[Cryptography-dev] PyCA cryptography 42.0.6 released

PyCA cryptography 42.0.6 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, asymmetric algorithms, message digests, X.509, key derivation functions, and much more. We support Python 3.7+,

[Cryptography-dev] PyCA cryptography 42.0.4 released

PyCA cryptography 42.0.3 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, asymmetric algorithms, message digests, X509, key derivation functions, and much more. We support Python 3.7+,

Re: [Cryptography-dev] RSA sign() with algorithm=None

That is not a correct inference. _rsa_sig_setup() allows passing algorithm=None because that code path is used via recover_data_from_signature, which supports algorithm=None. This code is working as intended. Alex On Sun, Dec 24, 2023 at 1:03 PM M.S. Kandanur wrote: > > In the latest released

[Cryptography-dev] PyCA cryptography 41.0.7 released

PyCA cryptography 41.0.7 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, asymmetric algorithms, message digests, X509, key derivation functions, and much more. We support Python 3.7+,

Re: [Cryptography-dev] Fail to setup the project for contribution

s to have resolved the issue. > > Thank you very much for your help. > > Jules > > Le mar. 21 nov. 2023 à 14:19, Alex Gaynor a écrit : >> >> Where did you get your rustc from? It looks like it's built without >> the necessary support for coverage. >> >&g

Re: [Cryptography-dev] Fail to setup the project for contribution

ur questions: > 1) I'm building on a Mac M1 > 2) Yes, nox -e tests-nocoverage works without any issues > > Jules > > Le mar. 21 nov. 2023 à 13:55, Alex Gaynor a écrit : >> >> Two questions: 1) What platform are you building on? 2) Does `nox -e >> tests-nocoverage`

Re: [Cryptography-dev] Fail to setup the project for contribution

14dcd1d72 --out-dir > /Users/jules/Documents/cryptography/src/rust/target/release/deps -L > dependency=/Users/jules/Documents/cryptography/src/rust/target/release/deps > --cap-lints allow -Cinstrument-coverage` (exit status: 1) > > error: could not compile `target-lexicon` (build scrip

Re: [Cryptography-dev] Fail to setup the project for contribution

Yes, please send the complete output of `nox -e tests`. Alex On Tue, Nov 21, 2023 at 5:42 AM Jules Marmier wrote: > > Hi everyone! > > > I'm trying to contribute to the cryptography project but I have some trouble > setting up the project. I try to follow the Getting started page but the >

Re: [Cryptography-dev] pyOpenSSL or pyca crytpograhy

You should use https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization/#pkcs12 pyOpenSSL's PKCS#12 support is deprecated. Alex On Wed, Nov 15, 2023 at 11:44 PM peter cooke via Cryptography-dev wrote: > > Hi > Sorry to bother I am a begginner and confused.I think you

Re: [Cryptography-dev] Loading an ED25519 private key

If you've exported a key with PrivateFormat.OpenSSH, you can load with https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization/#cryptography.hazmat.primitives.serialization.load_ssh_private_key Alex On Wed, Sep 20, 2023 at 1:24 PM John Walstra via Cryptography-dev wrote: >

[Cryptography-dev] PyCA cryptography 41.0.4 released

PyCA cryptography 41.0.4 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, asymmetric algorithms, message digests, X509, key derivation functions, and much more. We support Python 3.7+,

Re: [Cryptography-dev] Python cryptography fails to load due to _rust DDL import error

dvance > > Il Ven 4 Ago 2023, 18:02 Alex Gaynor ha scritto: >> >> This very likely indicates that however you've packaged and installed >> the application in your environment isn't properly including the >> extension module for cryptography. >> >> Alex

Re: [Cryptography-dev] Python cryptography fails to load due to _rust DDL import error

This very likely indicates that however you've packaged and installed the application in your environment isn't properly including the extension module for cryptography. Alex On Fri, Aug 4, 2023 at 11:20 AM Gualtiero Scotti wrote: > > I'm struggling with this issue from few days... > > I've a

Re: [Cryptography-dev] How to update Python Cryptography

The error you're receiving, "Error: Unable to find a match: python-devel OpenSSL-devel" is coming from yum, and not from anything to do with cryptography. For support with using yum, you should contact Red Hat. Alex On Wed, Aug 2, 2023 at 5:37 PM Rishi Kesh Kumar wrote: > > Hi, > >As part

Re: [Cryptography-dev] openssl library

Cryptography can be built to link OpenSSL in either mode. Our pre-built wheels statically link OpenSSL, but users can compile it either way. Alex On Thu, May 25, 2023, 1:38 PM Laurent Philippart (Nokia) < laurent.philipp...@nokia.com> wrote: > Hi, > > > > Could you please clarify if

Re: [Cryptography-dev] OpenSSL 3.0.8 + Python 3.11.2 + Cryptography 39

I'm not positive I understand your question. That said, cryptography has supported OpenSSL 3.0 since version 35.0, and pyOpenSSL has required cryptography 35.0.0 since pyOpenSSL 22. Alex On Wed, Apr 5, 2023 at 10:58 AM Prasad, PCRaghavendra via Cryptography-dev wrote: > > Hi Team, > > > > GM,

Re: [Cryptography-dev] Request to remediate vulnerabilities

This issue is resolved in cryptography version 39.0.1 and newer. You simply need to upgrade. Alex On Tue, Mar 7, 2023 at 6:02 AM Mani Sankar Karanam via Cryptography-dev wrote: > > Hello Team !!! > Thank you for providing the open source python package cryptography. It is > greatly helpful to

Re: [Cryptography-dev] Cryptography Wheel Files for Python 3.8

We upload wheels for all releases. We use abi3 wheels, so there aren't wheels specifically for Python 3.8: https://cryptography.io/en/latest/faq/#why-are-there-no-wheels-for-my-python3-x-version Alex On Fri, Feb 17, 2023 at 5:44 AM Manish Gupta <9manishgup...@gmail.com> wrote: > > Hello Team,

Re: [Cryptography-dev] AES-CTR with 256 bit keys

Fri, Feb 3, 2023 at 9:09 AM Alex Gaynor wrote: >> >> This is not correct, block size and key size are not the same thing >> for symmetric encryption algorithms. >> >> AES's block size is always 128-bit, it's not something cryptography >> chooses to use, it's the

Re: [Cryptography-dev] AES-CTR with 256 bit keys

This is not correct, block size and key size are not the same thing for symmetric encryption algorithms. AES's block size is always 128-bit, it's not something cryptography chooses to use, it's the definition of the algorithm. Alex On Thu, Feb 2, 2023 at 8:02 PM Arshad Khan wrote: > > Hello >

Re: [Cryptography-dev] Declaration of Vulnerabilities - pyOpenSSL

a) Everything I said about your identical email regarding pynacl is applicable here b) Please don't ship new things in 2023 that use pyOpenSSL 20, which is from 2020. Alex On Fri, Jan 6, 2023 at 5:07 PM Bird, Kurt wrote: > > Dear PyOpenSSL Maintainers, > > > > GDMS-C is preparing a response to

Re: [Cryptography-dev] Declaration of Vulnerabilities - PyNaCl

I think you are confused about how this works. We are not your vendor, it's not our responsibility to help you do your RFP. If you want to sell something to the Canadian Government, you have to do the legwork. We're an open source project. We provide source code under an OSS license, we accept

[Cryptography-dev] PyCA cryptography 38.0.2 yanked

Yesterday, PyCA cryptography 38.0.2 was released to PyPI. Today, we yanked the release from PyPI due to regressions in OpenSSL that led the OpenSSL team to withdraw OpenSSL 3.0.6 (which PyCA cryptography's wheels include). We expect to issue a follow up release once the OpenSSL team has released

Re: [Cryptography-dev] Quick Question

No, there is no plan to issue a 39 release shortly. This complaint should be directed at the Safety DB. There is no LibreSSL vulnerability, they are confused. https://github.com/pyupio/safety/issues/413 Alex On Mon, Oct 3, 2022 at 12:09 PM Rodney McBride via Cryptography-dev wrote: > > Is

Re: [Cryptography-dev] regarding openSSL bindings in python-cryptography package

Hi Sudhakar, _openssl.so is the CFFI generated C extension that exposes OpenSSL's APIs to Python. Depending on how you built and installed cryptography this can be either statically linked against OpenSSL or dynamically. If you downloaded one of our wheels then it is statically linked against a

[Cryptography-dev] PyCA cryptography 37.0.4

PyCA cryptography 37.0.4 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, asymmetric algorithms, message digests, X509, key derivation functions, and much more. We support Python 3.6+,

[Cryptography-dev] PyCA cryptography 37.0.3 (and then yanked)

Yesterday, PyCA cryptography 37.0.3 was released to PyPI. Today, we yanked the release from PyPI due to a regression in OpenSSL that was producing heap corruption for users. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric

Re: [Cryptography-dev] Cryptography version for python 3.7 on Windows 64 machine

Your question doesn't have many details, but see: https://cryptography.io/en/latest/faq/#why-are-there-no-wheels-for-my-python3-x-version I suspect this answers your question. Alex On Tue, May 31, 2022 at 12:18 PM Zhang, Yang via Cryptography-dev < cryptography-dev@python.org> wrote: > Dear

Re: [Cryptography-dev] Certificates with RSASSA_PSS

Hi Andrew, Unfortunately fully supporting PSS certificates is not merely a matter of adding a value to SIG_OIDS_TO_HASH. This is tracked in https://github.com/pyca/cryptography/issues/2850 and https://github.com/pyca/cryptography/issues/4858. However, if that PR works for you, then you can

Re: [Cryptography-dev] Validate SSH key

t; make sure that the string which I'm receiving is a valid SSH public > key. > > On Mon, Feb 28, 2022 at 6:13 PM Alex Gaynor wrote: > > > > What does it mean to you to validate an SSH key? > > > > pyOpenSSL does not have any functions for interacting with > &

Re: [Cryptography-dev] Validate SSH key

What does it mean to you to validate an SSH key? pyOpenSSL does not have any functions for interacting with SSH-formatted keys. cryptography has a function for parsing them: https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization/#openssh-public-key Alex On Mon, Feb 28,

Re: [Cryptography-dev] Alpine: pip install cryptography --no-binary cryptography generates wheel

--no-binary prevents downloading a pre-built wheel. However, pip will always build a wheel internally from an sdist, that's part of how it installs a package. What are you actually trying to do? Alex On Sun, Feb 27, 2022 at 8:00 AM Felix Woelk wrote: > > Hi there, > > I am using cryptography

Re: [Cryptography-dev] Possible to customize how python handle ssl verify callback?

This mailing list is for dealing with the Python Cryptographic Authority family of libraries, so we're not really in a position to provide support for the Python stdlib modules. For that you want something like https://discuss.python.org/. That said, if you really this this to apply to _all_

Re: [Cryptography-dev] Need information for cryptography 3.4.7

If this is coming from the US government, please email me off list with which agencies are demanding to know if python is impacted by log4j. Alex בתאריך יום ד׳, 15 בדצמ׳ 2021, 11:59, מאת Bill Cain ‏: > First, thank you so much for the quick response. We so appreciate all > that you do for

Re: [Cryptography-dev] Linux CPython 3.8 version for cffi, bcrypt and PyNaCl

Cryptography already publishes abi3 wheels that cover all supported versions of Python3: https://cryptography.io/en/latest/faq/#why-are-there-no-wheels-for-my-python3-x-version You likely need to upgrade your version of pip. Alex On Mon, Nov 15, 2021 at 8:57 PM Andrey Gusakov wrote: > > Hi

Re: [Cryptography-dev] Compute issuerKeyHash

You want Encoding.DER, not PEM. Alex On Thu, Sep 16, 2021 at 11:51 AM pepone.onrez wrote: > > Hi, > > Is there a way to compute the issuer key hash from the certificate issuer? > > I tried with: > > public_key = issuer_cert.public_key().public_bytes( > Encoding.PEM, >

Re: [Cryptography-dev] Problems with importing OpenSSL on Windows

I'd guess it's related to upgraded version of build tools in our release pipeline -- possibly related to abi3? Alex On Wed, Apr 21, 2021 at 12:31 PM Łukasz Hanuszczak wrote: > Hello again, > > On Thu, Apr 15, 2021 at 2:30 PM Alex Gaynor wrote: > >> I don't believe we ma

[Cryptography-dev] codecov security incident

This morning codecov disclosed a security incident: https://about.codecov.io/security-update/ This incident allowed an attacker to run code in environments that use codecov for uploading coverage. Since the Python Cryptographic Authority uses codecov across our projects for tracking coverage, we

Re: [Cryptography-dev] Problems with importing OpenSSL on Windows

Hi Lukasz, Unfortunately this issue doesn't ring a bell at all for me. I don't believe we made any fundamental changes to our DLLs -- all we've done is update OpenSSL versions over this period. We have definitely not introduced any new system dependencies. Alex On Thu, Apr 15, 2021 at 8:10 AM

Re: [Cryptography-dev] Replicating CI of the project?

I haven't tried it myself, but https://github.com/nektos/act may literally let you just run our github actions locally. To answer your question more specifically: there's usually one of two reasons our CI fails that aren't caught locally: either due to the many many versions of OpenSSL we

Re: [Cryptography-dev] Loading a Curve25519 X.509 key

formats. We should fix those docs. > > -Paul > > On Wed, Mar 10, 2021 at 11:05 AM Alex Gaynor wrote: > > > > Hi Saruabh, > > > > I think > > https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization.html#cryptography.hazmat.primit

Re: [Cryptography-dev] Loading a Curve25519 X.509 key

Hi Saruabh, I think https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization.html#cryptography.hazmat.primitives.serialization.load_pem_public_key should work. Notwithstanding the docs, I believe it'll load an X25519PublicKey :-) If that works for you, let us know and I'll

Re: [Cryptography-dev] Rust in pyca/cryptography

is simply stop trying to drop C. Alex On Wed, Jan 13, 2021 at 9:45 AM Barry Scott wrote: > > On Tuesday, 12 January 2021 17:23:10 GMT Alex Gaynor wrote: > > Running `yum install rust` in a CentOS8 docker container seems to get > > me rustc 1.45.2, and as our docs say, 1.45.0 w

Re: [Cryptography-dev] Rust in pyca/cryptography

.), but we're not simply going to stop these efforts: Language level memory safety is not negotiable. Alex On Tue, Jan 12, 2021 at 1:00 PM Michael Ströder via Cryptography-dev wrote: > > On 1/12/21 6:23 PM, Alex Gaynor wrote: > > As ever, our wheels (which are how the vast majority of our users

[Cryptography-dev] Rust in pyca/cryptography

Hi all, As we previewed in August [0] we're planning to incorporate Rust code into pyca/cryptography. I'm thrilled to announce that we just landed a patch that starts us down that path: https://github.com/pyca/cryptography/commit/c84d6ee0605645a24fd93c436967ee2519aa586a As a reminder, the

Re: [Cryptography-dev] Affected version of CVE-2020-25659

Hi Tristan, Yes, this impacts every version going back to 0.4 when this functionality was first introduced. Alex On Wed, Oct 28, 2020 at 9:33 AM Tristan Laurillard wrote: > Hello, > > We maintain the Safety vulnerability tool. > > I have a small question regarding

Re: [Cryptography-dev] Cryptography v3.2 publish to PyPi

We're not yet ready to do a release, and have things remaining in that milestone https://github.com/pyca/cryptography/milestone/34 -- including changes to the SMIME API. Alex On Fri, Oct 16, 2020 at 1:59 PM Jonathan Trinh via Cryptography-dev < cryptography-dev@python.org> wrote: > Hello, > > >

[Cryptography-dev] Rust code in pyca/cryptography

Hi all, We're investigating the inclusion of Rust code into pyca/cryptography. If you are interested in providing feedback on this, please see https://github.com/pyca/cryptography/issues/5381 and leave a comment. Thanks, Alex -- All that is necessary for evil to succeed is for good people to

Re: [Cryptography-dev] New OpenSSH key format

No, cryptography does not support OpenSSH format private keys. This is not currently planned. Alex On Tue, Mar 3, 2020 at 1:28 AM Lalit Kumar wrote: > Can we retrieve the public key from private key in the new OpenSSH format > like below: > > > > > > > > > > > > > > > > > > > > > > > > > > > >

[Cryptography-dev] macOS older than 10.12

Hi everyone, We're considering dropping support for macOS versions older than 10.12, due to maintenance burden, and incredibly low usage (per PyPI metrics). Before we do that, we just wanted to check in to see if there was any reason this would cause a problem for anyone? Alex -- All that is

Re: [Cryptography-dev] Private Set Intersection

1) By get the bytes I assume you mean for the private value? In that case, key.private_numbers().private_value will give you it as an integer, then you can encode it as you like. 2) No, EC private keys do not mathetmatically support encryption. If you want to encrypt with an elliptic curve private

Re: [Cryptography-dev] serialize private ley

You should pass an instance of https://cryptography.io/en/latest/hazmat/primitives/asymmetric/serialization/#cryptography.hazmat.primitives.serialization.NoEncryption if you want an unencrypted key. Here's an example:

Re: [Cryptography-dev] Type error using CBC IV

Just looking at the code here, are you sure the `key` is a bytes object? Alex On Thu, Jun 14, 2018 at 5:30 PM Fennell, Felix W. wrote: > Hi, > > I'm not sure if this the best place to ask for support using Cryptography, > apologies if it isn't. > > I am trying to recover and decrypt some data

Re: [Cryptography-dev] Using EC Point arithemtic in cryptography

mod_inverse` and I > can't seem to find anything on that quite yet. No pointers here, I guess? > > > Thanks! > > -John > > On Fri, Dec 1, 2017 at 3:24 PM, Alex Gaynor <alex.gay...@gmail.com> wrote: > >> Hi John, >> >> We don't have an API for doing

Re: [Cryptography-dev] Help on ERROR, please.

You are using an out of date version of setuptools; upgrade to the latest release and it should resolve your issue. Alex On Tue, Oct 17, 2017 at 3:17 PM, 白 岩 wrote: > Hi, I'm using python2.7 and need to install this moudel. > I installed it with command : pip install

Re: [Cryptography-dev] Signing with Intermediate Certificate not accepted by Browsers

he Outputs of the openssl command. In comparing the Files I can > see one created with python are UTF8STRING and the one with my other > application are PRINTABLESTRING. > > I try to make a new test with the current git version of cryptography. > > Thanks, > Julian > >

Re: [Cryptography-dev] FIPS cffi bindings

As you noted, I have a disdain for FIPS-140. Familiarity breeds contempt. That said, I'm ok with landing just the bindings. Alex On Mon, Sep 25, 2017 at 11:54 AM, Scott Sturdivant < scott.sturdiv...@gmail.com> wrote: > Hi, > > Would the cryptography dev team be accepting of a patch that added

Re: [Cryptography-dev] Raw ECDSA keypairs?

ake sense? > > On Sep 15, 2017 15:40, "Alex Gaynor" <alex.gay...@gmail.com> wrote: > >> I'm not sure what you mean by "raw bytes", keys can be generated and >> serialized as documented here: https://cryptography.io/ >> en/latest/hazmat/primitiv

Re: [Cryptography-dev] Raw ECDSA keypairs?

I'm not sure what you mean by "raw bytes", keys can be generated and serialized as documented here: https://cryptography.io/en/latest/hazmat/primitives/asymmetric/ec/#serialization Alex On Fri, Sep 15, 2017 at 3:11 PM, John Pacific wrote: > Hey there! > > Is there a good

[Cryptography-dev] Using pip<6 to install cryptography?

Hello, We'd like to make some long desired cleanups to our setup.py ( https://github.com/pyca/cryptography/pull/3796). Unfortunately, if you're installing cryptography with pip<6, things won't work (specifically, all of cryptography's dependencies won't be installed). If you're using pip<6, can

Re: [Cryptography-dev] Import Error.

Hi Deepen, Without any more information, it looks like you didn't install cryptography into your virtualenv. How did you install twisted? Alex On Sun, Jul 23, 2017 at 12:24 PM, Deepen Patel wrote: > Hi, > > I got error like Import error. > > Traceback (most

Re: [Cryptography-dev] Cipher/tls cipher negotiated

This is properly a question for the requests mailing list I think. That said, if you can root around in the response object and find the SSL.Connection, you can call: - https://pyopenssl.org/en/stable/api/ssl.html#OpenSSL.SSL.Connection.get_protocol_version -

Re: [Cryptography-dev] pyOpenSSL

I think agreeing that pyOpenSSL is maintained by the lot of us, poor decision makers, is the right move. +1. As you've both astutely highlighted, none of us really like pyOpenSSL, nor do we make much time for it. Are there things we can do to lower the maintenance burden for ourselves? At this

Re: [Cryptography-dev] Set padding strategy to use in X.509 certificate signing

Unfortunately we don't have an API for this: https://github.com/pyca/cryptography/issues/2850 tracks adding this. Truth be told, I'm not totally sure the status of PSS signature verification in X.509 libs, so I can't promise what platforms this will work on, even after we figure this out. Alex

Re: [Cryptography-dev] Processing public key algorithm 'ecdsa-with-SHA256'

(Please reply to the full mailing lists) https://cryptography.io/en/latest/hazmat/primitives/asymmetric/ec/#cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey describes the methods that an EllipticCurvePublicKey has for exporting the key, either to bytes or ot raw numbers. Alex

Re: [Cryptography-dev] Processing public key algorithm 'ecdsa-with-SHA256'

ne and then process the text but that > doesn’t seem a good way to start! > > > On 20 Apr 2017, at 13:22, Alex Gaynor <alex.gay...@gmail.com> wrote: > > Hi Paul, > > If what you're trying to do is manipulate X.509 certificates and public > keys, I think you'll have a

Re: [Cryptography-dev] Processing public key algorithm 'ecdsa-with-SHA256'

Hi Paul, If what you're trying to do is manipulate X.509 certificates and public keys, I think you'll have an easier time using the pyca/cryptography APIs, they're significantly richer and better tested -- and since pyOpenSSL depends on pyca/cryptography you already have a copy :-)

Re: [Cryptography-dev] Is SHA-1 secure when used in HMAC and PBKDF2?

s no current security issue. That said, optics in cryptography can > be important (as you're seeing with your user requests now). You will save > yourself a great deal of low grade noise in the future by simply switching > now. > > On March 15, 2017 at 1:53:24 PM, Alex Gaynor (ale

Re: [Cryptography-dev] Getting Error when updating field on DB with encoded base64 string

Hi Salvador, I haven't looked to see a bug that would cause the exception you are seeing, however the way you are created SQL strings leaves you vulnerable to SQL injection attacks if an attack can control the "id" variable. To be totally frank, I strongly recommend you familiarize yourself with

Re: [Cryptography-dev] Support for ED25519?

If you'd like ed25519 from a supported library today, pyncal has it. On Mon, Jan 16, 2017 at 8:55 PM, Paul Kehrer wrote: > We plan to add support for ed25519 as soon as there is an OpenSSL release > that supports it. That may be 1.1.1, but it hasn't landed yet. > >

Re: [Cryptography-dev] Key storages

I'm opposed -- there's no benefit to this being in cryptography itself; this API can be totally implemented outside of it. Alex On Mon, Dec 19, 2016 at 4:17 PM, Boris Bobrov wrote: > Hi! > > I work on OpenStack Keystone. We use Fernet keys for our tokens. A > token is a

Re: [Cryptography-dev] Generating deterministic ECDSA signatures

Hi Eran, At the moment, no. Right now we simply use whatever OpenSSL does for generating `k`. Alex On Mon, Dec 12, 2016 at 6:43 AM, Eran Messeri via Cryptography-dev < cryptography-dev@python.org> wrote: > Hi, > > Is there a way to generate deterministic ECDSA signatures? > With the following

Re: [Cryptography-dev] ECDSA Interoperablity with Microsoft CNG-based peer

https://stackoverflow.com/questions/20992760/understanding-bcryptsignhash-output-signature matches your intuition: the format out of Microsoft's function is just the two numbers concatenated together, perhaps they are little endian instead of big endian though? Alex On Thu, Aug 11, 2016 at 1:38

Re: [Cryptography-dev] [Proposal] Deprecating and removing support for OpenSSL 0.9.8

Uhhh, sorry, which includes OpenSSL *1.0.2*. Alex On Fri, Jan 22, 2016 at 5:21 PM, Alex Gaynor <alex.gay...@gmail.com> wrote: > On OS X and Windows we distribute a Cryptography wheel which includes > OpenSSL 0.9.8. > > Alex > > On Fri, Jan 22, 2016 at 5:19 PM, Ron Frede

[Cryptography-dev] [Proposal] Intent to deprecate and remove: Python 2.6

Hi all, I'd like to propose we formally deprecate (in our next release) and remove (in the release thereafter) support for Python2.6. It is no longer under support from its developers (which makes it a security risk), its use is more or less confined to users of CentOS and RHEL (which means SCL