - Switch to singlespec approach OBS-URL: https://build.opensuse.org/request/show/483837 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=59
2017-03-30 16:12:18 +02:00
BuildRequires: python-rpm-macros
- update to 41.0.1: * Temporarily allow invalid ECDSA signature algorithm parameters in X.509 certificates, which are generated by older versions of Java. * Allow null bytes in pass phrases when serializing private keys. * **BACKWARDS INCOMPATIBLE:** Support for OpenSSL less than 1.1.1d has been removed. Users on older version of OpenSSL will need to upgrade. * **BACKWARDS INCOMPATIBLE:** Support for Python 3.6 has been removed. * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.6. * Updated the minimum supported Rust version (MSRV) to 1.56.0, from 1.48.0. * Added support for the :class:`~cryptography.x509.OCSPAcceptableResponses` OCSP extension. * Added support for the :class:`~cryptography.x509.MSCertificateTemplate` proprietary Microsoft certificate extension. * Implemented support for equality checks on all asymmetric public key types. * Added support for ``aes256-gcm@openssh.com`` encrypted keys in :func:`~cryptography.hazmat.primitives.serialization.load_ssh _private_key`. * Added support for obtaining X.509 certificate signature algorithm parameters (including PSS) OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=184
2023-06-19 22:44:25 +02:00
BuildRequires: rust >= 1.56.0
- update to 37.0.2: * Fixed an issue where parsing an encrypted private key with the public loader functions would hang waiting for console input on OpenSSL 3.0.x rather than raising an error. * Restored some legacy symbols for older ``pyOpenSSL`` users. These will be removed again in the future, so ``pyOpenSSL`` users should still upgrade to the latest version of that package when they upgrade ``cryptography``. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.2. * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL 2.9.x and 3.0.x. The new minimum LibreSSL version is 3.1+. * **BACKWARDS INCOMPATIBLE:** Removed ``signer`` and ``verifier`` methods from the public key and private key classes. These methods were originally deprecated in version 2.0, but had an extended deprecation timeline due to usage. Any remaining users should transition to ``sign`` and ``verify``. * Deprecated OpenSSL 1.1.0 support. OpenSSL 1.1.0 is no longer supported by the OpenSSL project. The next release of ``cryptography`` will be the last to support compiling with OpenSSL 1.1.0. * Deprecated Python 3.6 support. Python 3.6 is no longer supported by the Python core team. Support for Python 3.6 will be removed in a future ``cryptography`` release. * Deprecated the current minimum supported Rust version (MSRV) of 1.41.0. In the next release we will raise MSRV to 1.48.0. Users with the latest ``pip`` will typically get a wheel and not need Rust installed, but check :doc:`/installation` for documentation on installing a newer ``rustc`` if required. * Deprecated :class:`~cryptography.hazmat.primitives.ciphers.algorithms.CAST5`, :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`, :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA`, and :class:`~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish` because OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=153
2022-05-24 08:59:20 +02:00
BuildRequires: zstd
Accepting request 538281 from home:mimi_vx:branches:devel:languages:python - fix BuildRequires conditions for python3 OBS-URL: https://build.opensuse.org/request/show/538281 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=74
2017-11-02 16:19:19 +01:00
BuildRequires: pkgconfig(libffi)
Accepting request 924948 from home:bnavigator:branches:devel:languages:python - Add disable-RustExtension.patch in order to avoid a build requirement setuptools_rust - Next version (35.0) needs a full Rust toolchain. - Clean runtime, build and test requirements - Disable python2 build: Not supported anymore OBS-URL: https://build.opensuse.org/request/show/924948 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=139
2021-10-13 02:59:08 +02:00
# python-base is not enough, we need the _ssl module
Requires: python
- split tests in a multibuild variant to optimize rebuild time a bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=143
2022-02-16 20:00:35 +01:00
%requires_eq python-cffi
%if %{with test}
BuildRequires: %{python_module cryptography >= %{version}}
Accepting request 924948 from home:bnavigator:branches:devel:languages:python - Add disable-RustExtension.patch in order to avoid a build requirement setuptools_rust - Next version (35.0) needs a full Rust toolchain. - Clean runtime, build and test requirements - Disable python2 build: Not supported anymore OBS-URL: https://build.opensuse.org/request/show/924948 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=139
2021-10-13 02:59:08 +02:00
BuildRequires: %{python_module cryptography-vectors = %{version}}
Accepting request 582047 from home:computersalat:devel:python fix deps for hypothesis, pytest OBS-URL: https://build.opensuse.org/request/show/582047 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=91
2018-03-02 22:42:20 +01:00
BuildRequires: %{python_module hypothesis >= 1.11.4}
Accepting request 483837 from devel:languages:python:singlespec - Switch to singlespec approach OBS-URL: https://build.opensuse.org/request/show/483837 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=59
2017-03-30 16:12:18 +02:00
BuildRequires: %{python_module iso8601}
BuildRequires: %{python_module pretend}
Accepting request 924948 from home:bnavigator:branches:devel:languages:python - Add disable-RustExtension.patch in order to avoid a build requirement setuptools_rust - Next version (35.0) needs a full Rust toolchain. - Clean runtime, build and test requirements - Disable python2 build: Not supported anymore OBS-URL: https://build.opensuse.org/request/show/924948 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=139
2021-10-13 02:59:08 +02:00
BuildRequires: %{python_module pytest > 6.0}
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=154
2022-05-24 10:05:54 +02:00
BuildRequires: %{python_module pytest-benchmark}
Accepting request 922968 from system:homeautomation:home-assistant:unstable - update to 3.4.8 - keep new rust support disabled for now to avoid new dependencies OBS-URL: https://build.opensuse.org/request/show/922968 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=138
2021-10-04 23:39:33 +02:00
BuildRequires: %{python_module pytest-subtests}
Accepting request 924948 from home:bnavigator:branches:devel:languages:python - Add disable-RustExtension.patch in order to avoid a build requirement setuptools_rust - Next version (35.0) needs a full Rust toolchain. - Clean runtime, build and test requirements - Disable python2 build: Not supported anymore OBS-URL: https://build.opensuse.org/request/show/924948 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=139
2021-10-13 02:59:08 +02:00
BuildRequires: %{python_module pytest-xdist}
BuildRequires: %{python_module pytz}
- split tests in a multibuild variant to optimize rebuild time a bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=143
2022-02-16 20:00:35 +01:00
%endif
Accepting request 483837 from devel:languages:python:singlespec - Switch to singlespec approach OBS-URL: https://build.opensuse.org/request/show/483837 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=59
2017-03-30 16:12:18 +02:00
%python_subpackages
Accepting request 223686 from home:mvyskocil:branches:devel:languages:python add package to d:l:p, needed for new pyOpenSSL OBS-URL: https://build.opensuse.org/request/show/223686 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=1
2014-02-24 15:01:28 +01:00
%description
cryptography is a package designed to expose cryptographic
recipes and primitives to Python developers. Our goal is
for it to be your "cryptographic standard library". It
Accepting request 616242 from home:mimi_vx:branches:devel:languages:python - update to 2.2.2 * fix build on some systems with openssl 1.1.0h OBS-URL: https://build.opensuse.org/request/show/616242 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=98
2018-06-12 10:00:09 +02:00
supports Python 2.7, Python 3.4+, and PyPy-5.3+.
Accepting request 223686 from home:mvyskocil:branches:devel:languages:python add package to d:l:p, needed for new pyOpenSSL OBS-URL: https://build.opensuse.org/request/show/223686 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=1
2014-02-24 15:01:28 +01:00
cryptography includes both high level recipes, and low
level interfaces to common cryptographic algorithms such as
symmetric ciphers, message digests and key derivation
functions.
%prep
Accepting request 934514 from home:dirkmueller:Factory - update to 36.0.0: * FINAL DEPRECATION Support for verifier and signer on our asymmetric key classes was deprecated in version 2.1. These functions had an extended deprecation due to usage, however the next version of cryptography will drop support. Users should migrate to sign and verify. * The entire X.509 layer is now written in Rust. This allows alternate asymmetric key implementations that can support cloud key management services or hardware security modules provided they implement the necessary interface (for example: EllipticCurvePrivateKey). * Deprecated the backend argument for all functions. * Added support for AESOCB3. * Added support for iterating over arbitrary request attributes. * Deprecated the get_attribute_for_oid method on CertificateSigningRequest in favor of get_attribute_for_oid() on the new Attributes object. * Fixed handling of PEM files to allow loading when certificate and key are in the same file. * Fixed parsing of CertificatePolicies extensions containing legacy BMPString values in their explicitText. * Allow parsing of negative serial numbers in certificates. Negative serial numbers are prohibited by RFC 5280 so a deprecation warning will be raised whenever they are encountered. A future version of cryptography will drop support for parsing them. * Added support for parsing PKCS12 files with friendly names for all certificates with load_pkcs12(), which will return an object of type PKCS12KeyAndCertificates. * rfc4514_string() and related methods now have an optional attr_name_overrides parameter to supply custom OID to name mappings, which can be used to match vendor-specific extensions. * BACKWARDS INCOMPATIBLE: Reverted the nonstandard formatting of email address fields as E in rfc4514_string() methods from version 35.0. * The previous behavior can be restored with: OBS-URL: https://build.opensuse.org/request/show/934514 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=140
2021-11-29 12:07:36 +01:00
%autosetup -a2 -p1 -n cryptography-%{version}
mkdir .cargo
cp %{SOURCE3} .cargo/config
- update to 37.0.2: * Fixed an issue where parsing an encrypted private key with the public loader functions would hang waiting for console input on OpenSSL 3.0.x rather than raising an error. * Restored some legacy symbols for older ``pyOpenSSL`` users. These will be removed again in the future, so ``pyOpenSSL`` users should still upgrade to the latest version of that package when they upgrade ``cryptography``. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.2. * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL 2.9.x and 3.0.x. The new minimum LibreSSL version is 3.1+. * **BACKWARDS INCOMPATIBLE:** Removed ``signer`` and ``verifier`` methods from the public key and private key classes. These methods were originally deprecated in version 2.0, but had an extended deprecation timeline due to usage. Any remaining users should transition to ``sign`` and ``verify``. * Deprecated OpenSSL 1.1.0 support. OpenSSL 1.1.0 is no longer supported by the OpenSSL project. The next release of ``cryptography`` will be the last to support compiling with OpenSSL 1.1.0. * Deprecated Python 3.6 support. Python 3.6 is no longer supported by the Python core team. Support for Python 3.6 will be removed in a future ``cryptography`` release. * Deprecated the current minimum supported Rust version (MSRV) of 1.41.0. In the next release we will raise MSRV to 1.48.0. Users with the latest ``pip`` will typically get a wheel and not need Rust installed, but check :doc:`/installation` for documentation on installing a newer ``rustc`` if required. * Deprecated :class:`~cryptography.hazmat.primitives.ciphers.algorithms.CAST5`, :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`, :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA`, and :class:`~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish` because OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=153
2022-05-24 08:59:20 +02:00
rm -v src/rust/Cargo.lock
Accepting request 331785 from Cloud:OpenStack:Master - Add disable-uneven-sizes-tests.patch (bnc#944204) openssl in SLE12SP1 doesn't allow uneven bit sizes for rsa keys OBS-URL: https://build.opensuse.org/request/show/331785 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=18
2015-09-17 16:30:34 +02:00
Accepting request 223686 from home:mvyskocil:branches:devel:languages:python add package to d:l:p, needed for new pyOpenSSL OBS-URL: https://build.opensuse.org/request/show/223686 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=1
2014-02-24 15:01:28 +01:00
%build
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=185
2023-06-20 19:14:00 +02:00
# https://github.com/pyca/cryptography/issues/9023
%global _lto_cflags %{nil}
Accepting request 934514 from home:dirkmueller:Factory - update to 36.0.0: * FINAL DEPRECATION Support for verifier and signer on our asymmetric key classes was deprecated in version 2.1. These functions had an extended deprecation due to usage, however the next version of cryptography will drop support. Users should migrate to sign and verify. * The entire X.509 layer is now written in Rust. This allows alternate asymmetric key implementations that can support cloud key management services or hardware security modules provided they implement the necessary interface (for example: EllipticCurvePrivateKey). * Deprecated the backend argument for all functions. * Added support for AESOCB3. * Added support for iterating over arbitrary request attributes. * Deprecated the get_attribute_for_oid method on CertificateSigningRequest in favor of get_attribute_for_oid() on the new Attributes object. * Fixed handling of PEM files to allow loading when certificate and key are in the same file. * Fixed parsing of CertificatePolicies extensions containing legacy BMPString values in their explicitText. * Allow parsing of negative serial numbers in certificates. Negative serial numbers are prohibited by RFC 5280 so a deprecation warning will be raised whenever they are encountered. A future version of cryptography will drop support for parsing them. * Added support for parsing PKCS12 files with friendly names for all certificates with load_pkcs12(), which will return an object of type PKCS12KeyAndCertificates. * rfc4514_string() and related methods now have an optional attr_name_overrides parameter to supply custom OID to name mappings, which can be used to match vendor-specific extensions. * BACKWARDS INCOMPATIBLE: Reverted the nonstandard formatting of email address fields as E in rfc4514_string() methods from version 35.0. * The previous behavior can be restored with: OBS-URL: https://build.opensuse.org/request/show/934514 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=140
2021-11-29 12:07:36 +01:00
export RUSTFLAGS=%{rustflags}
Accepting request 483837 from devel:languages:python:singlespec - Switch to singlespec approach OBS-URL: https://build.opensuse.org/request/show/483837 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=59
2017-03-30 16:12:18 +02:00
export CFLAGS="%{optflags} -fno-strict-aliasing"
%python_build
Accepting request 223686 from home:mvyskocil:branches:devel:languages:python add package to d:l:p, needed for new pyOpenSSL OBS-URL: https://build.opensuse.org/request/show/223686 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=1
2014-02-24 15:01:28 +01:00
%install
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=144
2022-02-16 20:56:54 +01:00
%if !%{with test}
Accepting request 934514 from home:dirkmueller:Factory - update to 36.0.0: * FINAL DEPRECATION Support for verifier and signer on our asymmetric key classes was deprecated in version 2.1. These functions had an extended deprecation due to usage, however the next version of cryptography will drop support. Users should migrate to sign and verify. * The entire X.509 layer is now written in Rust. This allows alternate asymmetric key implementations that can support cloud key management services or hardware security modules provided they implement the necessary interface (for example: EllipticCurvePrivateKey). * Deprecated the backend argument for all functions. * Added support for AESOCB3. * Added support for iterating over arbitrary request attributes. * Deprecated the get_attribute_for_oid method on CertificateSigningRequest in favor of get_attribute_for_oid() on the new Attributes object. * Fixed handling of PEM files to allow loading when certificate and key are in the same file. * Fixed parsing of CertificatePolicies extensions containing legacy BMPString values in their explicitText. * Allow parsing of negative serial numbers in certificates. Negative serial numbers are prohibited by RFC 5280 so a deprecation warning will be raised whenever they are encountered. A future version of cryptography will drop support for parsing them. * Added support for parsing PKCS12 files with friendly names for all certificates with load_pkcs12(), which will return an object of type PKCS12KeyAndCertificates. * rfc4514_string() and related methods now have an optional attr_name_overrides parameter to supply custom OID to name mappings, which can be used to match vendor-specific extensions. * BACKWARDS INCOMPATIBLE: Reverted the nonstandard formatting of email address fields as E in rfc4514_string() methods from version 35.0. * The previous behavior can be restored with: OBS-URL: https://build.opensuse.org/request/show/934514 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=140
2021-11-29 12:07:36 +01:00
export RUSTFLAGS=%{rustflags}
- Simplify the test execution to be more understandable OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=114
2019-05-29 17:01:07 +02:00
# Actually other *.c and *.h are appropriate
# see https://github.com/pyca/cryptography/issues/1463
find . -name .keep -print -delete
Accepting request 483837 from devel:languages:python:singlespec - Switch to singlespec approach OBS-URL: https://build.opensuse.org/request/show/483837 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=59
2017-03-30 16:12:18 +02:00
%python_install
- Fix fdupes call OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=104
2018-12-06 12:48:48 +01:00
%python_expand %fdupes %{buildroot}%{$python_sitearch}
- split tests in a multibuild variant to optimize rebuild time a bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=143
2022-02-16 20:00:35 +01:00
%endif
Accepting request 223686 from home:mvyskocil:branches:devel:languages:python add package to d:l:p, needed for new pyOpenSSL OBS-URL: https://build.opensuse.org/request/show/223686 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=1
2014-02-24 15:01:28 +01:00
- split tests in a multibuild variant to optimize rebuild time a bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=143
2022-02-16 20:00:35 +01:00
%if %{with test}
- Add cryptography-custom-install-cmd.patch: Fix installation to plat_lib - Properly invoke testsuite, therefore add dependencies on iso8601 and pretend - Only use pkg-config for libffi on newer distros, stay with old-style devel package requires to fix SLE build OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=2
2014-04-01 10:25:31 +02:00
%check
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=168
2023-01-05 22:13:05 +01:00
# won't work for cryptography
%pytest_arch -n auto --ignore-glob=vendor/*
- split tests in a multibuild variant to optimize rebuild time a bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=143
2022-02-16 20:00:35 +01:00
%endif
Accepting request 223686 from home:mvyskocil:branches:devel:languages:python add package to d:l:p, needed for new pyOpenSSL OBS-URL: https://build.opensuse.org/request/show/223686 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=1
2014-02-24 15:01:28 +01:00
- split tests in a multibuild variant to optimize rebuild time a bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=143
2022-02-16 20:00:35 +01:00
%if !%{with test}
Accepting request 483837 from devel:languages:python:singlespec - Switch to singlespec approach OBS-URL: https://build.opensuse.org/request/show/483837 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=59
2017-03-30 16:12:18 +02:00
%files %{python_files}
- Cleanup with spec-cleaner - Use %setup to unpack all archives do not rely on tar calls - Update to upstream release 2.2.1: * Reverted a change to GeneralNames which prohibited having zero elements, due to breakages. * Fixed a bug in :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding` that caused it to raise InvalidUnwrap when key length modulo 8 was zero. * BACKWARDS INCOMPATIBLE: Support for Python 2.6 has been dropped. * Resolved a bug in HKDF that incorrectly constrained output size. * Added :class:`~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP256R1`, :class:`~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP384R1`, and :class:`~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP512R1` to support inter-operating with systems like German smart meters. * Added token rotation support to :doc:`Fernet </fernet>` with :meth:`~cryptography.fernet.MultiFernet.rotate`. * Fixed a memory leak in :func:`~cryptography.hazmat.primitives.asymmetric.ec.derive_private_key`. * Added support for AES key wrapping with padding via :func:`~cryptography.hazmat.primitives.keywrap.aes_key_wrap_with_padding` and :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding` . * Allow loading DSA keys with 224 bit q. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=94
2018-03-26 09:50:13 +02:00
%license LICENSE LICENSE.APACHE LICENSE.BSD
Accepting request 922968 from system:homeautomation:home-assistant:unstable - update to 3.4.8 - keep new rust support disabled for now to avoid new dependencies OBS-URL: https://build.opensuse.org/request/show/922968 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=138
2021-10-04 23:39:33 +02:00
%doc CONTRIBUTING.rst CHANGELOG.rst README.rst
Accepting request 924948 from home:bnavigator:branches:devel:languages:python - Add disable-RustExtension.patch in order to avoid a build requirement setuptools_rust - Next version (35.0) needs a full Rust toolchain. - Clean runtime, build and test requirements - Disable python2 build: Not supported anymore OBS-URL: https://build.opensuse.org/request/show/924948 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=139
2021-10-13 02:59:08 +02:00
%{python_sitearch}/cryptography
%{python_sitearch}/cryptography-%{version}*-info
- split tests in a multibuild variant to optimize rebuild time a bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=143
2022-02-16 20:00:35 +01:00
%endif
Accepting request 223686 from home:mvyskocil:branches:devel:languages:python add package to d:l:p, needed for new pyOpenSSL OBS-URL: https://build.opensuse.org/request/show/223686 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=1
2014-02-24 15:01:28 +01:00
%changelog
Reference in New Issue Copy Permalink