| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 3.3.1:
- Re-added a legacy symbol causing problems for older pyOpenSSL
users.
- BACKWARDS INCOMPATIBLE: Support for Python 3.5 has been removed
due to low usage and maintenance burden.
- BACKWARDS INCOMPATIBLE: The
:class:`~cryptography.hazmat.primitives.ciphers.modes.GCM` and
:class:`~cryptography.hazmat.primitives.ciphers.aead.AESGCM` now
require 64-bit to 1024-bit (8 byte to 128 byte) initialization
vectors. This change is to conform with an upcoming OpenSSL
release that will no longer support sizes outside this window.
- BACKWARDS INCOMPATIBLE: When deserializing asymmetric keys we
now raise ValueError rather than UnsupportedAlgorithm when an
unsupported cipher is used. This change is to conform with an
upcoming OpenSSL release that will no longer distinguish between
error types.
- BACKWARDS INCOMPATIBLE: We no longer allow loading of finite
field Diffie-Hellman parameters of less than 512 bits in length.
This change is to conform with an upcoming OpenSSL release that
no longer supports smaller sizes. These keys were already wildly
insecure and should not have been used in any application
outside of testing.
- Updated Windows, macOS, and manylinux wheels to be compiled with
OpenSSL 1.1.1i.
- Python 2 support is deprecated in cryptography. This is the last
release that will support Python 2.
License-Update: Update note about the code derived from CPython
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
