Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 555b150a537b1c7b801e496215326413892175d1 / . / CHANGELOG.rst
blob: e1f8b115e5e4d9e0dddfad9262e3b71ba992443d [file] [log] [blame]
Matthew Iversen69a6fad2014-02-25 02:10:44 +1100[diff] [blame]1Changelog
2=========
3
Paul Kehrer98681332014-09-29 21:43:57 -0500[diff] [blame]40.7 - `master`_
5~~~~~~~~~~~~~~~
6
7.. note:: This version is not yet released and is under active development.
8
Paul Kehrer555b1502014-10-15 23:24:57 -0500[diff] [blame^]90.6.1 - 2014-10-15
10~~~~~~~~~~~~~~~~~~
11
12* Updated Windows wheels to be compiled against OpenSSL 1.0.1j.
13* Fixed an issue where OpenSSL 1.0.1j changed the errors returned by some
14 functions.
15* Added our license file to the ``cryptography-vectors`` package.
16* Implemented DSA hash truncation support (per FIPS 186-3) in the OpenSSL
17 backend. This works around an issue in 1.0.0, 1.0.0a, and 1.0.0b where
18 truncation was not implemented.
19
Paul Kehrerc3f11d82014-09-29 20:31:15 -0500[diff] [blame]200.6 - 2014-09-29
21~~~~~~~~~~~~~~~~
Paul Kehrer1757fe32014-07-07 22:29:23 -0500[diff] [blame]22
Alex Gaynoref823342014-09-27 12:04:22 -0400[diff] [blame]23* Added
24 :func:`~cryptography.hazmat.primitives.serialization.load_pem_private_key` to
25 ease loading private keys, and
26 :func:`~cryptography.hazmat.primitives.serialization.load_pem_public_key` to
27 support loading public keys.
Alex Gaynor1658f942014-07-08 00:02:37 -0700[diff] [blame]28* Removed the, deprecated in 0.4, support for the ``salt_length`` argument to
29 the :class:`~cryptography.hazmat.primitives.asymmetric.padding.MGF1`
30 constructor. The ``salt_length`` should be passed to
31 :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS` instead.
Paul Kehrerf4fbf392014-08-21 08:36:49 -1000[diff] [blame]32* Fix compilation on OS X Yosemite.
Paul Kehrer77e95a02014-09-25 12:28:07 -0500[diff] [blame]33* Deprecated ``elliptic_curve_private_key_from_numbers`` and
34 ``elliptic_curve_public_key_from_numbers`` in favor of
35 ``load_elliptic_curve_private_numbers`` and
36 ``load_elliptic_curve_public_numbers`` on
37 :class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`.
Paul Kehrer4c773652014-09-27 11:26:02 -0500[diff] [blame]38* Added
Paul Kehrer5f11d8d2014-09-28 09:42:47 -0500[diff] [blame]39 :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePrivateKeyWithNumbers`
Paul Kehrer4c773652014-09-27 11:26:02 -0500[diff] [blame]40 and
Paul Kehrer5f11d8d2014-09-28 09:42:47 -0500[diff] [blame]41 :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKeyWithNumbers`
Paul Kehrer4c773652014-09-27 11:26:02 -0500[diff] [blame]42 support.
Paul Kehrerf378e402014-09-27 11:28:42 -0500[diff] [blame]43* Work around three GCM related bugs in CommonCrypto and OpenSSL.
Paul Kehrer4c773652014-09-27 11:26:02 -0500[diff] [blame]44
45 * On the CommonCrypto backend adding AAD but not subsequently calling update
46 would return null tag bytes.
47
48 * One the CommonCrypto backend a call to update without an empty add AAD call
49 would return null ciphertext bytes.
50
51 * On the OpenSSL backend with certain versions adding AAD only would give
52 invalid tag bytes.
53
54* Support loading EC private keys from PEM.
Alex Gaynor1658f942014-07-08 00:02:37 -0700[diff] [blame]55
Paul Kehrer01f0c672014-08-20 20:15:18 -1000[diff] [blame]560.5.4 - 2014-08-20
57~~~~~~~~~~~~~~~~~~
58
59* Added several functions to the OpenSSL bindings to support new
60 functionality in pyOpenSSL.
61* Fixed a redefined constant causing compilation failure with Solaris 11.2.
62
Paul Kehrer86cf5b12014-08-07 05:38:17 -1000[diff] [blame]630.5.3 - 2014-08-06
64~~~~~~~~~~~~~~~~~~
65
66* Updated Windows wheels to be compiled against OpenSSL 1.0.1i.
67
Paul Kehrer2456e662014-07-09 19:51:32 -0500[diff] [blame]680.5.2 - 2014-07-09
69~~~~~~~~~~~~~~~~~~
70
71* Add
72 :class:`~cryptography.hazmat.backends.interfaces.TraditionalOpenSSLSerializationBackend`
73 support to :doc:`/hazmat/backends/multibackend`.
74* Fix compilation error on OS X 10.8 (Mountain Lion).
75
Paul Kehrerf092d732014-07-07 19:42:15 -0500[diff] [blame]760.5.1 - 2014-07-07
77~~~~~~~~~~~~~~~~~~
78
79* Add
80 :class:`~cryptography.hazmat.backends.interfaces.PKCS8SerializationBackend`
81 support to :doc:`/hazmat/backends/multibackend`.
82
Paul Kehrer3c6a2392014-07-07 08:29:07 -0500[diff] [blame]830.5 - 2014-07-07
84~~~~~~~~~~~~~~~~
Paul Kehrer50a04852014-05-03 08:57:13 -0500[diff] [blame]85
Alex Gaynor8f1b8e82014-06-29 20:43:29 -0700[diff] [blame]86* **BACKWARDS INCOMPATIBLE:**
87 :class:`~cryptography.hazmat.primitives.ciphers.modes.GCM` no longer allows
88 truncation of tags by default. Previous versions of ``cryptography`` allowed
89 tags to be truncated by default, applications wishing to preserve this
Alex Gaynor4efe61a2014-06-29 20:44:53 -0700[diff] [blame]90 behavior (not recommended) can pass the ``min_tag_length`` argument.
Paul Kehrer8987bcb2014-07-06 09:28:29 -0500[diff] [blame]91* Windows builds now statically link OpenSSL by default. When installing a
Paul Kehrer3df9a312014-07-06 09:25:29 -0500[diff] [blame]92 wheel on Windows you no longer need to install OpenSSL separately. Windows
93 users can switch between static and dynamic linking with an environment
94 variable. See :doc:`/installation` for more details.
Paul Kehrer88bac252014-05-21 12:42:13 -0500[diff] [blame]95* Added :class:`~cryptography.hazmat.primitives.kdf.hkdf.HKDFExpand`.
Paul Kehrer2a947c42014-05-15 17:22:08 -0400[diff] [blame]96* Added :class:`~cryptography.hazmat.primitives.ciphers.modes.CFB8` support
97 for :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` and
98 :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` on
99 :doc:`/hazmat/backends/commoncrypto` and :doc:`/hazmat/backends/openssl`.
Paul Kehrer055f9602014-05-20 23:21:26 -0500[diff] [blame]100* Added ``AES`` :class:`~cryptography.hazmat.primitives.ciphers.modes.CTR`
101 support to the OpenSSL backend when linked against 0.9.8.
Paul Kehrer286c7dc2014-05-31 12:05:38 -0500[diff] [blame]102* Added
103 :class:`~cryptography.hazmat.backends.interfaces.PKCS8SerializationBackend`
104 and
105 :class:`~cryptography.hazmat.backends.interfaces.TraditionalOpenSSLSerializationBackend`
106 support to the :doc:`/hazmat/backends/openssl`.
Paul Kehrer21fc5822014-07-04 09:28:55 -0500[diff] [blame]107* Added :doc:`/hazmat/primitives/asymmetric/ec` and
108 :class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`.
Paul Kehrerd1bac5e2014-06-13 12:34:49 -0500[diff] [blame]109* Added :class:`~cryptography.hazmat.primitives.ciphers.modes.ECB` support
110 for :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` on
111 :doc:`/hazmat/backends/commoncrypto` and :doc:`/hazmat/backends/openssl`.
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]112* Deprecated
113 :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey` in
114 favor of backend specific providers of the
Paul Kehrerf2fb02a2014-06-19 10:16:42 -0600[diff] [blame]115 :class:`~cryptography.hazmat.primitives.interfaces.RSAPrivateKey` interface.
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]116* Deprecated
117 :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey` in favor
118 of backend specific providers of the
Paul Kehrerf2fb02a2014-06-19 10:16:42 -0600[diff] [blame]119 :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey` interface.
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]120* Deprecated
121 :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey` in
122 favor of backend specific providers of the
Paul Kehrer512ac222014-06-26 16:40:05 -0600[diff] [blame]123 :class:`~cryptography.hazmat.primitives.interfaces.DSAPrivateKey` interface.
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]124* Deprecated
125 :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` in favor
126 of backend specific providers of the
Paul Kehrer512ac222014-06-26 16:40:05 -0600[diff] [blame]127 :class:`~cryptography.hazmat.primitives.interfaces.DSAPublicKey` interface.
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]128* Deprecated
129 :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters` in
130 favor of backend specific providers of the
Paul Kehrer512ac222014-06-26 16:40:05 -0600[diff] [blame]131 :class:`~cryptography.hazmat.primitives.interfaces.DSAParameters` interface.
Paul Kehrerf2fb02a2014-06-19 10:16:42 -0600[diff] [blame]132* Deprecated ``encrypt_rsa``, ``decrypt_rsa``, ``create_rsa_signature_ctx`` and
133 ``create_rsa_verification_ctx`` on
134 :class:`~cryptography.hazmat.backends.interfaces.RSABackend`.
Paul Kehrer1262be22014-06-26 16:16:50 -0600[diff] [blame]135* Deprecated ``create_dsa_signature_ctx`` and ``create_dsa_verification_ctx``
136 on :class:`~cryptography.hazmat.backends.interfaces.DSABackend`.
Paul Kehrerbb91c812014-05-12 15:03:04 -0400[diff] [blame]137
Paul Kehrer95862012014-05-01 16:48:05 -0500[diff] [blame]1380.4 - 2014-05-03
139~~~~~~~~~~~~~~~~
Paul Kehrer3d4eb6e2014-03-27 16:27:31 -0500[diff] [blame]140
Paul Kehrerba987452014-04-02 17:12:26 -0500[diff] [blame]141* Deprecated ``salt_length`` on
142 :class:`~cryptography.hazmat.primitives.asymmetric.padding.MGF1` and added it
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]143 to :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`. It will
Alex Gaynor2e49f212014-07-12 10:58:30 -0700[diff] [blame]144 be removed from ``MGF1`` in two releases per our :doc:`/api-stability`
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]145 policy.
146* Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`
147 support.
Ayrx9bea9372014-04-22 21:00:34 +0800[diff] [blame]148* Added :class:`~cryptography.hazmat.primitives.cmac.CMAC`.
Alex Gaynorcd58b932014-05-01 23:11:06 -0700[diff] [blame]149* Added decryption support to
150 :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`
151 and encryption support to
152 :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`.
Paul Kehrer80950e52014-05-01 16:48:55 -0500[diff] [blame]153* Added signature support to
154 :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`
155 and verification support to
156 :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`.
Ayrx9bea9372014-04-22 21:00:34 +0800[diff] [blame]157
Paul Kehrer9c2a11b2014-03-27 13:16:57 -0500[diff] [blame]1580.3 - 2014-03-27
159~~~~~~~~~~~~~~~~
Matthew Iversen69a6fad2014-02-25 02:10:44 +1100[diff] [blame]160
161* Added :class:`~cryptography.hazmat.primitives.twofactor.hotp.HOTP`.
David Reideea08d92014-02-25 11:06:09 -0800[diff] [blame]162* Added :class:`~cryptography.hazmat.primitives.twofactor.totp.TOTP`.
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]163* Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA`
164 support.
Alex Gaynorcd58b932014-05-01 23:11:06 -0700[diff] [blame]165* Added signature support to
166 :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`
167 and verification support to
168 :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`.
Paul Kehrer1592e5b2014-03-27 14:29:38 -0500[diff] [blame]169* Moved test vectors to the new ``cryptography_vectors`` package.
Matthew Iversen69a6fad2014-02-25 02:10:44 +1100[diff] [blame]170
Paul Kehrer7f711ee2014-03-03 23:58:45 -0400[diff] [blame]1710.2.2 - 2014-03-03
172~~~~~~~~~~~~~~~~~~
173
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]174* Removed a constant definition that was causing compilation problems with
175 specific versions of OpenSSL.
Paul Kehrer7f711ee2014-03-03 23:58:45 -0400[diff] [blame]176
Matthew Iversen69a6fad2014-02-25 02:10:44 +1100[diff] [blame]1770.2.1 - 2014-02-22
178~~~~~~~~~~~~~~~~~~
Paul Kehrer7f711ee2014-03-03 23:58:45 -0400[diff] [blame]179
Alex Gaynorcd58b932014-05-01 23:11:06 -0700[diff] [blame]180* Fix a bug where importing cryptography from multiple paths could cause
181 initialization to fail.
Matthew Iversen69a6fad2014-02-25 02:10:44 +1100[diff] [blame]182
1830.2 - 2014-02-20
184~~~~~~~~~~~~~~~~
185
186* Added :doc:`/hazmat/backends/commoncrypto`.
187* Added initial :doc:`/hazmat/bindings/commoncrypto`.
188* Removed ``register_cipher_adapter`` method from
189 :class:`~cryptography.hazmat.backends.interfaces.CipherBackend`.
190* Added support for the OpenSSL backend under Windows.
191* Improved thread-safety for the OpenSSL backend.
192* Fixed compilation on systems where OpenSSL's ``ec.h`` header is not
193 available, such as CentOS.
194* Added :class:`~cryptography.hazmat.primitives.kdf.pbkdf2.PBKDF2HMAC`.
195* Added :class:`~cryptography.hazmat.primitives.kdf.hkdf.HKDF`.
196* Added :doc:`/hazmat/backends/multibackend`.
Alex Gaynorcd58b932014-05-01 23:11:06 -0700[diff] [blame]197* Set default random for the :doc:`/hazmat/backends/openssl` to the OS
198 random engine.
199* Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.CAST5`
200 (CAST-128) support.
Matthew Iversen69a6fad2014-02-25 02:10:44 +1100[diff] [blame]201
2020.1 - 2014-01-08
203~~~~~~~~~~~~~~~~
204
205* Initial release.
206
Alex Stapletonb9df2782014-03-17 08:09:41 +0000[diff] [blame]207.. _`master`: https://github.com/pyca/cryptography/