python/python-cryptography
SHA256
14
0
Fork 0
forked from pool/python-cryptography
Code Pull Requests Activity

Commit Graph

  • a8875585c3 - Add Make-unsafe-subinterpreter-support-available-via-cfg.patch to allow ceph-mgr to load modules (boo#1248987) main Matej Cepl 2025-09-02 16:25:01 +00:00
  • 05aa83f87a OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=250 Dirk Mueller 2025-07-12 11:36:31 +00:00
  • f7b5d3406b - update to 45.0.5: * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.1. * Fixed decrypting PKCS#8 files encrypted with SHA1-RC4. (This is not considered secure, and is supported only for backwards compatibility.) * Fixed decrypting PKCS#8 files encrypted with long salts (this impacts keys encrypted by Bouncy Castle). * Fixed decrypting PKCS#8 files encrypted with DES-CBC-MD5. While wildly insecure, this remains prevalent. * Fixed using mypy with cryptography on older versions of Python. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.0. * Support for Python 3.7 is deprecated and will be removed in the next cryptography release. * Updated the minimum supported Rust version (MSRV) to 1.74.0, from 1.65.0. * Added support for serialization of PKCS#12 Java truststores in :func:~cryptography.hazmat.primitives.serialization.pkcs1 2.serialize_java_truststore * Added :meth:~cryptography.hazmat.primitives.kdf.argon2.Argon 2id.derive_phc_encoded and :meth:~cryptography.hazmat.primi tives.kdf.argon2.Argon2id.verify_phc_encoded methods to support password hashing in the PHC string format * Added support for PKCS7 decryption and encryption using AES-256 as the content algorithm, in addition to AES-128. * BACKWARDS INCOMPATIBLE: Made SSH private key loading more consistent with other private key loading: :func:~cryptograp hy.hazmat.primitives.serialization.load_ssh_private_key now Dirk Mueller 2025-07-12 08:36:35 +00:00
  • 8cc389ca91 Accepting request 1275322 from home:nkrapp:branches:devel:languages:python Matej Cepl 2025-05-12 06:29:50 +00:00
  • 86212cb275 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=245 Dirk Mueller 2025-03-24 07:17:45 +00:00
  • 49c2af7efe - update to 44.0.2: * We now build wheels for PyPy 3.11. Dirk Mueller 2025-03-23 21:41:51 +00:00
  • f9cfc76a25 - update to 44.0.1: * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1. * We now build armv7l manylinux wheels and publish them to PyPI. * We now build manylinux_2_34 wheels and publish them to PyPI. Dirk Mueller 2025-02-26 09:41:33 +00:00
  • 97ea33263f OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=240 Dirk Mueller 2025-02-03 08:32:36 +00:00
  • d16ebd39b1 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=239 Dirk Mueller 2025-01-29 08:54:07 +00:00
  • f5ba922d03 Accepting request 1240357 from home:uncomfyhalomacro:branches:devel:languages:python Dirk Mueller 2025-01-29 08:34:20 +00:00
  • a23a32b0fc Accepting request 1222713 from home:bnavigator:branches:devel:languages:python Matej Cepl 2024-11-08 15:01:32 +00:00
  • dc005f9428 Accepting request 1221332 from home:dimstar:Factory Markéta Machová 2024-11-05 11:51:09 +00:00
  • ab085b0ccb - update to 43.0.3: * Fixed release metadata for cryptography-vectors * Fixed compilation when using LibreSSL 4.0.0. Dirk Mueller 2024-10-22 13:26:27 +00:00
  • d0f3a45356 - update to 43.0.1: * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.2. Dirk Mueller 2024-09-28 19:46:03 +00:00
  • f7ba2ec349 Accepting request 1201230 from home:gladiac:mailman Markéta Machová 2024-09-16 11:21:15 +00:00
  • ee194dc64a Use %cargo_build macro instead of plain call to cargo. Matej Cepl 2024-08-12 22:30:46 +00:00
  • 62822ccf47 Fix variable Matej Cepl 2024-08-12 20:37:07 +00:00
  • 753c1564b0 - Fix building optimized binaries with debuginfo. Matej Cepl 2024-08-12 20:36:26 +00:00
  • b64cb99724 - Update building of Rust modules to use modern cargo_vendor service - Remove unneeded use-offline-build.patch Matej Cepl 2024-07-31 21:48:34 +00:00
  • ce9d9d4489 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=221 Dirk Mueller 2024-07-26 13:27:22 +00:00
  • 09f5cf4053 - update to 43.0.0: * BACKWARDS INCOMPATIBLE: Support for OpenSSL less than 1.1.1e has been removed. Users on older version of OpenSSL will need to upgrade. * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.8. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.1. * Updated the minimum supported Rust version (MSRV) to 1.65.0, from 1.63.0. * :func:~cryptography.hazmat.primitives.asymmetric.rsa.generat e_private_key now enforces a minimum RSA key size of 1024-bit. Note that 1024-bit is still considered insecure, users should generally use a key size of 2048-bits. * :func:~cryptography.hazmat.primitives.serialization.pkcs7.se rialize_certificates now emits ASN.1 that more closely follows the recommendations in RFC 2315. * Added new :doc:/hazmat/decrepit/index module which contains outdated and insecure cryptographic primitives. :class:~cryp tography.hazmat.primitives.ciphers.algorithms.CAST5, :class: ~cryptography.hazmat.primitives.ciphers.algorithms.SEED, :c lass:~cryptography.hazmat.primitives.ciphers.algorithms.IDEA , and :class:~cryptography.hazmat.primitives.ciphers.algori thms.Blowfish, which were deprecated in 37.0.0, have been added to this module. They will be removed from the cipher module in 45.0.0. * Moved :class:~cryptography.hazmat.primitives.ciphers.algorit hms.TripleDES and :class:~cryptography.hazmat.primitives.ci phers.algorithms.ARC4 into :doc:/hazmat/decrepit/index and deprecated them in the cipher module. They will be removed from the cipher module in 48.0.0. Dirk Mueller 2024-07-26 10:51:57 +00:00
  • 5fd0f8aee2 - update to 42.0.8: * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.2. Dirk Mueller 2024-06-08 12:04:45 +00:00
  • 1bcd019a4b - update to 42.0.7: * Restored Windows 7 compatibility for our pre-built wheels. Note that we do not test on Windows 7 and wheels for our next release will not support it. Microsoft no longer provides support for Windows 7 and users are encouraged to upgrade. Dirk Mueller 2024-05-07 16:14:48 +00:00
  • 7d82e714af - update to 42.0.6: * Fixed compilation when using LibreSSL 3.9.1. Dirk Mueller 2024-05-07 07:36:43 +00:00
  • 469d7f8302 - update to 42.0.5: * Limit the number of name constraint checks that will be performed in :mod:X.509 path validation <cryptography.x509.verification> to protect against denial of service attacks. * Upgrade pyo3 version, which fixes building on PowerPC. Dirk Mueller 2024-04-02 13:19:25 +00:00
  • 91c292e92f - remove not working tests for ix86 Daniel Garcia 2024-02-22 18:03:16 +00:00
  • 22718d2516 - update to 42.0.4 (bsc#1220210, CVE-2024-26130): * Fixed a null-pointer-dereference and segfault that could occur when creating a PKCS#12 bundle. Credit to Alexander-Programming for reporting the issue. CVE-2024-26130 * Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields SMIMECapabilities and SignatureAlgorithmIdentifier should now be correctly encoded according to the definitions in :rfc:2633 :rfc:3370. - update to 42.0.3: * Fixed an initialization issue that caused key loading failures for some users. - Drop patch skip_openssl_memleak_test.patch not needed anymore. Daniel Garcia 2024-02-22 17:38:15 +00:00
  • 1baef87c05 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=208 Dirk Mueller 2024-02-04 19:12:18 +00:00
  • bc9c1dde8b OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=207 Dirk Mueller 2024-02-04 18:53:53 +00:00
  • 4507ff5d23 - update to 42.0.2: * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.1. * Fixed an issue that prevented the use of Python buffer protocol objects in sign and verify methods on asymmetric keys. * Fixed an issue with incorrect keyword-argument naming with EllipticCurvePrivateKey :meth:~cryptography.hazmat.primitive s.asymmetric.ec.EllipticCurvePrivateKey.exchange, X25519PrivateKey :meth:~cryptography.hazmat.primitives.asymm etric.x25519.X25519PrivateKey.exchange, X448PrivateKey :meth :~cryptography.hazmat.primitives.asymmetric.x448.X448Private Key.exchange, and DHPrivateKey :meth:~cryptography.hazmat.p rimitives.asymmetric.dh.DHPrivateKey.exchange. Dirk Mueller 2024-01-31 17:24:40 +00:00
  • 2f68d9363c - update to 42.0.1: * Fixed an issue with incorrect keyword-argument naming with EllipticCurvePrivateKey :meth:~cryptography.hazmat.primitive s.asymmetric.ec.EllipticCurvePrivateKey.sign. * Resolved compatibility issue with loading certain RSA public keys in :func:~cryptography.hazmat.primitives.serialization. load_pem_public_key. * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.7. * BACKWARDS INCOMPATIBLE: Loading a PKCS7 with no content field using :func:~cryptography.hazmat.primitives.serialization.pk cs7.load_pem_pkcs7_certificates or :func:~cryptography.hazm at.primitives.serialization.pkcs7.load_der_pkcs7_certificates will now raise a ValueError rather than return an empty list. * Parsing SSH certificates no longer permits malformed critical options with values, as documented in the 41.0.2 release notes. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0. * Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0. * We now publish both py37 and py39 abi3 wheels. This should resolve some errors relating to initializing a module multiple times per process. * Support :class:~cryptography.hazmat.primitives.asymmetric.pa dding.PSS for X.509 certificate signing requests and certificate revocation lists with the keyword-only argument rsa_padding on the sign methods for :class:~cryptography.x509.CertificateSigningRequestBuilder and Dirk Mueller 2024-01-29 14:19:13 +00:00
  • 70f0f2e8c2 - update to 41.0.7 (CVE-2023-49083, bsc#1217592): Dirk Mueller 2023-11-28 12:51:56 +00:00
  • ec10c5ca11 - update to 41.0.7 (CVE-2023-49083, bsc#FIXME): * Fixed compilation when using LibreSSL 3.8.2. * Fixed a null-pointer-dereference and segfault that could occur when loading certificates from a PKCS#7 bundle. Credit to **pkuzco** for reporting the issue. **CVE-2023-49083** Dirk Mueller 2023-11-28 09:39:28 +00:00
  • 35e0fa6aa4 - update to 41.0.5: * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.4. * Added a function to support an upcoming `pyOpenSSL release. parameters in X.509 certificates, which are * Fixed error when using py2app to build an application with a cryptography dependency. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 1.1.1n. - split tests in a multibuild variant to optimize rebuild time a bit * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 1.1.1m. - drop disable-RustExtension.patch: building rust extension now * Re-added a legacy symbol causing problems for older pyOpenSSL` use signature. * wheels compiled with OpenSSL 1.1.1h. - Removed support for calling public_bytes() with no arguments, as per * BACKWARDS INCOMPATIBLE: Removedcryptography.hazmat.primitives.asymmetric.utils.encode_rfc6979_signature andcryptography.hazmat.primitives.asymmetric.utils.decode_rfc6979_signature, which had been deprecated for nearly 4 years. Use encode_dss_signature() * BACKWARDS INCOMPATIBLE: Removed cryptography.x509.Certificate.serial, which * Add support for easily mapping an object identifier to its elliptic curve * Add support for OpenSSL when compiled with the no-engine * BACKWARDS INCOMPATIBLE: U-label strings were deprecated in version 2.1, but this version removes the default idna dependency as well. If you still need this deprecated path please install cryptography with the idna extra: * Numerous classes and functions have been updated to allow bytes-like types for keying material and passwords, including symmetric algorithms, * Added rfc4514_string() method to x509.Name, x509.RelativeDistinguishedName, and x509.NameAttribute to format the name * Added from_encoded_point(), which immediately checks if the point is on Dirk Mueller 2023-11-10 13:29:19 +00:00
  • c880559867 - update to 41.0.4: * ~~~~~~~~~~~~~~~~~~~ * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.3. * .. _v41-0-3: Dirk Mueller 2023-10-05 09:30:49 +00:00
  • 0f0452c689 - Update to 39.0.1 (bsc#1208036, CVE-2023-23931): * drops CVE-2023-23931-dont-allow-update-into.patch in older dists Dirk Mueller 2023-09-06 20:34:30 +00:00
  • 9ed6a9c7a8 - update to 41.0.3: * Fixed performance regression loading DH public keys. * Fixed a memory leak when using * :class:~cryptography.hazmat.primitives.ciphers.aead.ChaCha20 Poly1305. Dirk Mueller 2023-08-08 10:57:35 +00:00
  • a74a7d5144 - Add reference to bsc#1213378 and CVE-2023-38325 Daniel Garcia 2023-07-18 12:05:23 +00:00
  • 985179992e - update to 41.0.2: * Fixed bugs in creating and parsing SSH certificates where critical options with values were handled incorrectly. Certificates are now created correctly and parsing accepts correct values as well as the previously generated invalid forms with a warning. In the next release, support for parsing these invalid forms will be removed. Dirk Mueller 2023-07-11 13:46:03 +00:00
  • af1b2b2d21 Accepting request 1098106 from home:ojkastl_buildservice:Branch_devel_languages_python Dirk Mueller 2023-07-11 13:39:26 +00:00
  • 9a5eb8ae60 Accepting request 1098044 from home:mcepl:branches:devel:languages:python Matej Cepl 2023-07-11 05:55:34 +00:00
  • cb3e8c6d77 Add reference to bsc#1212568 Matej Cepl 2023-06-22 16:36:45 +00:00
  • d024f843b5 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=185 Dirk Mueller 2023-06-20 17:14:00 +00:00
  • 7fafc344c8 - update to 41.0.1: * Temporarily allow invalid ECDSA signature algorithm parameters in X.509 certificates, which are generated by older versions of Java. * Allow null bytes in pass phrases when serializing private keys. * **BACKWARDS INCOMPATIBLE:** Support for OpenSSL less than 1.1.1d has been removed. Users on older version of OpenSSL will need to upgrade. * **BACKWARDS INCOMPATIBLE:** Support for Python 3.6 has been removed. * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.6. * Updated the minimum supported Rust version (MSRV) to 1.56.0, from 1.48.0. * Added support for the :class:~cryptography.x509.OCSPAcceptableResponses OCSP extension. * Added support for the :class:~cryptography.x509.MSCertificateTemplate proprietary Microsoft certificate extension. * Implemented support for equality checks on all asymmetric public key types. * Added support for `aes256-gcm@openssh.com encrypted keys in :func:~cryptography.hazmat.primitives.serialization.load_ssh _private_key`. * Added support for obtaining X.509 certificate signature algorithm parameters (including PSS) Dirk Mueller 2023-06-19 20:44:25 +00:00
  • 82d7f13141 Accepting request 1081377 from home:dirkmueller:acdc:as_python3_module Matej Cepl 2023-04-22 06:18:33 +00:00
  • 9ec52d9d7d - update to 40.0.2: * Fixed compilation when using LibreSSL 3.7.2. Dirk Mueller 2023-04-15 10:27:13 +00:00
  • 54a0f9a21e Accepting request 1074567 from home:ojkastl_buildservice:Branch_devel_languages_python Dirk Mueller 2023-03-27 07:21:36 +00:00
  • d31ee80686 - update to 40.0.1: * Support for Python 3.6 is deprecated and will be removed in the next release. * Deprecated the current minimum supported Rust version (MSRV) of 1.48.0. In the next release we will raise MSRV to 1.56.0. Users with the latest `pip will typically get a wheel and not need Rust installed * Deprecated support for OpenSSL less than 1.1.1d. The next release of cryptography will drop support for older versions. * Deprecated support for DSA keys in :func:~cryptography.hazmat.primitives.serialization.load_s sh_public_key and :func:~cryptography.hazmat.primitives.serialization.load_s sh_private_key. * Deprecated support for OpenSSH serialization in :class:~cryptography.hazmat.primitives.asymmetric.dsa.DSAP ublicKey and :class:~cryptography.hazmat.primitives.asymmetric.dsa.DSAP rivateKey. * Added support for parsing SSH certificates in addition to public keys with :func:~cryptography.hazmat.primitives.serialization.load_s sh_public_identity. :func:~cryptography.hazmat.primitives.serialization.load_s sh_public_key continues to support only public keys. * Added support for generating SSH certificates with :class:~cryptography.hazmat.primitives.serialization.SSHCe rtificateBuilder`. Dirk Mueller 2023-03-26 19:59:51 +00:00
  • 6b5cf01ce1 - update to 39.0.2: * Fixed a bug where the content type header was not properly encoded for PKCS7 signatures when using the `Text option and SMIME` encoding. Dirk Mueller 2023-03-07 07:38:33 +00:00
  • 8de3fa37ad Accepting request 1063993 from home:mcepl:branches:devel:languages:python Matej Cepl 2023-02-09 11:18:54 +00:00
  • 24bd9a4244 Accepting request 1057951 from home:ojkastl_buildservice:ansible_for_SLES15SP4 Matej Cepl 2023-01-13 00:35:03 +00:00
  • f2d67db72c OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=168 Dirk Mueller 2023-01-05 21:13:05 +00:00
  • 7333d27eea - update to 39.0.0: * **BACKWARDS INCOMPATIBLE:** Support for OpenSSL 1.1.0 has been removed. Users on older version of OpenSSL will need to upgrade. * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.5. The new minimum LibreSSL version is 3.5.0. Going forward our policy is to support versions of LibreSSL that are available in versions of OpenBSD that are still receiving security support. * **BACKWARDS INCOMPATIBLE:** Removed the `encode_point and from_encoded_point methods on :class:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicNumbers, which had been deprecated for several years. :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.public_bytes and :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.from_encoded_point should be used instead. * **BACKWARDS INCOMPATIBLE:** Support for using MD5 or SHA1 in :class:~cryptography.x509.CertificateBuilder, other X.509 builders, and PKCS7 has been removed. * **ANNOUNCEMENT:** The next version of cryptography (40.0) will change the way we link OpenSSL. This will only impact users who build cryptography from source (i.e., not from a wheel), and specify their own version of OpenSSL. For those users, the CFLAGS, LDFLAGS, INCLUDE, LIB, and CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS environment variables will no longer be respected. Instead, users will need to configure their builds as documented here`_. * Added support for disabling the legacy provider in OpenSSL 3.0.x * Added support for disabling RSA key validation checks when loading RSA keys via ~cryptography.hazmat.primitives.serialization.load_pem_private_key Dirk Mueller 2023-01-02 19:50:55 +00:00
  • 7de9edad2b Accepting request 1041287 from home:yarunachalam:branches:devel:languages:python Dirk Mueller 2022-12-08 11:47:57 +00:00
  • 1d2aefdc5c Accepting request 1033458 from home:mcepl:branches:devel:languages:python Matej Cepl 2022-11-04 07:58:36 +00:00
  • 7c43eed0a5 - update to 38.0.1: * Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically seen in large CRLs). * Final deprecation of OpenSSL 1.1.0. The next release of `cryptography will drop support. * We no longer ship manylinux2010 wheels. Users should upgrade to the latest pip to ensure this doesn't cause issues downloading wheels on their platform. We now ship manylinux_2_28 wheels for users on new enough platforms. * Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0. Users with the latest pip will typically get a wheel and not need Rust installed, but check :doc:/installation for documentation on installing a newer rustc if required. * :meth:~cryptography.fernet.Fernet.decrypt and related methods now accept both str and bytes tokens. * Parsing CertificateSigningRequest restores the behavior of enforcing that the Extension critical field must be correctly encoded DER. See the issue <https://github.com/pyca/cryptography/issues/6368>_ for complete details. * Added two new OpenSSL functions to the bindings to support an upcoming pyOpenSSL release. * When parsing :class:~cryptography.x509.CertificateRevocationList and :class:~cryptography.x509.CertificateSigningRequest values, it is now enforced that the version value in the input must be valid according to the rules of :rfc:2986 and :rfc:5280. * Using MD5 or SHA1 in :class:~cryptography.x509.CertificateBuilder and other X.509 builders is deprecated and support will be removed in the next version. * Added additional APIs to :class:~cryptography.x509.certificate_transparency.SignedCertificateTimestamp`, including Dirk Mueller 2022-09-29 19:43:01 +00:00
  • e3b9f39c63 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=159 Dirk Mueller 2022-07-19 12:07:48 +00:00
  • 6231e32722 - update to 37.0.4: * updated wheels to b ecompiled against openssl 3.0.5 Dirk Mueller 2022-07-19 12:07:27 +00:00
  • 774bcc3f83 Accepting request 981552 from home:gladiac:mailman3 Matej Cepl 2022-06-13 06:38:29 +00:00
  • 6580b793ba OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=154 Dirk Mueller 2022-05-24 08:05:54 +00:00
  • 3be516f43a - update to 37.0.2: * Fixed an issue where parsing an encrypted private key with the public loader functions would hang waiting for console input on OpenSSL 3.0.x rather than raising an error. * Restored some legacy symbols for older `pyOpenSSL users. These will be removed again in the future, so pyOpenSSL users should still upgrade to the latest version of that package when they upgrade cryptography. * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.2. * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL 2.9.x and 3.0.x. The new minimum LibreSSL version is 3.1+. * **BACKWARDS INCOMPATIBLE:** Removed signer and verifier methods from the public key and private key classes. These methods were originally deprecated in version 2.0, but had an extended deprecation timeline due to usage. Any remaining users should transition to sign and verify. * Deprecated OpenSSL 1.1.0 support. OpenSSL 1.1.0 is no longer supported by the OpenSSL project. The next release of cryptography will be the last to support compiling with OpenSSL 1.1.0. * Deprecated Python 3.6 support. Python 3.6 is no longer supported by the Python core team. Support for Python 3.6 will be removed in a future cryptography release. * Deprecated the current minimum supported Rust version (MSRV) of 1.41.0. In the next release we will raise MSRV to 1.48.0. Users with the latest pip will typically get a wheel and not need Rust installed, but check :doc:/installation for documentation on installing a newer rustc if required. * Deprecated :class:~cryptography.hazmat.primitives.ciphers.algorithms.CAST5, :class:~cryptography.hazmat.primitives.ciphers.algorithms.SEED, :class:~cryptography.hazmat.primitives.ciphers.algorithms.IDEA, and :class:~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish` because Dirk Mueller 2022-05-24 06:59:20 +00:00
  • d065a868d9 - drops CVE-2020-36242-buffer-overflow.patch on older dists - drops 5507-mitigate-Bleichenbacher-attacks.patch on older dists Dirk Mueller 2022-04-15 12:58:16 +00:00
  • 1f9ae122bd - update to 3.3.2 (bsc#1182066, CVE-2020-36242, bsc#1198331): Dirk Mueller 2022-04-13 11:28:38 +00:00
  • 49825bc44a - update to 3.3.2 (bsc#1182066, CVE-2020-36242): - update to 3.2 (bsc#1178168, CVE-2020-25659): Dirk Mueller 2022-04-11 16:15:31 +00:00
  • d00e37f61b - update to 36.0.2: * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 1.1.1n. Dirk Mueller 2022-03-26 20:10:27 +00:00
  • 693c29aab3 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=144 Dirk Mueller 2022-02-16 19:56:54 +00:00
  • d35be4dda9 - split tests in a multibuild variant to optimize rebuild time a bit Dirk Mueller 2022-02-16 19:00:35 +00:00
  • b40bbd7bdf - update to 36.0.1: * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 1.1.1m. Dirk Mueller 2021-12-20 22:57:23 +00:00
  • 9758108b69 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=141 Dirk Mueller 2021-11-29 11:46:59 +00:00
  • 86a0858977 Accepting request 934514 from home:dirkmueller:Factory Matej Cepl 2021-11-29 11:07:36 +00:00
  • f943f3caf8 Accepting request 924948 from home:bnavigator:branches:devel:languages:python Matej Cepl 2021-10-13 00:59:08 +00:00
  • 235e4ac2e6 Accepting request 922968 from system:homeautomation:home-assistant:unstable Matej Cepl 2021-10-04 21:39:33 +00:00
  • b02abbbf1c - Remove unnecessary %ifpython3 construct Matej Cepl 2021-04-26 10:07:18 +00:00
  • 86fe90af53 Accepting request 870132 from home:stroeder:branches:devel:languages:python Markéta Machová 2021-02-08 14:51:39 +00:00
  • ad9919cf53 - update to 3.3.1: * Re-added a legacy symbol causing problems for older `pyOpenSSL` use Dirk Mueller 2020-12-20 10:25:05 +00:00
  • 2bc3285d02 Accepting request 854259 from home:darix:apps Matej Cepl 2020-12-09 14:02:46 +00:00
  • 696e7c78cc Accepting request 853432 from home:mcepl:branches:devel:tools:scm Matej Cepl 2020-12-07 05:05:38 +00:00
  • 021f24b88a Accepting request 844617 from home:stroeder:branches:devel:languages:python Matej Cepl 2020-10-28 21:43:09 +00:00
  • ea489a9bb4 Accepting request 844069 from home:stroeder:branches:devel:languages:python Dirk Mueller 2020-10-26 14:11:17 +00:00
  • 4ba9d27213 - update to 3.1.1: * wheels compiled with OpenSSL 1.1.1h. Dirk Mueller 2020-09-28 10:55:56 +00:00
  • 6b9b120500 - update to 3.1: * **BACKWARDS INCOMPATIBLE:** Removed support for `idna based :term:U-label parsing in various X.509 classes. This support was originally deprecated in version 2.1 and moved to an extra in 2.5. * Deprecated OpenSSL 1.0.2 support. OpenSSL 1.0.2 is no longer supported by the OpenSSL project. The next version of cryptography will drop support for it. * Deprecated support for Python 3.5. This version sees very little use and will be removed in the next release. * backend arguments to functions are no longer required and the default backend will automatically be selected if no backend is provided. * Added initial support for parsing certificates from PKCS7 files with :func:~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certificates and :func:~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certificates . * Calling update or update_into on :class:~cryptography.hazmat.primitives.ciphers.CipherContext with data longer than 2\ :sup:31 bytes no longer raises an OverflowError. This also resolves the same issue in :doc:/fernet`. Dirk Mueller 2020-09-18 11:16:26 +00:00
  • 5622a86892 - update to 3.0 - refreshed disable-uneven-sizes-tests.patch and skip_openssl_memleak_test.patch * Removed support for passing an Extension instance to from_issuer_subject_key_identifier(), as per our deprecation policy. * Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed * Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or newer. * RSA generate_private_key() no longer accepts public_exponent values except 65537 and 3 (the latter for legacy purposes). * X.509 certificate parsing now enforces that the version field contains a valid value, rather than deferring this check until version is accessed. * Deprecated support for Python 2 * Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa private keys: load_ssh_private_key() for loading and OpenSSH for writing. * Added support for OpenSSH certificates to load_ssh_public_key(). * Added encrypt_at_time() and decrypt_at_time() to Fernet. * Added support for the SubjectInformationAccess X.509 extension. * Added support for parsing SignedCertificateTimestamps in OCSP responses. * Added support for parsing attributes in certificate signing requests via get_attribute_for_oid(). * Added support for encoding attributes in certificate signing requests via add_attribute(). * On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL’s built-in CSPRNG instead of its own OS random engine because these versions of OpenSSL properly reseed on fork. * Added initial support for creating PKCS12 files with serialize_key_and_certificates(). Ondřej Súkup 2020-07-28 17:32:18 +00:00
  • 5385207b84 Accepting request 805791 from home:stroeder:branches:devel:languages:python Tomáš Chvátal 2020-05-15 10:03:46 +00:00
  • 388e9b6688 Accepting request 740730 from home:stroeder:branches:devel:languages:python Tomáš Chvátal 2019-10-18 10:16:50 +00:00
  • fe2262916c - update to 2.7 * BACKWARDS INCOMPATIBLE: Removed the cryptography.hazmat.primitives.mac.MACContext interface. The CMAC and HMAC APIs have not changed, but they are no longer registered as MACContext instances. * Removed support for running our tests with setup.py test. * Add support for :class:~cryptography.hazmat.primitives.poly1305.Poly1305 when using OpenSSL 1.1.1 or newer. * Support serialization with Encoding.OpenSSH and PublicFormat.OpenSSH in :meth:Ed25519PublicKey.public_bytes <cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey.public_bytes> . * Correctly allow passing a SubjectKeyIdentifier to :meth:~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier and deprecate passing an Extension object. Ondřej Súkup 2019-06-03 13:48:58 +00:00
  • c3ce8bdbcc OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=115 Tomáš Chvátal 2019-05-29 15:01:33 +00:00
  • ecd325a1e4 - Simplify the test execution to be more understandable Tomáš Chvátal 2019-05-29 15:01:07 +00:00
  • 8f97047f3b Accepting request 680280 from home:stroeder:branches:devel:languages:python Tomáš Chvátal 2019-03-01 08:03:10 +00:00
  • c661858933 Accepting request 669484 from home:stroeder:branches:devel:languages:python Tomáš Chvátal 2019-01-29 09:59:04 +00:00
  • 2daa290922 Accepting request 662647 from devel:languages:python:avocado Tomáš Chvátal 2019-01-03 12:07:59 +00:00
  • 25faabaf24 - Update to 2.4.1: * Dropped support for LibreSSL 2.4.x. * Deprecated OpenSSL 1.0.1 support. OpenSSL 1.0.1 is no longer supported by the OpenSSL project. At this time there is no time table for dropping support, however we strongly encourage all users to upgrade or install cryptography from a wheel. * Added initial :doc:OCSP </x509/ocsp> support. * Added support for cryptography.x509.PrecertPoison. Matej Cepl 2018-12-06 12:18:27 +00:00
  • 56954fb82e - Fix fdupes call Tomáš Chvátal 2018-12-06 11:48:48 +00:00
  • 3e285f9342 - Update to 2.3.1: * updated tests for upstream wycheproof changes * many other tiny test tweaks Tomáš Chvátal 2018-08-21 07:54:08 +00:00
  • 615f36f655 Accepting request 623674 from home:stroeder:branches:devel:languages:python Tomáš Chvátal 2018-07-18 14:32:41 +00:00
  • e832d4dbf8 Accepting request 616242 from home:mimi_vx:branches:devel:languages:python Tomáš Chvátal 2018-06-12 08:00:09 +00:00
  • fb93670dd3 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=96 Tomáš Chvátal 2018-03-27 13:15:02 +00:00
  • 35fed52986 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=95 Tomáš Chvátal 2018-03-27 12:55:23 +00:00
  • bb01e86150 - Cleanup with spec-cleaner - Use %setup to unpack all archives do not rely on tar calls - Update to upstream release 2.2.1: * Reverted a change to GeneralNames which prohibited having zero elements, due to breakages. * Fixed a bug in :func:~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding that caused it to raise InvalidUnwrap when key length modulo 8 was zero. * BACKWARDS INCOMPATIBLE: Support for Python 2.6 has been dropped. * Resolved a bug in HKDF that incorrectly constrained output size. * Added :class:~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP256R1, :class:~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP384R1, and :class:~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP512R1 to support inter-operating with systems like German smart meters. * Added token rotation support to :doc:Fernet </fernet> with :meth:~cryptography.fernet.MultiFernet.rotate. * Fixed a memory leak in :func:~cryptography.hazmat.primitives.asymmetric.ec.derive_private_key. * Added support for AES key wrapping with padding via :func:~cryptography.hazmat.primitives.keywrap.aes_key_wrap_with_padding and :func:~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding . * Allow loading DSA keys with 224 bit q. Tomáš Chvátal 2018-03-26 07:50:13 +00:00
  • 436a448dcb Accepting request 590930 from home:stroeder:branches:devel:languages:python Tomáš Chvátal 2018-03-26 07:42:54 +00:00
  • 06442f25ba Accepting request 582047 from home:computersalat:devel:python Tomáš Chvátal 2018-03-02 21:42:20 +00:00