Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=mickledore-next 2020-08-31T15:26:47+00:00 2020-08-31T15:26:47+00:00 Leon Anavi leon.anavi@konsulko.com 2020-08-27T09:29:50+00:00 urn:sha1:5e3f81892e135879df65bb211c27a6d4e6fd8686 Upgrade to release 3.1: - BACKWARDS INCOMPATIBLE: Removed support for idna based :term:`U-label` parsing in various X.509 classes. This support was originally deprecated in version 2.1 and moved to an extra in 2.5. - Deprecated OpenSSL 1.0.2 support. OpenSSL 1.0.2 is no longer supported by the OpenSSL project. The next version of cryptography will drop support for it. - Deprecated support for Python 3.5. This version sees very little use and will be removed in the next release. - backend arguments to functions are no longer required and the default backend will automatically be selected if no backend is provided. - Added initial support for parsing certificates from PKCS7 files - Calling update or update_into on :class:`~cryptography.hazmat.primitives.ciphers.CipherContext` with data longer than 231 bytes no longer raises an OverflowError. This also resolves the same issue in :doc:`/fernet`. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> 2020-08-06T17:27:15+00:00 Leon Anavi leon.anavi@konsulko.com 2020-08-03T14:05:17+00:00 urn:sha1:2d1838e2cec7532da0fbcb3498ef69789bb8ca2c Upgrade to release 3.0: - Deprecated support for Python 2. At the time there is no time table for actually dropping support, however we strongly encourage all users to upgrade their Python, as Python 2 no longer receives support from the Python core team. - Added support for OpenSSH serialization format for ec, ed25519, rsa and dsa private keys. - Added support for OpenSSH certificates. - Added :meth:`~cryptography.fernet.Fernet.encrypt_at_time` and :meth:`~cryptography.fernet.Fernet.decrypt_at_time` to :class:`~cryptography.fernet.Fernet`. - Added support for the :class:`~cryptography.x509.SubjectInformationAccess` X.509 extension. - Added support for parsing :class:`~cryptography.x509.SignedCertificateTimestamps` in OCSP responses. - Added support for parsing attributes in certificate signing requests. - Added support for encoding attributes in certificate signing requests. - On OpenSSL 1.1.1d and higher cryptography now uses OpenSSL's built-in CSPRNG instead of its own OS random engine because ithese versions of OpenSSL properly reseed on fork. BACKWARDS INCOMPATIBLE: - Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has been removed (2.9.1+ is still supported). - Dropped support for macOS 10.9, macOS users must upgrade to 10.10 or newer. - RSA :meth:`~cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key` no longer accepts public_exponent values except 65537 and 3 (the latter for legacy purposes). - X.509 certificate parsing now enforces that the version field contains a valid value, rather than deferring this check until :attr:`~cryptography.x509.Certificate.version` is accessed. - Added initial support for creating PKCS12 files with :func:`~cryptography.hazmat.primitives.serialization.pkcs12.serialize_key_and_certificates`. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>