Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / ff5ec86837be8eefb6f7cb819433cf1878e31d26 / . / CHANGELOG.rst
blob: c8cec58de390a9b9e2c108e4f2c60420b912a087 [file] [log] [blame]
Matthew Iversen69a6fad2014-02-25 02:10:44 +1100[diff] [blame]1Changelog
2=========
3
Paul Kehrer98681332014-09-29 21:43:57 -0500[diff] [blame]40.7 - `master`_
5~~~~~~~~~~~~~~~
6
7.. note:: This version is not yet released and is under active development.
8
Alex Gaynora438e832014-10-19 19:47:05 -0700[diff] [blame]9* More bit-lengths are now support for ``p`` and ``q`` when loading DSA keys
10 from numbers.
Terry Chiaff5ec862014-10-20 12:15:22 +0800[diff] [blame^]11* Added :class:`~cryptography.hazmat.primitives.interfaces.MACContext` as a
12 common interface for CMAC and HMAC and deprecated
13 :class:`~cryptography.hazmat.primitives.interfaces.CMACContext`.
Terry Chiac7c82f32014-10-20 12:15:22 +0800[diff] [blame]14
Paul Kehrer555b1502014-10-15 23:24:57 -0500[diff] [blame]150.6.1 - 2014-10-15
16~~~~~~~~~~~~~~~~~~
17
18* Updated Windows wheels to be compiled against OpenSSL 1.0.1j.
19* Fixed an issue where OpenSSL 1.0.1j changed the errors returned by some
20 functions.
21* Added our license file to the ``cryptography-vectors`` package.
22* Implemented DSA hash truncation support (per FIPS 186-3) in the OpenSSL
23 backend. This works around an issue in 1.0.0, 1.0.0a, and 1.0.0b where
24 truncation was not implemented.
25
Paul Kehrerc3f11d82014-09-29 20:31:15 -0500[diff] [blame]260.6 - 2014-09-29
27~~~~~~~~~~~~~~~~
Paul Kehrer1757fe32014-07-07 22:29:23 -0500[diff] [blame]28
Alex Gaynoref823342014-09-27 12:04:22 -0400[diff] [blame]29* Added
30 :func:`~cryptography.hazmat.primitives.serialization.load_pem_private_key` to
31 ease loading private keys, and
32 :func:`~cryptography.hazmat.primitives.serialization.load_pem_public_key` to
33 support loading public keys.
Alex Gaynor1658f942014-07-08 00:02:37 -0700[diff] [blame]34* Removed the, deprecated in 0.4, support for the ``salt_length`` argument to
35 the :class:`~cryptography.hazmat.primitives.asymmetric.padding.MGF1`
36 constructor. The ``salt_length`` should be passed to
37 :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS` instead.
Paul Kehrerf4fbf392014-08-21 08:36:49 -1000[diff] [blame]38* Fix compilation on OS X Yosemite.
Paul Kehrer77e95a02014-09-25 12:28:07 -0500[diff] [blame]39* Deprecated ``elliptic_curve_private_key_from_numbers`` and
40 ``elliptic_curve_public_key_from_numbers`` in favor of
41 ``load_elliptic_curve_private_numbers`` and
42 ``load_elliptic_curve_public_numbers`` on
43 :class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`.
Paul Kehrer4c773652014-09-27 11:26:02 -0500[diff] [blame]44* Added
Paul Kehrer5f11d8d2014-09-28 09:42:47 -0500[diff] [blame]45 :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePrivateKeyWithNumbers`
Paul Kehrer4c773652014-09-27 11:26:02 -0500[diff] [blame]46 and
Paul Kehrer5f11d8d2014-09-28 09:42:47 -0500[diff] [blame]47 :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKeyWithNumbers`
Paul Kehrer4c773652014-09-27 11:26:02 -0500[diff] [blame]48 support.
Paul Kehrerf378e402014-09-27 11:28:42 -0500[diff] [blame]49* Work around three GCM related bugs in CommonCrypto and OpenSSL.
Paul Kehrer4c773652014-09-27 11:26:02 -0500[diff] [blame]50
51 * On the CommonCrypto backend adding AAD but not subsequently calling update
52 would return null tag bytes.
53
54 * One the CommonCrypto backend a call to update without an empty add AAD call
55 would return null ciphertext bytes.
56
57 * On the OpenSSL backend with certain versions adding AAD only would give
58 invalid tag bytes.
59
60* Support loading EC private keys from PEM.
Alex Gaynor1658f942014-07-08 00:02:37 -0700[diff] [blame]61
Paul Kehrer01f0c672014-08-20 20:15:18 -1000[diff] [blame]620.5.4 - 2014-08-20
63~~~~~~~~~~~~~~~~~~
64
65* Added several functions to the OpenSSL bindings to support new
66 functionality in pyOpenSSL.
67* Fixed a redefined constant causing compilation failure with Solaris 11.2.
68
Paul Kehrer86cf5b12014-08-07 05:38:17 -1000[diff] [blame]690.5.3 - 2014-08-06
70~~~~~~~~~~~~~~~~~~
71
72* Updated Windows wheels to be compiled against OpenSSL 1.0.1i.
73
Paul Kehrer2456e662014-07-09 19:51:32 -0500[diff] [blame]740.5.2 - 2014-07-09
75~~~~~~~~~~~~~~~~~~
76
77* Add
78 :class:`~cryptography.hazmat.backends.interfaces.TraditionalOpenSSLSerializationBackend`
79 support to :doc:`/hazmat/backends/multibackend`.
80* Fix compilation error on OS X 10.8 (Mountain Lion).
81
Paul Kehrerf092d732014-07-07 19:42:15 -0500[diff] [blame]820.5.1 - 2014-07-07
83~~~~~~~~~~~~~~~~~~
84
85* Add
86 :class:`~cryptography.hazmat.backends.interfaces.PKCS8SerializationBackend`
87 support to :doc:`/hazmat/backends/multibackend`.
88
Paul Kehrer3c6a2392014-07-07 08:29:07 -0500[diff] [blame]890.5 - 2014-07-07
90~~~~~~~~~~~~~~~~
Paul Kehrer50a04852014-05-03 08:57:13 -0500[diff] [blame]91
Alex Gaynor8f1b8e82014-06-29 20:43:29 -0700[diff] [blame]92* **BACKWARDS INCOMPATIBLE:**
93 :class:`~cryptography.hazmat.primitives.ciphers.modes.GCM` no longer allows
94 truncation of tags by default. Previous versions of ``cryptography`` allowed
95 tags to be truncated by default, applications wishing to preserve this
Alex Gaynor4efe61a2014-06-29 20:44:53 -0700[diff] [blame]96 behavior (not recommended) can pass the ``min_tag_length`` argument.
Paul Kehrer8987bcb2014-07-06 09:28:29 -0500[diff] [blame]97* Windows builds now statically link OpenSSL by default. When installing a
Paul Kehrer3df9a312014-07-06 09:25:29 -0500[diff] [blame]98 wheel on Windows you no longer need to install OpenSSL separately. Windows
99 users can switch between static and dynamic linking with an environment
100 variable. See :doc:`/installation` for more details.
Paul Kehrer88bac252014-05-21 12:42:13 -0500[diff] [blame]101* Added :class:`~cryptography.hazmat.primitives.kdf.hkdf.HKDFExpand`.
Paul Kehrer2a947c42014-05-15 17:22:08 -0400[diff] [blame]102* Added :class:`~cryptography.hazmat.primitives.ciphers.modes.CFB8` support
103 for :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` and
104 :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` on
105 :doc:`/hazmat/backends/commoncrypto` and :doc:`/hazmat/backends/openssl`.
Paul Kehrer055f9602014-05-20 23:21:26 -0500[diff] [blame]106* Added ``AES`` :class:`~cryptography.hazmat.primitives.ciphers.modes.CTR`
107 support to the OpenSSL backend when linked against 0.9.8.
Paul Kehrer286c7dc2014-05-31 12:05:38 -0500[diff] [blame]108* Added
109 :class:`~cryptography.hazmat.backends.interfaces.PKCS8SerializationBackend`
110 and
111 :class:`~cryptography.hazmat.backends.interfaces.TraditionalOpenSSLSerializationBackend`
112 support to the :doc:`/hazmat/backends/openssl`.
Paul Kehrer21fc5822014-07-04 09:28:55 -0500[diff] [blame]113* Added :doc:`/hazmat/primitives/asymmetric/ec` and
114 :class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`.
Paul Kehrerd1bac5e2014-06-13 12:34:49 -0500[diff] [blame]115* Added :class:`~cryptography.hazmat.primitives.ciphers.modes.ECB` support
116 for :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` on
117 :doc:`/hazmat/backends/commoncrypto` and :doc:`/hazmat/backends/openssl`.
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]118* Deprecated
119 :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey` in
120 favor of backend specific providers of the
Paul Kehrerf2fb02a2014-06-19 10:16:42 -0600[diff] [blame]121 :class:`~cryptography.hazmat.primitives.interfaces.RSAPrivateKey` interface.
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]122* Deprecated
123 :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey` in favor
124 of backend specific providers of the
Paul Kehrerf2fb02a2014-06-19 10:16:42 -0600[diff] [blame]125 :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey` interface.
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]126* Deprecated
127 :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey` in
128 favor of backend specific providers of the
Paul Kehrer512ac222014-06-26 16:40:05 -0600[diff] [blame]129 :class:`~cryptography.hazmat.primitives.interfaces.DSAPrivateKey` interface.
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]130* Deprecated
131 :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` in favor
132 of backend specific providers of the
Paul Kehrer512ac222014-06-26 16:40:05 -0600[diff] [blame]133 :class:`~cryptography.hazmat.primitives.interfaces.DSAPublicKey` interface.
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]134* Deprecated
135 :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters` in
136 favor of backend specific providers of the
Paul Kehrer512ac222014-06-26 16:40:05 -0600[diff] [blame]137 :class:`~cryptography.hazmat.primitives.interfaces.DSAParameters` interface.
Paul Kehrerf2fb02a2014-06-19 10:16:42 -0600[diff] [blame]138* Deprecated ``encrypt_rsa``, ``decrypt_rsa``, ``create_rsa_signature_ctx`` and
139 ``create_rsa_verification_ctx`` on
140 :class:`~cryptography.hazmat.backends.interfaces.RSABackend`.
Paul Kehrer1262be22014-06-26 16:16:50 -0600[diff] [blame]141* Deprecated ``create_dsa_signature_ctx`` and ``create_dsa_verification_ctx``
142 on :class:`~cryptography.hazmat.backends.interfaces.DSABackend`.
Paul Kehrerbb91c812014-05-12 15:03:04 -0400[diff] [blame]143
Paul Kehrer95862012014-05-01 16:48:05 -0500[diff] [blame]1440.4 - 2014-05-03
145~~~~~~~~~~~~~~~~
Paul Kehrer3d4eb6e2014-03-27 16:27:31 -0500[diff] [blame]146
Paul Kehrerba987452014-04-02 17:12:26 -0500[diff] [blame]147* Deprecated ``salt_length`` on
148 :class:`~cryptography.hazmat.primitives.asymmetric.padding.MGF1` and added it
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]149 to :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`. It will
Alex Gaynor2e49f212014-07-12 10:58:30 -0700[diff] [blame]150 be removed from ``MGF1`` in two releases per our :doc:`/api-stability`
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]151 policy.
152* Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`
153 support.
Ayrx9bea9372014-04-22 21:00:34 +0800[diff] [blame]154* Added :class:`~cryptography.hazmat.primitives.cmac.CMAC`.
Alex Gaynorcd58b932014-05-01 23:11:06 -0700[diff] [blame]155* Added decryption support to
156 :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`
157 and encryption support to
158 :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`.
Paul Kehrer80950e52014-05-01 16:48:55 -0500[diff] [blame]159* Added signature support to
160 :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`
161 and verification support to
162 :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`.
Ayrx9bea9372014-04-22 21:00:34 +0800[diff] [blame]163
Paul Kehrer9c2a11b2014-03-27 13:16:57 -0500[diff] [blame]1640.3 - 2014-03-27
165~~~~~~~~~~~~~~~~
Matthew Iversen69a6fad2014-02-25 02:10:44 +1100[diff] [blame]166
167* Added :class:`~cryptography.hazmat.primitives.twofactor.hotp.HOTP`.
David Reideea08d92014-02-25 11:06:09 -0800[diff] [blame]168* Added :class:`~cryptography.hazmat.primitives.twofactor.totp.TOTP`.
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]169* Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA`
170 support.
Alex Gaynorcd58b932014-05-01 23:11:06 -0700[diff] [blame]171* Added signature support to
172 :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`
173 and verification support to
174 :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`.
Paul Kehrer1592e5b2014-03-27 14:29:38 -0500[diff] [blame]175* Moved test vectors to the new ``cryptography_vectors`` package.
Matthew Iversen69a6fad2014-02-25 02:10:44 +1100[diff] [blame]176
Paul Kehrer7f711ee2014-03-03 23:58:45 -0400[diff] [blame]1770.2.2 - 2014-03-03
178~~~~~~~~~~~~~~~~~~
179
Alex Gaynor9963cb32014-07-12 09:35:33 -0700[diff] [blame]180* Removed a constant definition that was causing compilation problems with
181 specific versions of OpenSSL.
Paul Kehrer7f711ee2014-03-03 23:58:45 -0400[diff] [blame]182
Matthew Iversen69a6fad2014-02-25 02:10:44 +1100[diff] [blame]1830.2.1 - 2014-02-22
184~~~~~~~~~~~~~~~~~~
Paul Kehrer7f711ee2014-03-03 23:58:45 -0400[diff] [blame]185
Alex Gaynorcd58b932014-05-01 23:11:06 -0700[diff] [blame]186* Fix a bug where importing cryptography from multiple paths could cause
187 initialization to fail.
Matthew Iversen69a6fad2014-02-25 02:10:44 +1100[diff] [blame]188
1890.2 - 2014-02-20
190~~~~~~~~~~~~~~~~
191
192* Added :doc:`/hazmat/backends/commoncrypto`.
193* Added initial :doc:`/hazmat/bindings/commoncrypto`.
194* Removed ``register_cipher_adapter`` method from
195 :class:`~cryptography.hazmat.backends.interfaces.CipherBackend`.
196* Added support for the OpenSSL backend under Windows.
197* Improved thread-safety for the OpenSSL backend.
198* Fixed compilation on systems where OpenSSL's ``ec.h`` header is not
199 available, such as CentOS.
200* Added :class:`~cryptography.hazmat.primitives.kdf.pbkdf2.PBKDF2HMAC`.
201* Added :class:`~cryptography.hazmat.primitives.kdf.hkdf.HKDF`.
202* Added :doc:`/hazmat/backends/multibackend`.
Alex Gaynorcd58b932014-05-01 23:11:06 -0700[diff] [blame]203* Set default random for the :doc:`/hazmat/backends/openssl` to the OS
204 random engine.
205* Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.CAST5`
206 (CAST-128) support.
Matthew Iversen69a6fad2014-02-25 02:10:44 +1100[diff] [blame]207
2080.1 - 2014-01-08
209~~~~~~~~~~~~~~~~
210
211* Initial release.
212
Alex Stapletonb9df2782014-03-17 08:09:41 +0000[diff] [blame]213.. _`master`: https://github.com/pyca/cryptography/