forked from pool/python-cryptography
c6e8ed4e4a
- Add disable-uneven-sizes-tests.patch (bnc#944204) openssl in SLE12SP1 doesn't allow uneven bit sizes for rsa keys OBS-URL: https://build.opensuse.org/request/show/331785 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=18
310 lines
16 KiB
Plaintext
310 lines
16 KiB
Plaintext
-------------------------------------------------------------------
|
|
Thu Sep 17 13:11:06 UTC 2015 - tbechtold@suse.com
|
|
|
|
- Add disable-uneven-sizes-tests.patch (bnc#944204)
|
|
openssl in SLE12SP1 doesn't allow uneven bit sizes for rsa keys
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Aug 22 10:30:08 UTC 2015 - tbechtold@suse.com
|
|
|
|
- update to 1.0 (fate#318838):
|
|
* Switched to the new `cffi`_ ``set_source`` out-of-line API mode for
|
|
compilation. This results in significantly faster imports and lowered
|
|
memory consumption. Due to this change we no longer support PyPy releases
|
|
older than 2.6 nor do we support any released version of PyPy3 (until a
|
|
version supporting cffi 1.0 comes out).
|
|
* Fix parsing of OpenSSH public keys that have spaces in comments.
|
|
* Support serialization of certificate signing requests using the
|
|
``public_bytes`` method of
|
|
:class:`~cryptography.x509.CertificateSigningRequest`.
|
|
* Support serialization of certificates using the ``public_bytes`` method of
|
|
:class:`~cryptography.x509.Certificate`.
|
|
* Add ``get_provisioning_uri`` method to
|
|
:class:`~cryptography.hazmat.primitives.twofactor.hotp.HOTP` and
|
|
:class:`~cryptography.hazmat.primitives.twofactor.totp.TOTP` for generating
|
|
provisioning URIs.
|
|
* Add :class:`~cryptography.hazmat.primitives.kdf.concatkdf.ConcatKDFHash`
|
|
and :class:`~cryptography.hazmat.primitives.kdf.concatkdf.ConcatKDFHMAC`.
|
|
* Raise a ``TypeError`` when passing objects that are not text as the value to
|
|
:class:`~cryptography.x509.NameAttribute`.
|
|
* Add support for :class:`~cryptography.x509.OtherName` as a general name
|
|
type.
|
|
* Added new X.509 extension support in :class:`~cryptography.x509.Certificate`
|
|
The following new extensions are now supported:
|
|
|
|
* :class:`~cryptography.x509.OCSPNoCheck`
|
|
* :class:`~cryptography.x509.InhibitAnyPolicy`
|
|
* :class:`~cryptography.x509.IssuerAlternativeName`
|
|
* :class:`~cryptography.x509.NameConstraints`
|
|
|
|
* Extension support was added to
|
|
:class:`~cryptography.x509.CertificateSigningRequest`.
|
|
* Add support for creating signed certificates with
|
|
:class:`~cryptography.x509.CertificateBuilder`. This includes support for
|
|
the following extensions:
|
|
|
|
* :class:`~cryptography.x509.BasicConstraints`
|
|
* :class:`~cryptography.x509.SubjectAlternativeName`
|
|
* :class:`~cryptography.x509.KeyUsage`
|
|
* :class:`~cryptography.x509.ExtendedKeyUsage`
|
|
* :class:`~cryptography.x509.SubjectKeyIdentifier`
|
|
* :class:`~cryptography.x509.AuthorityKeyIdentifier`
|
|
* :class:`~cryptography.x509.AuthorityInformationAccess`
|
|
* :class:`~cryptography.x509.CRLDistributionPoints`
|
|
* :class:`~cryptography.x509.InhibitAnyPolicy`
|
|
* :class:`~cryptography.x509.IssuerAlternativeName`
|
|
* :class:`~cryptography.x509.OCSPNoCheck`
|
|
|
|
* Add support for creating certificate signing requests with
|
|
:class:`~cryptography.x509.CertificateSigningRequestBuilder`. This includes
|
|
support for the same extensions supported in the ``CertificateBuilder``.
|
|
* Deprecate ``encode_rfc6979_signature`` and ``decode_rfc6979_signature`` in
|
|
favor of
|
|
:func:`~cryptography.hazmat.primitives.asymmetric.utils.encode_dss_signature`
|
|
and
|
|
:func:`~cryptography.hazmat.primitives.asymmetric.utils.decode_dss_signature`.
|
|
- Adjust Requires according to requires.txt
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 29 18:05:55 UTC 2015 - tbechtold@suse.com
|
|
|
|
- update to 0.9.3:
|
|
* Updated Windows wheels to be compiled against OpenSSL 1.0.2d.
|
|
* Updated Windows wheels to be compiled against OpenSSL 1.0.2c.
|
|
* **SECURITY ISSUE**: Fixed a double free in the OpenSSL backend when using DSA
|
|
to verify signatures. Note that this only affects PyPy 2.6.0 and (presently
|
|
unreleased) CFFI versions greater than 1.1.0.
|
|
* Removed support for Python 3.2. This version of Python is rarely used
|
|
and caused support headaches. Users affected by this should upgrade to 3.3+.
|
|
* Deprecated support for Python 2.6. At the time there is no time table for
|
|
actually dropping support, however we strongly encourage all users to upgrade
|
|
their Python, as Python 2.6 no longer receives support from the Python core
|
|
team.
|
|
* Add support for the
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.SECP256K1` elliptic
|
|
curve.
|
|
* Fixed compilation when using an OpenSSL which was compiled with the
|
|
``no-comp`` (``OPENSSL_NO_COMP``) option.
|
|
* Support :attr:`~cryptography.hazmat.primitives.serialization.Encoding.DER`
|
|
serialization of public keys using the ``public_bytes`` method of
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKeyWithSerialization`,
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKeyWithSerialization`,
|
|
and
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKeyWithSerialization`.
|
|
* Support :attr:`~cryptography.hazmat.primitives.serialization.Encoding.DER`
|
|
serialization of private keys using the ``private_bytes`` method of
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization`,
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKeyWithSerialization`,
|
|
and
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKeyWithSerialization`.
|
|
* Add support for parsing X.509 certificate signing requests (CSRs) with
|
|
:func:`~cryptography.x509.load_pem_x509_csr` and
|
|
:func:`~cryptography.x509.load_der_x509_csr`.
|
|
* Moved ``cryptography.exceptions.InvalidToken`` to
|
|
:class:`cryptography.hazmat.primitives.twofactor.InvalidToken` and deprecated
|
|
the old location. This was moved to minimize confusion between this exception
|
|
and :class:`cryptography.fernet.InvalidToken`.
|
|
* Added support for X.509 extensions in :class:`~cryptography.x509.Certificate`
|
|
objects. The following extensions are supported as of this release:
|
|
|
|
* :class:`~cryptography.x509.BasicConstraints`
|
|
* :class:`~cryptography.x509.AuthorityKeyIdentifier`
|
|
* :class:`~cryptography.x509.SubjectKeyIdentifier`
|
|
* :class:`~cryptography.x509.KeyUsage`
|
|
* :class:`~cryptography.x509.SubjectAlternativeName`
|
|
* :class:`~cryptography.x509.ExtendedKeyUsage`
|
|
* :class:`~cryptography.x509.CRLDistributionPoints`
|
|
* :class:`~cryptography.x509.AuthorityInformationAccess`
|
|
* :class:`~cryptography.x509.CertificatePolicies`
|
|
|
|
Note that unsupported extensions with the critical flag raise
|
|
:class:`~cryptography.x509.UnsupportedExtension` while unsupported extensions
|
|
set to non-critical are silently ignored. Read the
|
|
:doc:`X.509 documentation</x509>` for more information.
|
|
- add python-pyasn1, python-ipaddress and python-idna as Requires/BuildRequires
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 23 06:38:42 UTC 2015 - mcihar@suse.cz
|
|
|
|
- Update to 0.8.2:
|
|
* Fixed a race condition when initializing the OpenSSL or CommonCrypto backends
|
|
in a multi-threaded scenario.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 7 10:00:28 UTC 2015 - tbechtold@suse.com
|
|
|
|
- update to 0.8.1:
|
|
* Updated Windows wheels to be compiled against OpenSSL 1.0.2a.
|
|
* func:`~cryptography.hazmat.primitives.serialization.load_ssh_public_key` can
|
|
now load elliptic curve public keys.
|
|
* Added
|
|
:attr:`~cryptography.x509.Certificate.signature_hash_algorithm` support to
|
|
:class:`~cryptography.x509.Certificate`.
|
|
* Added
|
|
:func:`~cryptography.hazmat.primitives.asymmetric.rsa.rsa_recover_prime_factor s`
|
|
* :class:`~cryptography.hazmat.primitives.kdf.KeyDerivationFunction` was moved
|
|
from :mod:`~cryptography.hazmat.primitives.interfaces` to
|
|
:mod:`~cryptography.hazmat.primitives.kdf`.
|
|
* Added support for parsing X.509 names. See the
|
|
:doc:`X.509 documentation</x509>` for more information.
|
|
* Added
|
|
:func:`~cryptography.hazmat.primitives.serialization.load_der_private_key` to
|
|
support loading of DER encoded private keys and
|
|
:func:`~cryptography.hazmat.primitives.serialization.load_der_public_key` to
|
|
support loading DER encoded public keys.
|
|
* Fixed building against LibreSSL, a compile-time substitute for OpenSSL.
|
|
* FreeBSD 9.2 was removed from the continuous integration system.
|
|
* Updated Windows wheels to be compiled against OpenSSL 1.0.2.
|
|
* :func:`~cryptography.hazmat.primitives.serialization.load_pem_public_key`
|
|
and :func:`~cryptography.hazmat.primitives.serialization.load_der_public_key`
|
|
now support PKCS1 RSA public keys (in addition to the previous support for
|
|
SubjectPublicKeyInfo format for RSA, EC, and DSA).
|
|
* Added
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKeyWithSerialization`
|
|
and deprecated
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKeyWithNumbers`.
|
|
* Added
|
|
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKeyWithSerialization.private_bytes`
|
|
to
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKeyWithSerialization`.
|
|
* Added
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization`
|
|
and deprecated
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithNumbers`.
|
|
* Added
|
|
:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.private_bytes`
|
|
to
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization`.
|
|
* Added
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKeyWithSerialization`
|
|
and deprecated
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKeyWithNumbers`.
|
|
* Added
|
|
:meth:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKeyWithSerialization.private_bytes`
|
|
to
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKeyWithSerialization`.
|
|
* Added
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKeyWithSerialization`
|
|
and deprecated
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKeyWithNumbers`.
|
|
* Added
|
|
:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKeyWithSerialization.public_bytes`
|
|
to
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKeyWithSerialization`.
|
|
* Added
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKeyWithSerialization`
|
|
and deprecated
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKeyWithNumbers`.
|
|
* Added
|
|
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKeyWithSerialization.public_bytes`
|
|
to
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKeyWithSerialization`.
|
|
* Added
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKeyWithSerialization`
|
|
and deprecated
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKeyWithNumbers`.
|
|
* Added
|
|
:meth:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKeyWithSerialization.public_bytes`
|
|
to
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKeyWithSerialization`.
|
|
* :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` and
|
|
:class:`~cryptography.hazmat.primitives.hashes.HashContext` were moved from
|
|
:mod:`~cryptography.hazmat.primitives.interfaces` to
|
|
:mod:`~cryptography.hazmat.primitives.hashes`.
|
|
* :class:`~cryptography.hazmat.primitives.ciphers.CipherContext`,
|
|
:class:`~cryptography.hazmat.primitives.ciphers.AEADCipherContext`,
|
|
:class:`~cryptography.hazmat.primitives.ciphers.AEADEncryptionContext`,
|
|
:class:`~cryptography.hazmat.primitives.ciphers.CipherAlgorithm`, and
|
|
:class:`~cryptography.hazmat.primitives.ciphers.BlockCipherAlgorithm`
|
|
were moved from :mod:`~cryptography.hazmat.primitives.interfaces` to
|
|
:mod:`~cryptography.hazmat.primitives.ciphers`.
|
|
* :class:`~cryptography.hazmat.primitives.ciphers.modes.Mode`,
|
|
:class:`~cryptography.hazmat.primitives.ciphers.modes.ModeWithInitializationVector`,
|
|
:class:`~cryptography.hazmat.primitives.ciphers.modes.ModeWithNonce`, and
|
|
:class:`~cryptography.hazmat.primitives.ciphers.modes.ModeWithAuthenticationTag`
|
|
were moved from :mod:`~cryptography.hazmat.primitives.interfaces` to
|
|
:mod:`~cryptography.hazmat.primitives.ciphers.modes`.
|
|
* :class:`~cryptography.hazmat.primitives.padding.PaddingContext` was moved
|
|
from :mod:`~cryptography.hazmat.primitives.interfaces` to
|
|
:mod:`~cryptography.hazmat.primitives.padding`.
|
|
*
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.padding.AsymmetricPadding`
|
|
was moved from :mod:`~cryptography.hazmat.primitives.interfaces` to
|
|
:mod:`~cryptography.hazmat.primitives.asymmetric.padding`.
|
|
*
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricSignatureContext`
|
|
and
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricVerificationContext`
|
|
were moved from :mod:`~cryptography.hazmat.primitives.interfaces` to
|
|
:mod:`~cryptography.hazmat.primitives.asymmetric`.
|
|
* :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters`,
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParametersWithNumbers`,
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`,
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKeyWithNumbers`,
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` and
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKeyWithNumbers`
|
|
were moved from :mod:`~cryptography.hazmat.primitives.interfaces` to
|
|
:mod:`~cryptography.hazmat.primitives.asymmetric.dsa`
|
|
* :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurve`,
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurveSignatureAlgorithm`,
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey`,
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKeyWithNumbers`,
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey`,
|
|
and
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKeyWithNumbers`
|
|
were moved from :mod:`~cryptography.hazmat.primitives.interfaces` to
|
|
:mod:`~cryptography.hazmat.primitives.asymmetric.ec`.
|
|
* :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`,
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithNumbers`,
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey` and
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKeyWithNumbers`
|
|
were moved from :mod:`~cryptography.hazmat.primitives.interfaces` to
|
|
:mod:`~cryptography.hazmat.primitives.asymmetric.rsa`.
|
|
* Updated Windows wheels to be compiled against OpenSSL 1.0.1l.
|
|
* ``enum34`` is no longer installed on Python 3.4, where it is included in
|
|
the standard library.
|
|
* Added a new function to the OpenSSL bindings to support additional
|
|
functionality in pyOpenSSL.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 29 18:08:34 UTC 2014 - jmatejek@suse.com
|
|
|
|
- update to 0.7.1
|
|
* backwards-incompatible change: GCM module doesn't truncate tags
|
|
by default anymore
|
|
* removed deprecated arguments to MFG1 constructor
|
|
* ECC support
|
|
* added PEM and openssh key loading convenience methods
|
|
* support for many new ciphers and new features of existing ones
|
|
see CHANGELOG.rst for details
|
|
- spec cleanup
|
|
- reworked %check section
|
|
- added changelog to docs
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 19 16:14:52 UTC 2014 - jmatejek@suse.com
|
|
|
|
- update to 0.4
|
|
* added IDEA algorithm
|
|
* added HOTP, TOTP and CMAC primitives
|
|
* improved support for RSA and DSA public key cryptography
|
|
- include cryptography_vectors as a source, in order to run the full
|
|
test suite (cryptography_vectors seems only useful for testing
|
|
this module, so it's probably not worth making a separate installable
|
|
package for it)
|
|
- drop upstreamed cryptography-custom-install-cmd.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 31 16:03:46 UTC 2014 - speilicke@suse.com
|
|
|
|
- Add cryptography-custom-install-cmd.patch: Fix installation to plat_lib
|
|
- Properly invoke testsuite, therefore add dependencies on iso8601 and pretend
|
|
- Only use pkg-config for libffi on newer distros, stay with old-style
|
|
devel package requires to fix SLE build
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 24 12:43:32 UTC 2014 - mvyskocil@suse.com
|
|
|
|
- Initial packaging of python-cryptography for openSUSE
|
|
|