hypothesis / h

Annotate with anyone, anywhere.
https://hypothes.is/
BSD 2-Clause "Simplified" License
2.96k stars 427 forks source link

Bump pycryptodomex from 3.20.0 to 3.21.0 #9000

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps pycryptodomex from 3.20.0 to 3.21.0.

Release notes

Sourced from pycryptodomex's releases.

v3.21.0 - Bourdeaux

New features

  • By setting the PYCRYPTODOME_DISABLE_GMP environment variable, the GMP library will not be used even if detected.
  • Add support for Curve25519 / X25519.
  • Add support for Curve448 / X448.
  • Add attribute curve to EccPoint and EccXPoint classes, with the canonical name of the curve.
  • GH#781: the label for the SP800_108_Counter KDF may now contain zero bytes. Thanks to Julien Rische.
  • GH#814: RSA keys for PSS can be imported.

Resolved issues

  • GH#810: fixed negation of Ed25519 points.
  • GH#819: accept an RFC5916 ECPrivateKey even if it doesn't contain any of the optional elements (parameters [0] and publicKey[1]).

Other changes

  • Remove support for Python 3.5.

v3.21.0 - Bourdeaux (pycryptodomex)

New features

  • By setting the PYCRYPTODOME_DISABLE_GMP environment variable, the GMP library will not be used even if detected.
  • Add support for Curve25519 / X25519.
  • Add support for Curve448 / X448.
  • Add attribute curve to EccPoint and EccXPoint classes, with the canonical name of the curve.
  • GH#781: the label for the SP800_108_Counter KDF may now contain zero bytes. Thanks to Julien Rische.
  • GH#814: RSA keys for PSS can be imported.

Resolved issues

  • GH#810: fixed negation of Ed25519 points.
  • GH#819: accept an RFC5916 ECPrivateKey even if it doesn't contain any of the optional elements (parameters [0] and publicKey[1]).

Other changes

  • Remove support for Python 3.5.
Changelog

Sourced from pycryptodomex's changelog.

3.21.0 (30 September 2024) ++++++++++++++++++++++++++

New features

  • By setting the PYCRYPTODOME_DISABLE_GMP environment variable, the GMP library will not be used even if detected.
  • Add support for Curve25519 / X25519.
  • Add support for Curve448 / X448.
  • Add attribute curve to EccPoint and EccXPoint classes, with the canonical name of the curve.
  • GH#781: the label for the SP800_108_Counter KDF may now contain zero bytes. Thanks to Julien Rische.
  • GH#814: RSA keys for PSS can be imported.

Resolved issues

  • GH#810: fixed negation of Ed25519 points.
  • GH#819: accept an RFC5916 ECPrivateKey even if it doesn't contain any of the optional elements (parameters [0] and publicKey[1]).

Other changes

  • Remove support for Python 3.5.
Commits
  • 5e40a18 Bump version
  • cd4cb45 Fix docs and changelog
  • d499d27 Decrypt PKCS#8 key even if the password is empty
  • 0c86527 Build wheel on Windows 2019
  • fdd7892 Bump required version of pycryptodome-test-vectors
  • 5040405 Build wheel for Python 3.13
  • 19494e0 Bump version for test vectors package
  • 66420a7 Fix tests for x448/x25519
  • 05bcdff Add tag for Python 3.13
  • 2ddda6a Fixed typo in documentation
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)