Matthew Iversen | 69a6fad | 2014-02-25 02:10:44 +1100 | [diff] [blame] | 1 | Changelog |
| 2 | ========= |
| 3 | |
Paul Kehrer | 9868133 | 2014-09-29 21:43:57 -0500 | [diff] [blame] | 4 | 0.7 - `master`_ |
| 5 | ~~~~~~~~~~~~~~~ |
| 6 | |
| 7 | .. note:: This version is not yet released and is under active development. |
| 8 | |
Alex Gaynor | a438e83 | 2014-10-19 19:47:05 -0700 | [diff] [blame] | 9 | * More bit-lengths are now support for ``p`` and ``q`` when loading DSA keys |
| 10 | from numbers. |
Terry Chia | ff5ec86 | 2014-10-20 12:15:22 +0800 | [diff] [blame^] | 11 | * Added :class:`~cryptography.hazmat.primitives.interfaces.MACContext` as a |
| 12 | common interface for CMAC and HMAC and deprecated |
| 13 | :class:`~cryptography.hazmat.primitives.interfaces.CMACContext`. |
Terry Chia | c7c82f3 | 2014-10-20 12:15:22 +0800 | [diff] [blame] | 14 | |
Paul Kehrer | 555b150 | 2014-10-15 23:24:57 -0500 | [diff] [blame] | 15 | 0.6.1 - 2014-10-15 |
| 16 | ~~~~~~~~~~~~~~~~~~ |
| 17 | |
| 18 | * Updated Windows wheels to be compiled against OpenSSL 1.0.1j. |
| 19 | * Fixed an issue where OpenSSL 1.0.1j changed the errors returned by some |
| 20 | functions. |
| 21 | * Added our license file to the ``cryptography-vectors`` package. |
| 22 | * Implemented DSA hash truncation support (per FIPS 186-3) in the OpenSSL |
| 23 | backend. This works around an issue in 1.0.0, 1.0.0a, and 1.0.0b where |
| 24 | truncation was not implemented. |
| 25 | |
Paul Kehrer | c3f11d8 | 2014-09-29 20:31:15 -0500 | [diff] [blame] | 26 | 0.6 - 2014-09-29 |
| 27 | ~~~~~~~~~~~~~~~~ |
Paul Kehrer | 1757fe3 | 2014-07-07 22:29:23 -0500 | [diff] [blame] | 28 | |
Alex Gaynor | ef82334 | 2014-09-27 12:04:22 -0400 | [diff] [blame] | 29 | * Added |
| 30 | :func:`~cryptography.hazmat.primitives.serialization.load_pem_private_key` to |
| 31 | ease loading private keys, and |
| 32 | :func:`~cryptography.hazmat.primitives.serialization.load_pem_public_key` to |
| 33 | support loading public keys. |
Alex Gaynor | 1658f94 | 2014-07-08 00:02:37 -0700 | [diff] [blame] | 34 | * Removed the, deprecated in 0.4, support for the ``salt_length`` argument to |
| 35 | the :class:`~cryptography.hazmat.primitives.asymmetric.padding.MGF1` |
| 36 | constructor. The ``salt_length`` should be passed to |
| 37 | :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS` instead. |
Paul Kehrer | f4fbf39 | 2014-08-21 08:36:49 -1000 | [diff] [blame] | 38 | * Fix compilation on OS X Yosemite. |
Paul Kehrer | 77e95a0 | 2014-09-25 12:28:07 -0500 | [diff] [blame] | 39 | * Deprecated ``elliptic_curve_private_key_from_numbers`` and |
| 40 | ``elliptic_curve_public_key_from_numbers`` in favor of |
| 41 | ``load_elliptic_curve_private_numbers`` and |
| 42 | ``load_elliptic_curve_public_numbers`` on |
| 43 | :class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`. |
Paul Kehrer | 4c77365 | 2014-09-27 11:26:02 -0500 | [diff] [blame] | 44 | * Added |
Paul Kehrer | 5f11d8d | 2014-09-28 09:42:47 -0500 | [diff] [blame] | 45 | :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePrivateKeyWithNumbers` |
Paul Kehrer | 4c77365 | 2014-09-27 11:26:02 -0500 | [diff] [blame] | 46 | and |
Paul Kehrer | 5f11d8d | 2014-09-28 09:42:47 -0500 | [diff] [blame] | 47 | :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKeyWithNumbers` |
Paul Kehrer | 4c77365 | 2014-09-27 11:26:02 -0500 | [diff] [blame] | 48 | support. |
Paul Kehrer | f378e40 | 2014-09-27 11:28:42 -0500 | [diff] [blame] | 49 | * Work around three GCM related bugs in CommonCrypto and OpenSSL. |
Paul Kehrer | 4c77365 | 2014-09-27 11:26:02 -0500 | [diff] [blame] | 50 | |
| 51 | * On the CommonCrypto backend adding AAD but not subsequently calling update |
| 52 | would return null tag bytes. |
| 53 | |
| 54 | * One the CommonCrypto backend a call to update without an empty add AAD call |
| 55 | would return null ciphertext bytes. |
| 56 | |
| 57 | * On the OpenSSL backend with certain versions adding AAD only would give |
| 58 | invalid tag bytes. |
| 59 | |
| 60 | * Support loading EC private keys from PEM. |
Alex Gaynor | 1658f94 | 2014-07-08 00:02:37 -0700 | [diff] [blame] | 61 | |
Paul Kehrer | 01f0c67 | 2014-08-20 20:15:18 -1000 | [diff] [blame] | 62 | 0.5.4 - 2014-08-20 |
| 63 | ~~~~~~~~~~~~~~~~~~ |
| 64 | |
| 65 | * Added several functions to the OpenSSL bindings to support new |
| 66 | functionality in pyOpenSSL. |
| 67 | * Fixed a redefined constant causing compilation failure with Solaris 11.2. |
| 68 | |
Paul Kehrer | 86cf5b1 | 2014-08-07 05:38:17 -1000 | [diff] [blame] | 69 | 0.5.3 - 2014-08-06 |
| 70 | ~~~~~~~~~~~~~~~~~~ |
| 71 | |
| 72 | * Updated Windows wheels to be compiled against OpenSSL 1.0.1i. |
| 73 | |
Paul Kehrer | 2456e66 | 2014-07-09 19:51:32 -0500 | [diff] [blame] | 74 | 0.5.2 - 2014-07-09 |
| 75 | ~~~~~~~~~~~~~~~~~~ |
| 76 | |
| 77 | * Add |
| 78 | :class:`~cryptography.hazmat.backends.interfaces.TraditionalOpenSSLSerializationBackend` |
| 79 | support to :doc:`/hazmat/backends/multibackend`. |
| 80 | * Fix compilation error on OS X 10.8 (Mountain Lion). |
| 81 | |
Paul Kehrer | f092d73 | 2014-07-07 19:42:15 -0500 | [diff] [blame] | 82 | 0.5.1 - 2014-07-07 |
| 83 | ~~~~~~~~~~~~~~~~~~ |
| 84 | |
| 85 | * Add |
| 86 | :class:`~cryptography.hazmat.backends.interfaces.PKCS8SerializationBackend` |
| 87 | support to :doc:`/hazmat/backends/multibackend`. |
| 88 | |
Paul Kehrer | 3c6a239 | 2014-07-07 08:29:07 -0500 | [diff] [blame] | 89 | 0.5 - 2014-07-07 |
| 90 | ~~~~~~~~~~~~~~~~ |
Paul Kehrer | 50a0485 | 2014-05-03 08:57:13 -0500 | [diff] [blame] | 91 | |
Alex Gaynor | 8f1b8e8 | 2014-06-29 20:43:29 -0700 | [diff] [blame] | 92 | * **BACKWARDS INCOMPATIBLE:** |
| 93 | :class:`~cryptography.hazmat.primitives.ciphers.modes.GCM` no longer allows |
| 94 | truncation of tags by default. Previous versions of ``cryptography`` allowed |
| 95 | tags to be truncated by default, applications wishing to preserve this |
Alex Gaynor | 4efe61a | 2014-06-29 20:44:53 -0700 | [diff] [blame] | 96 | behavior (not recommended) can pass the ``min_tag_length`` argument. |
Paul Kehrer | 8987bcb | 2014-07-06 09:28:29 -0500 | [diff] [blame] | 97 | * Windows builds now statically link OpenSSL by default. When installing a |
Paul Kehrer | 3df9a31 | 2014-07-06 09:25:29 -0500 | [diff] [blame] | 98 | wheel on Windows you no longer need to install OpenSSL separately. Windows |
| 99 | users can switch between static and dynamic linking with an environment |
| 100 | variable. See :doc:`/installation` for more details. |
Paul Kehrer | 88bac25 | 2014-05-21 12:42:13 -0500 | [diff] [blame] | 101 | * Added :class:`~cryptography.hazmat.primitives.kdf.hkdf.HKDFExpand`. |
Paul Kehrer | 2a947c4 | 2014-05-15 17:22:08 -0400 | [diff] [blame] | 102 | * Added :class:`~cryptography.hazmat.primitives.ciphers.modes.CFB8` support |
| 103 | for :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` and |
| 104 | :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` on |
| 105 | :doc:`/hazmat/backends/commoncrypto` and :doc:`/hazmat/backends/openssl`. |
Paul Kehrer | 055f960 | 2014-05-20 23:21:26 -0500 | [diff] [blame] | 106 | * Added ``AES`` :class:`~cryptography.hazmat.primitives.ciphers.modes.CTR` |
| 107 | support to the OpenSSL backend when linked against 0.9.8. |
Paul Kehrer | 286c7dc | 2014-05-31 12:05:38 -0500 | [diff] [blame] | 108 | * Added |
| 109 | :class:`~cryptography.hazmat.backends.interfaces.PKCS8SerializationBackend` |
| 110 | and |
| 111 | :class:`~cryptography.hazmat.backends.interfaces.TraditionalOpenSSLSerializationBackend` |
| 112 | support to the :doc:`/hazmat/backends/openssl`. |
Paul Kehrer | 21fc582 | 2014-07-04 09:28:55 -0500 | [diff] [blame] | 113 | * Added :doc:`/hazmat/primitives/asymmetric/ec` and |
| 114 | :class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`. |
Paul Kehrer | d1bac5e | 2014-06-13 12:34:49 -0500 | [diff] [blame] | 115 | * Added :class:`~cryptography.hazmat.primitives.ciphers.modes.ECB` support |
| 116 | for :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` on |
| 117 | :doc:`/hazmat/backends/commoncrypto` and :doc:`/hazmat/backends/openssl`. |
Alex Gaynor | 9963cb3 | 2014-07-12 09:35:33 -0700 | [diff] [blame] | 118 | * Deprecated |
| 119 | :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey` in |
| 120 | favor of backend specific providers of the |
Paul Kehrer | f2fb02a | 2014-06-19 10:16:42 -0600 | [diff] [blame] | 121 | :class:`~cryptography.hazmat.primitives.interfaces.RSAPrivateKey` interface. |
Alex Gaynor | 9963cb3 | 2014-07-12 09:35:33 -0700 | [diff] [blame] | 122 | * Deprecated |
| 123 | :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey` in favor |
| 124 | of backend specific providers of the |
Paul Kehrer | f2fb02a | 2014-06-19 10:16:42 -0600 | [diff] [blame] | 125 | :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey` interface. |
Alex Gaynor | 9963cb3 | 2014-07-12 09:35:33 -0700 | [diff] [blame] | 126 | * Deprecated |
| 127 | :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey` in |
| 128 | favor of backend specific providers of the |
Paul Kehrer | 512ac22 | 2014-06-26 16:40:05 -0600 | [diff] [blame] | 129 | :class:`~cryptography.hazmat.primitives.interfaces.DSAPrivateKey` interface. |
Alex Gaynor | 9963cb3 | 2014-07-12 09:35:33 -0700 | [diff] [blame] | 130 | * Deprecated |
| 131 | :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` in favor |
| 132 | of backend specific providers of the |
Paul Kehrer | 512ac22 | 2014-06-26 16:40:05 -0600 | [diff] [blame] | 133 | :class:`~cryptography.hazmat.primitives.interfaces.DSAPublicKey` interface. |
Alex Gaynor | 9963cb3 | 2014-07-12 09:35:33 -0700 | [diff] [blame] | 134 | * Deprecated |
| 135 | :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters` in |
| 136 | favor of backend specific providers of the |
Paul Kehrer | 512ac22 | 2014-06-26 16:40:05 -0600 | [diff] [blame] | 137 | :class:`~cryptography.hazmat.primitives.interfaces.DSAParameters` interface. |
Paul Kehrer | f2fb02a | 2014-06-19 10:16:42 -0600 | [diff] [blame] | 138 | * Deprecated ``encrypt_rsa``, ``decrypt_rsa``, ``create_rsa_signature_ctx`` and |
| 139 | ``create_rsa_verification_ctx`` on |
| 140 | :class:`~cryptography.hazmat.backends.interfaces.RSABackend`. |
Paul Kehrer | 1262be2 | 2014-06-26 16:16:50 -0600 | [diff] [blame] | 141 | * Deprecated ``create_dsa_signature_ctx`` and ``create_dsa_verification_ctx`` |
| 142 | on :class:`~cryptography.hazmat.backends.interfaces.DSABackend`. |
Paul Kehrer | bb91c81 | 2014-05-12 15:03:04 -0400 | [diff] [blame] | 143 | |
Paul Kehrer | 9586201 | 2014-05-01 16:48:05 -0500 | [diff] [blame] | 144 | 0.4 - 2014-05-03 |
| 145 | ~~~~~~~~~~~~~~~~ |
Paul Kehrer | 3d4eb6e | 2014-03-27 16:27:31 -0500 | [diff] [blame] | 146 | |
Paul Kehrer | ba98745 | 2014-04-02 17:12:26 -0500 | [diff] [blame] | 147 | * Deprecated ``salt_length`` on |
| 148 | :class:`~cryptography.hazmat.primitives.asymmetric.padding.MGF1` and added it |
Alex Gaynor | 9963cb3 | 2014-07-12 09:35:33 -0700 | [diff] [blame] | 149 | to :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`. It will |
Alex Gaynor | 2e49f21 | 2014-07-12 10:58:30 -0700 | [diff] [blame] | 150 | be removed from ``MGF1`` in two releases per our :doc:`/api-stability` |
Alex Gaynor | 9963cb3 | 2014-07-12 09:35:33 -0700 | [diff] [blame] | 151 | policy. |
| 152 | * Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED` |
| 153 | support. |
Ayrx | 9bea937 | 2014-04-22 21:00:34 +0800 | [diff] [blame] | 154 | * Added :class:`~cryptography.hazmat.primitives.cmac.CMAC`. |
Alex Gaynor | cd58b93 | 2014-05-01 23:11:06 -0700 | [diff] [blame] | 155 | * Added decryption support to |
| 156 | :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey` |
| 157 | and encryption support to |
| 158 | :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`. |
Paul Kehrer | 80950e5 | 2014-05-01 16:48:55 -0500 | [diff] [blame] | 159 | * Added signature support to |
| 160 | :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey` |
| 161 | and verification support to |
| 162 | :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`. |
Ayrx | 9bea937 | 2014-04-22 21:00:34 +0800 | [diff] [blame] | 163 | |
Paul Kehrer | 9c2a11b | 2014-03-27 13:16:57 -0500 | [diff] [blame] | 164 | 0.3 - 2014-03-27 |
| 165 | ~~~~~~~~~~~~~~~~ |
Matthew Iversen | 69a6fad | 2014-02-25 02:10:44 +1100 | [diff] [blame] | 166 | |
| 167 | * Added :class:`~cryptography.hazmat.primitives.twofactor.hotp.HOTP`. |
David Reid | eea08d9 | 2014-02-25 11:06:09 -0800 | [diff] [blame] | 168 | * Added :class:`~cryptography.hazmat.primitives.twofactor.totp.TOTP`. |
Alex Gaynor | 9963cb3 | 2014-07-12 09:35:33 -0700 | [diff] [blame] | 169 | * Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA` |
| 170 | support. |
Alex Gaynor | cd58b93 | 2014-05-01 23:11:06 -0700 | [diff] [blame] | 171 | * Added signature support to |
| 172 | :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey` |
| 173 | and verification support to |
| 174 | :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`. |
Paul Kehrer | 1592e5b | 2014-03-27 14:29:38 -0500 | [diff] [blame] | 175 | * Moved test vectors to the new ``cryptography_vectors`` package. |
Matthew Iversen | 69a6fad | 2014-02-25 02:10:44 +1100 | [diff] [blame] | 176 | |
Paul Kehrer | 7f711ee | 2014-03-03 23:58:45 -0400 | [diff] [blame] | 177 | 0.2.2 - 2014-03-03 |
| 178 | ~~~~~~~~~~~~~~~~~~ |
| 179 | |
Alex Gaynor | 9963cb3 | 2014-07-12 09:35:33 -0700 | [diff] [blame] | 180 | * Removed a constant definition that was causing compilation problems with |
| 181 | specific versions of OpenSSL. |
Paul Kehrer | 7f711ee | 2014-03-03 23:58:45 -0400 | [diff] [blame] | 182 | |
Matthew Iversen | 69a6fad | 2014-02-25 02:10:44 +1100 | [diff] [blame] | 183 | 0.2.1 - 2014-02-22 |
| 184 | ~~~~~~~~~~~~~~~~~~ |
Paul Kehrer | 7f711ee | 2014-03-03 23:58:45 -0400 | [diff] [blame] | 185 | |
Alex Gaynor | cd58b93 | 2014-05-01 23:11:06 -0700 | [diff] [blame] | 186 | * Fix a bug where importing cryptography from multiple paths could cause |
| 187 | initialization to fail. |
Matthew Iversen | 69a6fad | 2014-02-25 02:10:44 +1100 | [diff] [blame] | 188 | |
| 189 | 0.2 - 2014-02-20 |
| 190 | ~~~~~~~~~~~~~~~~ |
| 191 | |
| 192 | * Added :doc:`/hazmat/backends/commoncrypto`. |
| 193 | * Added initial :doc:`/hazmat/bindings/commoncrypto`. |
| 194 | * Removed ``register_cipher_adapter`` method from |
| 195 | :class:`~cryptography.hazmat.backends.interfaces.CipherBackend`. |
| 196 | * Added support for the OpenSSL backend under Windows. |
| 197 | * Improved thread-safety for the OpenSSL backend. |
| 198 | * Fixed compilation on systems where OpenSSL's ``ec.h`` header is not |
| 199 | available, such as CentOS. |
| 200 | * Added :class:`~cryptography.hazmat.primitives.kdf.pbkdf2.PBKDF2HMAC`. |
| 201 | * Added :class:`~cryptography.hazmat.primitives.kdf.hkdf.HKDF`. |
| 202 | * Added :doc:`/hazmat/backends/multibackend`. |
Alex Gaynor | cd58b93 | 2014-05-01 23:11:06 -0700 | [diff] [blame] | 203 | * Set default random for the :doc:`/hazmat/backends/openssl` to the OS |
| 204 | random engine. |
| 205 | * Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.CAST5` |
| 206 | (CAST-128) support. |
Matthew Iversen | 69a6fad | 2014-02-25 02:10:44 +1100 | [diff] [blame] | 207 | |
| 208 | 0.1 - 2014-01-08 |
| 209 | ~~~~~~~~~~~~~~~~ |
| 210 | |
| 211 | * Initial release. |
| 212 | |
Alex Stapleton | b9df278 | 2014-03-17 08:09:41 +0000 | [diff] [blame] | 213 | .. _`master`: https://github.com/pyca/cryptography/ |