2018-08-15 10:21:42 by Adam Ciarcinski | Files touched by this commit (4) | |
Log message:
py-cryptography[_vectors]: updated to 2.3.1
2.3.1:
Updated Windows, macOS, and manylinux1 wheels to be compiled with OpenSSL 1.1.0i.
|
2018-07-19 11:24:37 by Adam Ciarcinski | Files touched by this commit (5) | |
Log message:
py-cryptography[_vectors]: updated to 2.3
2.3:
SECURITY ISSUE: \
:meth:~cryptography.hazmat.primitives.ciphers.AEADDecryptionContext.finalize_with_tag \
allowed tag truncation by default which can allow tag forgery in some cases. The \
method now enforces the min_tag_length provided to the \
:class:~cryptography.hazmat.primitives.ciphers.modes.GCM constructor. \
CVE-2018-10903
Added support for Python 3.7.
Added :meth:~cryptography.fernet.Fernet.extract_timestamp to get the \
authenticated timestamp of a :doc:Fernet </fernet> token.
Support for Python 2.7.x without hmac.compare_digest has been deprecated. We \
will require Python 2.7.7 or higher (or 2.7.6 on Ubuntu) in the next \
cryptography release.
Fixed multiple issues preventing cryptography from compiling against LibreSSL 2.7.x.
Added \
:class:~cryptography.x509.CertificateRevocationList.get_revoked_certificate_by_serial_number \
for quick serial number searches in CRLs.
The :class:~cryptography.x509.RelativeDistinguishedName class now preserves the \
order of attributes. Duplicate attributes now raise an error instead of silently \
discarding duplicates.
:func:~cryptography.hazmat.primitives.keywrap.aes_key_unwrap and \
:func:~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding now \
raise :class:~cryptography.hazmat.primitives.keywrap.InvalidUnwrap if the \
wrapped key is an invalid length, instead of ValueError.
|
2018-04-02 15:19:31 by Adam Ciarcinski | Files touched by this commit (4) | |
Log message:
py-cryptography py-cryptography_vectors: updated to 2.2.2
2.2.2:
Updated Windows, macOS, and manylinux1 wheels to be compiled with OpenSSL 1.1.0h.
|
2018-03-22 12:49:19 by Adam Ciarcinski | Files touched by this commit (5) | |
Log message:
py-cryptography[_vectors]: updated to 2.2.1
2.2.1:
Reverted a change to GeneralNames which prohibited having zero elements, due to \
breakages.
Fixed a bug in \
:func:~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding that \
caused it to raise InvalidUnwrap when key length modulo 8 was zero.
|
2018-03-19 10:01:46 by Adam Ciarcinski | Files touched by this commit (5) | |
Log message:
py-cryptography[_vectors]: updated to 2.2
2.2:
BACKWARDS INCOMPATIBLE: Support for Python 2.6 has been dropped.
Resolved a bug in HKDF that incorrectly constrained output size.
Added :class:~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP256R1, \
:class:~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP384R1, and \
:class:~cryptography.hazmat.primitives.asymmetric.ec.BrainpoolP512R1 to support \
inter-operating with systems like German smart meters.
Added token rotation support to :doc:Fernet </fernet> with \
:meth:~cryptography.fernet.MultiFernet.rotate.
Fixed a memory leak in \
:func:~cryptography.hazmat.primitives.asymmetric.ec.derive_private_key.
Added support for AES key wrapping with padding via \
:func:~cryptography.hazmat.primitives.keywrap.aes_key_wrap_with_padding and \
:func:~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding .
Allow loading DSA keys with 224 bit q.
|
2017-11-30 09:23:27 by Adam Ciarcinski | Files touched by this commit (4) | |
Log message:
py-cryptography[_vectors]: updated to 2.1.4
2.1.4:
Added X509_up_ref for an upcoming pyOpenSSL release.
|
2017-11-03 11:36:12 by Adam Ciarcinski | Files touched by this commit (4) | |
Log message:
py-cryptography[_vectors]: updated to 2.1.3
2.1.3:
Updated Windows, macOS, and manylinux1 wheels to be compiled with OpenSSL 1.1.0g.
|
2017-10-25 05:53:05 by Adam Ciarcinski | Files touched by this commit (4) | |
Log message:
py-cryptography[_vectors]: updated to 2.1.2
2.1.2:
Corrected a bug with the manylinux1 wheels where OpenSSL's stack was marked \
executable.
|
2017-10-12 10:28:40 by Adam Ciarcinski | Files touched by this commit (6) | |
Log message:
py-cryptography[_vectors]: update to 2.1.1
2.1:
FINAL DEPRECATION Python 2.6 support is deprecated, and will be removed in the \
next release of cryptography.
BACKWARDS INCOMPATIBLE: Whirlpool, RIPEMD160, and UnsupportedExtension have been \
removed in accordance with our :doc:`/api-stability` policy.
BACKWARDS INCOMPATIBLE: :attr:`~cryptography.x509.DNSName.value`, \
:attr:`~cryptography.x509.RFC822Name.value`, and \
:attr:`~cryptography.x509.UniformResourceIdentifier.value` will now return an \
:term:`A-label` string when parsing a certificate containing an \
internationalized domain name (IDN) or if the caller passed a :term:`U-label` to \
the constructor. See below for additional deprecations related to this change.
Installing cryptography now requires pip 6 or newer.
Deprecated passing :term:`U-label` strings to the \
:class:`~cryptography.x509.DNSName`, \
:class:`~cryptography.x509.UniformResourceIdentifier`, and \
:class:`~cryptography.x509.RFC822Name` constructors. Instead, users should pass \
values as :term:`A-label` strings with idna encoding if necessary. This change \
will not affect anyone who is not processing internationalized domains.
Added support for \
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.ChaCha20`. In most \
cases users should choose \
:class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305` rather \
than using this unauthenticated form.
Added :meth:`~cryptography.x509.CertificateRevocationList.is_signature_valid` to \
:class:`~cryptography.x509.CertificateRevocationList`.
Support :class:`~cryptography.hazmat.primitives.hashes.BLAKE2b` and \
:class:`~cryptography.hazmat.primitives.hashes.BLAKE2s` with \
:class:`~cryptography.hazmat.primitives.hmac.HMAC`.
Added support for :class:`~cryptography.hazmat.primitives.ciphers.modes.XTS` \
mode for AES.
Added support for using labels with \
:class:`~cryptography.hazmat.primitives.asymmetric.padding.OAEP` when using \
OpenSSL 1.0.2 or greater.
Improved compatibility with NSS when issuing certificates from an issuer that \
has a subject with non-UTF8String string types.
Add support for the :class:`~cryptography.x509.DeltaCRLIndicator` extension.
Add support for the :class:`~cryptography.x509.TLSFeature` extension. This is \
commonly used for enabling OCSP Must-Staple in certificates.
Add support for the :class:`~cryptography.x509.FreshestCRL` extension.
|
2017-08-04 07:31:12 by Adam Ciarcinski | Files touched by this commit (4) |
Log message:
2.0.3:
Fixed an issue with weak linking symbols when compiling on macOS versions older \
than 10.12.
|