./security/py-cryptography, Cryptographic recipes and primitives for Python

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 42.0.5, Package name: py311-cryptography-42.0.5, Maintainer: pkgsrc-users

cryptography is a package designed to expose cryptographic recipes
and primitives to Python developers. Our goal is for it to be your
"cryptographic standard library".

cryptography includes both high level recipes, and low level
interfaces to common cryptographic algorithms such as symmetric
ciphers, message digests and key derivation functions.


Required to run:
[security/openssl] [devel/py-setuptools] [devel/py-cffi] [devel/py-cparser] [lang/py-six] [www/py-idna] [security/py-asn1crypto] [lang/python37]

Required to build:
[pkgtools/cwrappers]

Master sites:

Filesize: 655.298 KB

Version history: (Expand)


CVS history: (Expand)


   2024-02-25 16:54:58 by Thomas Klausner | Files touched by this commit (5) | Package updated
Log message:
py-cryptography*: update to 42.0.5

42.0.5 - 2024-02-23
~~~~~~~~~~~~~~~~~~~

* Limit the number of name constraint checks that will be performed in
  :mod:`X.509 path validation <cryptography.x509.verification>` to protect
  against denial of service attacks.
* Upgrade ``pyo3`` version, which fixes building on PowerPC.
   2024-02-21 07:42:24 by Adam Ciarcinski | Files touched by this commit (4) | Package updated
Log message:
py-cryptography py-cryptography_vectors: updated to 42.0.4

42.0.4 - 2024-02-20

* Fixed a null-pointer-dereference and segfault that could occur when creating
  a PKCS#12 bundle. Credit to **Alexander-Programming** for reporting the
  issue. **CVE-2024-26130**
* Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields \ 
``SMIMECapabilities``
  and ``SignatureAlgorithmIdentifier`` should now be correctly encoded according \ 
to the
  definitions in :rfc:`2633` :rfc:`3370`.
   2024-02-16 20:10:49 by Adam Ciarcinski | Files touched by this commit (4) | Package updated
Log message:
py-cryptography[_vectors]: updated to 42.0.3

42.0.3 - 2024-02-15

* Fixed an initialization issue that caused key loading failures for some
  users.
   2024-01-30 20:42:47 by Adam Ciarcinski | Files touched by this commit (4) | Package updated
Log message:
py-cryptography py-cryptography_vectors: updated to 42.0.2

42.0.2 - 2024-01-30
~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.1.
* Fixed an issue that prevented the use of Python buffer protocol objects in
  ``sign`` and ``verify`` methods on asymmetric keys.
* Fixed an issue with incorrect keyword-argument naming with \ 
``EllipticCurvePrivateKey``
  \ 
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.exc \ 
hange`,
  ``X25519PrivateKey``
  \ 
:meth:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PrivateKey.exchan \ 
ge`,
  ``X448PrivateKey``
  :meth:`~cryptography.hazmat.primitives.asymmetric.x448.X448PrivateKey.exchange`,
  and ``DHPrivateKey``
  :meth:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey.exchange`.
   2024-01-25 06:56:58 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
py-cryptography py-cryptography_vectors: updated to 42.0.1

42.0.1 - 2024-01-24

* Fixed an issue with incorrect keyword-argument naming with \ 
``EllipticCurvePrivateKey``
  :meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign`.
* Resolved compatibility issue with loading certain RSA public keys in
  :func:`~cryptography.hazmat.primitives.serialization.load_pem_public_key`.
   2024-01-23 07:33:49 by Adam Ciarcinski | Files touched by this commit (7) | Package updated
Log message:
py-cryptography py-cryptography_vectors: updated to 42.0.0

42.0.0 - 2024-01-22
~~~~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.7.
* **BACKWARDS INCOMPATIBLE:** Loading a PKCS7 with no content field using
  \ 
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certif \ 
icates`
  or
  \ 
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certif \ 
icates`
  will now raise a ``ValueError`` rather than return an empty list.
* Parsing SSH certificates no longer permits malformed critical options with
  values, as documented in the 41.0.2 release notes.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0.
* Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0.
* We now publish both ``py37`` and ``py39`` ``abi3`` wheels. This should
  resolve some errors relating to initializing a module multiple times per
  process.
* Support :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS` for
  X.509 certificate signing requests and certificate revocation lists with the
  keyword-only argument ``rsa_padding`` on the ``sign`` methods for
  :class:`~cryptography.x509.CertificateSigningRequestBuilder` and
  :class:`~cryptography.x509.CertificateRevocationListBuilder`.
* Added support for obtaining X.509 certificate signing request signature
  algorithm parameters (including PSS) via
  \ 
:meth:`~cryptography.x509.CertificateSigningRequest.signature_algorithm_paramete \ 
rs`.
* Added support for obtaining X.509 certificate revocation list signature
  algorithm parameters (including PSS) via
  \ 
:meth:`~cryptography.x509.CertificateRevocationList.signature_algorithm_paramete \ 
rs`.
* Added ``mgf`` property to
  :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`.
* Added ``algorithm`` and ``mgf`` properties to
  :class:`~cryptography.hazmat.primitives.asymmetric.padding.OAEP`.
* Added the following properties that return timezone-aware ``datetime`` objects:
  :meth:`~cryptography.x509.Certificate.not_valid_before_utc`,
  :meth:`~cryptography.x509.Certificate.not_valid_after_utc`,
  :meth:`~cryptography.x509.RevokedCertificate.revocation_date_utc`,
  :meth:`~cryptography.x509.CertificateRevocationList.next_update_utc`,
  :meth:`~cryptography.x509.CertificateRevocationList.last_update_utc`.
  These are timezone-aware variants of existing properties that return naïve
  ``datetime`` objects.
* Deprecated the following properties that return naïve ``datetime`` objects:
  :meth:`~cryptography.x509.Certificate.not_valid_before`,
  :meth:`~cryptography.x509.Certificate.not_valid_after`,
  :meth:`~cryptography.x509.RevokedCertificate.revocation_date`,
  :meth:`~cryptography.x509.CertificateRevocationList.next_update`,
  :meth:`~cryptography.x509.CertificateRevocationList.last_update`
  in favor of the new timezone-aware variants mentioned above.
* Added support for
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.ChaCha20`
  on LibreSSL.
* Added support for RSA PSS signatures in PKCS7 with
  \ 
:meth:`~cryptography.hazmat.primitives.serialization.pkcs7.PKCS7SignatureBuilder \ 
.add_signer`.
* In the next release (43.0.0) of cryptography, loading an X.509 certificate
  with a negative serial number will raise an exception. This has been
  deprecated since 36.0.0.
* Added support for
  :class:`~cryptography.hazmat.primitives.ciphers.aead.AESGCMSIV` when using
  OpenSSL 3.2.0+.
* Added the :mod:`X.509 path validation <cryptography.x509.verification>` APIs
  for :class:`~cryptography.x509.Certificate` chains. These APIs should be
  considered unstable and not subject to our stability guarantees until
  documented as such in a future release.
* Added support for
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SM4`
  :class:`~cryptography.hazmat.primitives.ciphers.modes.GCM`
  when using OpenSSL 3.0 or greater.
   2023-12-13 18:39:07 by Amitai Schleier | Files touched by this commit (7)
Log message:
cargo.mk: centralize Darwin -install_name workaround.
   2023-11-28 18:37:24 by Adam Ciarcinski | Files touched by this commit (6) | Package updated
Log message:
py-cryptography py-cryptography_vectors: updated to 41.0.7

41.0.7 - 2023-11-27

Fixed compilation when using LibreSSL 3.8.2.

41.0.6 - 2023-11-27

Fixed a null-pointer-dereference and segfault that could occur when loading \ 
certificates from a PKCS#7 bundle. Credit to pkuzco for reporting the issue. \ 
CVE-2023-49083