Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update cryptography to 2.1.4 #77

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

pyup-bot
Copy link
Contributor

There's a new version of cryptography available.
You are currently using 1.7.1. I have updated it to 2.1.4

These links might come in handy: PyPI | Changelog | Repo

Changelog

2.1.3

  • Updated Windows, macOS, and manylinux1 wheels to be compiled with
    OpenSSL 1.1.0g.

.. _v2-1-2:

2.1.2

  • Corrected a bug with the manylinux1 wheels where OpenSSL's stack was
    marked executable.

.. _v2-1-1:

2.1.1

  • Fixed support for install with the system pip on Ubuntu 16.04.

.. _v2-1:

2.1

  • FINAL DEPRECATION Python 2.6 support is deprecated, and will be removed
    in the next release of cryptography.
  • BACKWARDS INCOMPATIBLE: Whirlpool, RIPEMD160, and
    UnsupportedExtension have been removed in accordance with our
    :doc:/api-stability policy.
  • BACKWARDS INCOMPATIBLE:
    :attr:DNSName.value <cryptography.x509.DNSName.value>,
    :attr:RFC822Name.value <cryptography.x509.RFC822Name.value>, and
    :attr:UniformResourceIdentifier.value <cryptography.x509.UniformResourceIdentifier.value>
    will now return an :term:A-label string when parsing a certificate
    containing an internationalized domain name (IDN) or if the caller passed
    a :term:U-label to the constructor. See below for additional deprecations
    related to this change.
  • Installing cryptography now requires pip 6 or newer.
  • Deprecated passing :term:U-label strings to the
    :class:~cryptography.x509.DNSName,
    :class:~cryptography.x509.UniformResourceIdentifier, and
    :class:~cryptography.x509.RFC822Name constructors. Instead, users should
    pass values as :term:A-label strings with idna encoding if necessary.
    This change will not affect anyone who is not processing internationalized
    domains.
  • Added support for
    :class:~cryptography.hazmat.primitives.ciphers.algorithms.ChaCha20. In
    most cases users should choose
    :class:~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305
    rather than using this unauthenticated form.
  • Added :meth:~cryptography.x509.CertificateRevocationList.is_signature_valid
    to :class:~cryptography.x509.CertificateRevocationList.
  • Support :class:~cryptography.hazmat.primitives.hashes.BLAKE2b and
    :class:~cryptography.hazmat.primitives.hashes.BLAKE2s with
    :class:~cryptography.hazmat.primitives.hmac.HMAC.
  • Added support for
    :class:~cryptography.hazmat.primitives.ciphers.modes.XTS mode for
    AES.
  • Added support for using labels with
    :class:~cryptography.hazmat.primitives.asymmetric.padding.OAEP when using
    OpenSSL 1.0.2 or greater.
  • Improved compatibility with NSS when issuing certificates from an issuer
    that has a subject with non-UTF8String string types.
  • Add support for the :class:~cryptography.x509.DeltaCRLIndicator extension.
  • Add support for the :class:~cryptography.x509.TLSFeature
    extension. This is commonly used for enabling OCSP Must-Staple in
    certificates.
  • Add support for the :class:~cryptography.x509.FreshestCRL extension.

.. _v2-0-3:

2.0.3

  • Fixed an issue with weak linking symbols when compiling on macOS
    versions older than 10.12.

.. _v2-0-2:

2.0.2

  • Marked all symbols as hidden in the manylinux1 wheel to avoid a
    bug with symbol resolution in certain scenarios.

.. _v2-0-1:

2.0.1

  • Fixed a compilation bug affecting OpenBSD.
  • Altered the manylinux1 wheels to statically link OpenSSL instead of
    dynamically linking and bundling the shared object. This should resolve
    crashes seen when using uwsgi or other binaries that link against
    OpenSSL independently.
  • Fixed the stack level for the signer and verifier warnings.

.. _v2-0:

2.0

  • BACKWARDS INCOMPATIBLE: Support for Python 3.3 has been dropped.
  • We now ship manylinux1 wheels linked against OpenSSL 1.1.0f. These wheels
    will be automatically used with most Linux distributions if you are running
    the latest pip.
  • Deprecated the use of signer on
    :class:~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey,
    :class:~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey,
    and
    :class:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey
    in favor of sign.
  • Deprecated the use of verifier on
    :class:~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey,
    :class:~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey,
    and
    :class:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey
    in favor of verify.
  • Added support for parsing
    :class:~cryptography.x509.certificate_transparency.SignedCertificateTimestamp
    objects from X.509 certificate extensions.
  • Added support for
    :class:~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305.
  • Added support for
    :class:~cryptography.hazmat.primitives.ciphers.aead.AESCCM.
  • Added
    :class:~cryptography.hazmat.primitives.ciphers.aead.AESGCM, a "one shot"
    API for AES GCM encryption.
  • Added support for :doc:/hazmat/primitives/asymmetric/x25519.
  • Added support for serializing and deserializing Diffie-Hellman parameters
    with
    :func:~cryptography.hazmat.primitives.serialization.load_pem_parameters,
    :func:~cryptography.hazmat.primitives.serialization.load_der_parameters,
    and
    :meth:~cryptography.hazmat.primitives.asymmetric.dh.DHParameters.parameter_bytes
    .
  • The extensions attribute on :class:~cryptography.x509.Certificate,
    :class:~cryptography.x509.CertificateSigningRequest,
    :class:~cryptography.x509.CertificateRevocationList, and
    :class:~cryptography.x509.RevokedCertificate now caches the computed
    Extensions object. There should be no performance change, just a
    performance improvement for programs accessing the extensions attribute
    multiple times.

.. _v1-9:

1.9

  • BACKWARDS INCOMPATIBLE: Elliptic Curve signature verification no longer
    returns True on success. This brings it in line with the interface's
    documentation, and our intent. The correct way to use
    :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.verify
    has always been to check whether or not
    :class:~cryptography.exceptions.InvalidSignature was raised.
  • BACKWARDS INCOMPATIBLE: Dropped support for macOS 10.7 and 10.8.
  • BACKWARDS INCOMPATIBLE: The minimum supported PyPy version is now 5.3.
  • Python 3.3 support has been deprecated, and will be removed in the next
    cryptography release.
  • Add support for providing tag during
    :class:~cryptography.hazmat.primitives.ciphers.modes.GCM finalization via
    :meth:~cryptography.hazmat.primitives.ciphers.AEADDecryptionContext.finalize_with_tag.
  • Fixed an issue preventing cryptography from compiling against
    LibreSSL 2.5.x.
  • Added
    :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.key_size
    and
    :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.key_size
    as convenience methods for determining the bit size of a secret scalar for
    the curve.
  • Accessing an unrecognized extension marked critical on an X.509 object will
    no longer raise an UnsupportedExtension exception, instead an
    :class:~cryptography.x509.UnrecognizedExtension object will be returned.
    This behavior was based on a poor reading of the RFC, unknown critical
    extensions only need to be rejected on certificate verification.
  • The CommonCrypto backend has been removed.
  • MultiBackend has been removed.
  • Whirlpool and RIPEMD160 have been deprecated.

.. _v1-8-2:

1.8.2

  • Fixed a compilation bug affecting OpenSSL 1.1.0f.
  • Updated Windows and macOS wheels to be compiled against OpenSSL 1.1.0f.

.. _v1-8-1:

1.8.1

  • Fixed macOS wheels to properly link against 1.1.0 rather than 1.0.2.

.. _v1-8:

1.8

  • Added support for Python 3.6.
  • Windows and macOS wheels now link against OpenSSL 1.1.0.
  • macOS wheels are no longer universal. This change significantly shrinks the
    size of the wheels. Users on macOS 32-bit Python (if there are any) should
    migrate to 64-bit or build their own packages.
  • Changed ASN.1 dependency from pyasn1 to asn1crypto resulting in a
    general performance increase when encoding/decoding ASN.1 structures. Also,
    the pyasn1_modules test dependency is no longer required.
  • Added support for
    :meth:~cryptography.hazmat.primitives.ciphers.CipherContext.update_into on
    :class:~cryptography.hazmat.primitives.ciphers.CipherContext.
  • Added
    :meth:~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKeyWithSerialization.private_bytes
    to
    :class:~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKeyWithSerialization.
  • Added
    :meth:~cryptography.hazmat.primitives.asymmetric.dh.DHPublicKey.public_bytes
    to
    :class:~cryptography.hazmat.primitives.asymmetric.dh.DHPublicKey.
  • :func:~cryptography.hazmat.primitives.serialization.load_pem_private_key
    and
    :func:~cryptography.hazmat.primitives.serialization.load_der_private_key
    now require that password must be bytes if provided. Previously this
    was documented but not enforced.
  • Added support for subgroup order in :doc:/hazmat/primitives/asymmetric/dh.

.. _v1-7-2:

1.7.2

  • Updated Windows and macOS wheels to be compiled against OpenSSL 1.0.2k.

.. _v1-7-1:

Got merge conflicts? Close this PR and delete the branch. I'll create a new PR for you.

Happy merging! 🤖

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant