3be516f43a
- update to 37.0.2: * Fixed an issue where parsing an encrypted private key with the public loader functions would hang waiting for console input on OpenSSL 3.0.x rather than raising an error. * Restored some legacy symbols for older `pyOpenSSL users. These will be removed again in the future, so pyOpenSSL users should still upgrade to the latest version of that package when they upgrade cryptography. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.2. * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL 2.9.x and 3.0.x. The new minimum LibreSSL version is 3.1+. * **BACKWARDS INCOMPATIBLE:** Removed signer and verifier methods from the public key and private key classes. These methods were originally deprecated in version 2.0, but had an extended deprecation timeline due to usage. Any remaining users should transition to sign and verify. * Deprecated OpenSSL 1.1.0 support. OpenSSL 1.1.0 is no longer supported by the OpenSSL project. The next release of cryptography will be the last to support compiling with OpenSSL 1.1.0. * Deprecated Python 3.6 support. Python 3.6 is no longer supported by the Python core team. Support for Python 3.6 will be removed in a future cryptography release. * Deprecated the current minimum supported Rust version (MSRV) of 1.41.0. In the next release we will raise MSRV to 1.48.0. Users with the latest pip will typically get a wheel and not need Rust installed, but check :doc:/installation for documentation on installing a newer rustc if required. * Deprecated :class:~cryptography.hazmat.primitives.ciphers.algorithms.CAST5, :class:~cryptography.hazmat.primitives.ciphers.algorithms.SEED, :class:~cryptography.hazmat.primitives.ciphers.algorithms.IDEA, and :class:~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish` because
Dirk Mueller2022-05-24 06:59:20 +00:00
021f24b88a
Accepting request 844617 from home:stroeder:branches:devel:languages:python
Matej Cepl2020-10-28 21:43:09 +00:00
ea489a9bb4
Accepting request 844069 from home:stroeder:branches:devel:languages:python
Dirk Mueller2020-10-26 14:11:17 +00:00
4ba9d27213
- update to 3.1.1: * wheels compiled with OpenSSL 1.1.1h.
Dirk Mueller2020-09-28 10:55:56 +00:00
6b9b120500
- update to 3.1: * **BACKWARDS INCOMPATIBLE:** Removed support for `idna based :term:U-label parsing in various X.509 classes. This support was originally deprecated in version 2.1 and moved to an extra in 2.5. * Deprecated OpenSSL 1.0.2 support. OpenSSL 1.0.2 is no longer supported by the OpenSSL project. The next version of cryptography will drop support for it. * Deprecated support for Python 3.5. This version sees very little use and will be removed in the next release. * backend arguments to functions are no longer required and the default backend will automatically be selected if no backend is provided. * Added initial support for parsing certificates from PKCS7 files with :func:~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certificates and :func:~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certificates . * Calling update or update_into on :class:~cryptography.hazmat.primitives.ciphers.CipherContext with data longer than 2\ :sup:31 bytes no longer raises an OverflowError. This also resolves the same issue in :doc:/fernet`.
Dirk Mueller2020-09-18 11:16:26 +00:00
5622a86892
- update to 3.0 - refreshed disable-uneven-sizes-tests.patch and skip_openssl_memleak_test.patch * Removed support for passing an Extension instance to from_issuer_subject_key_identifier(), as per our deprecation policy. * Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed * Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or newer. * RSA generate_private_key() no longer accepts public_exponent values except 65537 and 3 (the latter for legacy purposes). * X.509 certificate parsing now enforces that the version field contains a valid value, rather than deferring this check until version is accessed. * Deprecated support for Python 2 * Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa private keys: load_ssh_private_key() for loading and OpenSSH for writing. * Added support for OpenSSH certificates to load_ssh_public_key(). * Added encrypt_at_time() and decrypt_at_time() to Fernet. * Added support for the SubjectInformationAccess X.509 extension. * Added support for parsing SignedCertificateTimestamps in OCSP responses. * Added support for parsing attributes in certificate signing requests via get_attribute_for_oid(). * Added support for encoding attributes in certificate signing requests via add_attribute(). * On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL’s built-in CSPRNG instead of its own OS random engine because these versions of OpenSSL properly reseed on fork. * Added initial support for creating PKCS12 files with serialize_key_and_certificates().
Ondřej Súkup2020-07-28 17:32:18 +00:00
83e4d4a20f
Accepting request 805793 from devel:languages:python
Yuchen Lin2020-05-28 07:06:29 +00:00
5385207b84
Accepting request 805791 from home:stroeder:branches:devel:languages:python
Tomáš Chvátal
2020-05-15 10:03:46 +00:00
fe2262916c
- update to 2.7 * BACKWARDS INCOMPATIBLE: Removed the cryptography.hazmat.primitives.mac.MACContext interface. The CMAC and HMAC APIs have not changed, but they are no longer registered as MACContext instances. * Removed support for running our tests with setup.py test. * Add support for :class:~cryptography.hazmat.primitives.poly1305.Poly1305 when using OpenSSL 1.1.1 or newer. * Support serialization with Encoding.OpenSSH and PublicFormat.OpenSSH in :meth:Ed25519PublicKey.public_bytes <cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey.public_bytes> . * Correctly allow passing a SubjectKeyIdentifier to :meth:~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier and deprecate passing an Extension object.
Ondřej Súkup2019-06-03 13:48:58 +00:00
25faabaf24
- Update to 2.4.1: * Dropped support for LibreSSL 2.4.x. * Deprecated OpenSSL 1.0.1 support. OpenSSL 1.0.1 is no longer supported by the OpenSSL project. At this time there is no time table for dropping support, however we strongly encourage all users to upgrade or install cryptography from a wheel. * Added initial :doc:OCSP </x509/ocsp> support. * Added support for cryptography.x509.PrecertPoison.
Matej Cepl2018-12-06 12:18:27 +00:00
56954fb82e
- Fix fdupes call
Tomáš Chvátal
2018-12-06 11:48:48 +00:00
bb01e86150
- Cleanup with spec-cleaner - Use %setup to unpack all archives do not rely on tar calls - Update to upstream release 2.2.1: * Reverted a change to GeneralNames which prohibited having zero elements, due to breakages. * Fixed a bug in :func:~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding that caused it to raise InvalidUnwrap when key length modulo 8 was zero. * BACKWARDS INCOMPATIBLE: Support for Python 2.6 has been dropped. * Resolved a bug in HKDF that incorrectly constrained output size. * Added :class:~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP256R1, :class:~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP384R1, and :class:~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP512R1 to support inter-operating with systems like German smart meters. * Added token rotation support to :doc:Fernet </fernet> with :meth:~cryptography.fernet.MultiFernet.rotate. * Fixed a memory leak in :func:~cryptography.hazmat.primitives.asymmetric.ec.derive_private_key. * Added support for AES key wrapping with padding via :func:~cryptography.hazmat.primitives.keywrap.aes_key_wrap_with_padding and :func:~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding . * Allow loading DSA keys with 224 bit q.
Tomáš Chvátal
2018-03-26 07:50:13 +00:00
436a448dcb
Accepting request 590930 from home:stroeder:branches:devel:languages:python
Tomáš Chvátal
2018-03-26 07:42:54 +00:00
Dirk Mueller
Dominique Leuenberger
Matej Cepl
Markéta Machová
Ondřej Súkup
Yuchen Lin
Tomáš Chvátal
Stephan Kulow
Jan Matejek
Michael Ströder
Thomas Bechtold