* **BACKWARDS INCOMPATIBLE:** Support for Python 3.3 has been dropped.
* We now ship ``manylinux1`` wheels linked against OpenSSL 1.1.0f. These wheels
will be automatically used with most Linux distributions if you are running
the latest pip.
* Deprecated the use of ``signer`` on
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`,
and
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey`
in favor of ``sign``.
* Deprecated the use of ``verifier`` on
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`,
and
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey`
in favor of ``verify``.
* Added support for parsing
:class:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp`
objects from X.509 certificate extensions.
* Added support for
:class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305`.
* Added support for
:class:`~cryptography.hazmat.primitives.ciphers.aead.AESCCM`.
* Added
:class:`~cryptography.hazmat.primitives.ciphers.aead.AESGCM`, a "one shot"
API for AES GCM encryption.
* Added support for :doc:`/hazmat/primitives/asymmetric/x25519`.
* Added support for serializing and deserializing Diffie-Hellman parameters
with
:func:`~cryptography.hazmat.primitives.serialization.load_pem_parameters`,
:func:`~cryptography.hazmat.primitives.serialization.load_der_parameters`,
and
:meth:`~cryptography.hazmat.primitives.asymmetric.dh.DHParameters.parameter_bytes`
.
* The ``extensions`` attribute on :class:`~cryptography.x509.Certificate`,
:class:`~cryptography.x509.CertificateSigningRequest`,
:class:`~cryptography.x509.CertificateRevocationList`, and
:class:`~cryptography.x509.RevokedCertificate` now caches the computed
``Extensions`` object. There should be no performance change, just a
performance improvement for programs accessing the ``extensions`` attribute
multiple times.
### 1.9
BACKWARDS INCOMPATIBLE: Elliptic Curve signature verification no longer
returns True on success. This brings it in line with the interface's
documentation, and our intent. The correct way to use
:meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.verify
has always been to check whether or not
:class:~cryptography.exceptions.InvalidSignature was raised.
BACKWARDS INCOMPATIBLE: Dropped support for macOS 10.7 and 10.8.
BACKWARDS INCOMPATIBLE: The minimum supported PyPy version is now 5.3.
Python 3.3 support has been deprecated, and will be removed in the next
cryptography release.
Add support for providing tag during
:class:~cryptography.hazmat.primitives.ciphers.modes.GCM finalization via
:meth:~cryptography.hazmat.primitives.ciphers.AEADDecryptionContext.finalize_with_tag.
Fixed an issue preventing cryptography from compiling against
LibreSSL 2.5.x.
Added
:meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.key_size
and
:meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.key_size
as convenience methods for determining the bit size of a secret scalar for
the curve.
Accessing an unrecognized extension marked critical on an X.509 object will
no longer raise an UnsupportedExtension exception, instead an
:class:~cryptography.x509.UnrecognizedExtension object will be returned.
This behavior was based on a poor reading of the RFC, unknown critical
extensions only need to be rejected on certificate verification.
The CommonCrypto backend has been removed.
MultiBackend has been removed.
Whirlpool and RIPEMD160 have been deprecated.
1.8.2
* Fixed a compilation bug affecting OpenSSL 1.1.0f.
* Updated Windows and macOS wheels to be compiled against OpenSSL 1.1.0f.
Got merge conflicts? Close this PR and delete the branch. I'll create a new PR for you.
There's a new version of cryptography available. You are currently using 1.8.1. I have updated it to 2.0.1
These links might come in handy: PyPI | Changelog | Repo
Changelog
Got merge conflicts? Close this PR and delete the branch. I'll create a new PR for you.
Happy merging! 🤖