- update to 2.7
* BACKWARDS INCOMPATIBLE: Removed the cryptography.hazmat.primitives.mac.MACContext interface.
The CMAC and HMAC APIs have not changed, but they are no longer registered
as MACContext instances.
* Removed support for running our tests with setup.py test.
* Add support for :class:`~cryptography.hazmat.primitives.poly1305.Poly1305`
when using OpenSSL 1.1.1 or newer.
* Support serialization with Encoding.OpenSSH and PublicFormat.OpenSSH
in :meth:`Ed25519PublicKey.public_bytes <cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey.public_bytes>` .
* Correctly allow passing a SubjectKeyIdentifier to :meth:`~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier`
and deprecate passing an Extension object.
- Simplify the test execution to be more understandable
OBS-URL: https://build.opensuse.org/request/show/707591
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-cryptography?expand=0&rev=47
* BACKWARDS INCOMPATIBLE: Removed the cryptography.hazmat.primitives.mac.MACContext interface.
The CMAC and HMAC APIs have not changed, but they are no longer registered
as MACContext instances.
* Removed support for running our tests with setup.py test.
* Add support for :class:`~cryptography.hazmat.primitives.poly1305.Poly1305`
when using OpenSSL 1.1.1 or newer.
* Support serialization with Encoding.OpenSSH and PublicFormat.OpenSSH
in :meth:`Ed25519PublicKey.public_bytes <cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey.public_bytes>` .
* Correctly allow passing a SubjectKeyIdentifier to :meth:`~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier`
and deprecate passing an Extension object.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=116
- Dependency on python-idna changed to "Recommends" aligned with
change in upstream source (see below)
- update to 2.5:
* BACKWARDS INCOMPATIBLE: U-label strings were deprecated in version 2.1,
but this version removes the default idna dependency as well. If you still
need this deprecated path please install cryptography with the idna extra:
pip install cryptography[idna].
* BACKWARDS INCOMPATIBLE: The minimum supported PyPy version is now 5.4.
* Numerous classes and functions have been updated to allow bytes-like
types for keying material and passwords, including symmetric algorithms,
AEAD ciphers, KDFs, loading asymmetric keys, and one time password classes.
* Updated Windows, macOS, and manylinux1 wheels to be compiled with OpenSSL 1.1.1a.
* Added support for SHA512_224 and SHA512_256 when using OpenSSL 1.1.1.
* Added support for SHA3_224, SHA3_256, SHA3_384, and SHA3_512 when using OpenSSL 1.1.1.
* Added support for X448 key exchange when using OpenSSL 1.1.1.
* Added support for SHAKE128 and SHAKE256 when using OpenSSL 1.1.1.
* Added initial support for parsing PKCS12 files with load_key_and_certificates().
* Added support for IssuingDistributionPoint.
* Added rfc4514_string() method to x509.Name,
x509.RelativeDistinguishedName, and x509.NameAttribute to format the name
or component an RFC 4514 Distinguished Name string.
* Added from_encoded_point(), which immediately checks if the point is on
the curve and supports compressed points. Deprecated the previous method
from_encoded_point().
* Added signature_hash_algorithm to OCSPResponse.
* Updated X25519 key exchange support to allow additional serialization
methods. Calling public_bytes() with no arguments has been deprecated.
* Added support for encoding compressed and uncompressed points via
public_bytes(). Deprecated the previous method encode_point().
OBS-URL: https://build.opensuse.org/request/show/669484
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=110
- Update to 2.4.1:
* Dropped support for LibreSSL 2.4.x.
* Deprecated OpenSSL 1.0.1 support. OpenSSL 1.0.1 is no
longer supported by the OpenSSL project. At this time there
is no time table for dropping support, however we strongly
encourage all users to upgrade or install cryptography from
a wheel.
* Added initial :doc:`OCSP </x509/ocsp>` support.
* Added support for cryptography.x509.PrecertPoison.
OBS-URL: https://build.opensuse.org/request/show/659254
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-cryptography?expand=0&rev=43
* Dropped support for LibreSSL 2.4.x.
* Deprecated OpenSSL 1.0.1 support. OpenSSL 1.0.1 is no
longer supported by the OpenSSL project. At this time there
is no time table for dropping support, however we strongly
encourage all users to upgrade or install cryptography from
a wheel.
* Added initial :doc:`OCSP </x509/ocsp>` support.
* Added support for cryptography.x509.PrecertPoison.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=105
- update to 2.3:
* SECURITY ISSUE: finalize_with_tag() allowed tag truncation by default
which can allow tag forgery in some cases. The method now enforces the
min_tag_length provided to the GCM constructor.
* Added support for Python 3.7.
* Added extract_timestamp() to get the authenticated timestamp of a Fernet token.
* Support for Python 2.7.x without hmac.compare_digest has been deprecated.
We will require Python 2.7.7 or higher (or 2.7.6 on Ubuntu) in the next
cryptography release.
* Fixed multiple issues preventing cryptography from compiling
against LibreSSL 2.7.x.
* Added get_revoked_certificate_by_serial_number for quick
serial number searches in CRLs.
* The RelativeDistinguishedName class now preserves the order of attributes.
Duplicate attributes now raise an error instead of silently discarding duplicates.
* aes_key_unwrap() and aes_key_unwrap_with_padding() now raise InvalidUnwrap
if the wrapped key is an invalid length, instead of ValueError.
OBS-URL: https://build.opensuse.org/request/show/623674
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=100
- Cleanup with spec-cleaner
- Use %setup to unpack all archives do not rely on tar calls
- Update to upstream release 2.2.1:
* Reverted a change to GeneralNames which prohibited having zero elements,
due to breakages.
* Fixed a bug in
:func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding`
that caused it to raise InvalidUnwrap when key length modulo 8 was zero.
* BACKWARDS INCOMPATIBLE: Support for Python 2.6 has been dropped.
* Resolved a bug in HKDF that incorrectly constrained output size.
* Added
:class:`~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP256R1`,
:class:`~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP384R1`, and
:class:`~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP512R1` to
support inter-operating with systems like German smart meters.
* Added token rotation support to :doc:`Fernet </fernet>` with
:meth:`~cryptography.fernet.MultiFernet.rotate`.
* Fixed a memory leak in
:func:`~cryptography.hazmat.primitives.asymmetric.ec.derive_private_key`.
* Added support for AES key wrapping with padding via
:func:`~cryptography.hazmat.primitives.keywrap.aes_key_wrap_with_padding` and
:func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding` .
* Allow loading DSA keys with 224 bit q.
OBS-URL: https://build.opensuse.org/request/show/591618
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-cryptography?expand=0&rev=38
- Use %setup to unpack all archives do not rely on tar calls
- Update to upstream release 2.2.1:
* Reverted a change to GeneralNames which prohibited having zero elements,
due to breakages.
* Fixed a bug in
:func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding`
that caused it to raise InvalidUnwrap when key length modulo 8 was zero.
* BACKWARDS INCOMPATIBLE: Support for Python 2.6 has been dropped.
* Resolved a bug in HKDF that incorrectly constrained output size.
* Added
:class:`~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP256R1`,
:class:`~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP384R1`, and
:class:`~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP512R1` to
support inter-operating with systems like German smart meters.
* Added token rotation support to :doc:`Fernet </fernet>` with
:meth:`~cryptography.fernet.MultiFernet.rotate`.
* Fixed a memory leak in
:func:`~cryptography.hazmat.primitives.asymmetric.ec.derive_private_key`.
* Added support for AES key wrapping with padding via
:func:`~cryptography.hazmat.primitives.keywrap.aes_key_wrap_with_padding` and
:func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding` .
* Allow loading DSA keys with 224 bit q.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=94
