PyCA cryptography 39.0.0 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, asymmetric algorithms, message digests, X509, key derivation functions, and much more. We support Python 3.6+, and PyPy3.
Changelog (https://cryptography.io/en/latest/changelog/#v39-0-0): * BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.1.0 has been removed. Users on older versions of OpenSSL will need to upgrade. Note that this does not affect users of our wheels. * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.5. The new minimum LibreSSL version is 3.5.0. Going forward our policy is to support versions of LibreSSL that are available in versions of OpenBSD that are still receiving security support. * BACKWARDS INCOMPATIBLE: Removed the encode_point and from_encoded_point methods onEllipticCurvePublicNumbers, which had been deprecated for several years. public_bytes() andfrom_encoded_point() should be used instead. * BACKWARDS INCOMPATIBLE: Support for using MD5 or SHA1 in CertificateBuilder, other X.509 builders, and PKCS7 has been removed. * BACKWARDS INCOMPATIBLE: Dropped support for macOS 10.10 and 10.11, macOS users must upgrade to 10.12 or newer. * ANNOUNCEMENT: The next version of cryptography (40.0) will change the way we link OpenSSL. This will only impact users who build cryptography from source (i.e., not from a wheel), and specify their own version of OpenSSL. For those users, the CFLAGS, LDFLAGS, INCLUDE, LIB, and CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS environment variables will no longer be respected. Instead, users will need to configure their builds as documented here. * Added support for disabling the legacy provider in OpenSSL 3.0.x. * Added support for disabling RSA key validation checks when loading RSA keys via load_pem_private_key(), load_der_private_key(), and private_key(). This speeds up key loading but is unsafe if you are loading potentially attacker supplied keys. * Significantly improved performance for ChaCha20Poly1305 when repeatedly calling encrypt or decrypt with the same key. * Added support for creating OCSP requests with precomputed hashes using add_certificate_by_hash(). * Added support for loading multiple PEM-encoded X.509 certificates from a single input via load_pem_x509_certificates(). -Paul Kehrer (reaperhulk) _______________________________________________ Python-announce-list mailing list -- python-announce-list@python.org To unsubscribe send an email to python-announce-list-le...@python.org https://mail.python.org/mailman3/lists/python-announce-list.python.org/ Member address: arch...@mail-archive.com