aboutsummaryrefslogtreecommitdiffstats
path: root/CHANGELOG.rst
Commit message (Collapse)AuthorAgeFilesLines
...
* Fixed #4700 -- linkify method in changelog (#4715)Alex Gaynor2019-01-181-4/+6
| | | | | | | | | | * Fixed #4700 -- linkify method in changelog * fixed linkification * oxford comma * line length
* changelog for byteslike (#4712)Paul Kehrer2019-01-171-0/+3
| | | | | | * changelog for byteslike * bertter prose
* Serialization x25519 (#4688)Paul Kehrer2019-01-141-0/+4
| | | | | | | | | | | | | | | | | * modify x25519 serialization to match x448 supports raw and pkcs8 encoding on private_bytes supports raw and subjectpublickeyinfo on public_bytes deprecates zero argument call to public_bytes * add docs * this is public now * don't need that * review feedback
* add signature_hash_algorithm to OCSPResponse (#4681)Paul Kehrer2019-01-101-0/+2
| | | | | | * add signature_hash_algorithm to OCSPResponse * fix pointless asserts
* add x448 to changelog (#4652)Paul Kehrer2018-12-221-0/+2
|
* deprecate old from_encoded_point (#4640)Paul Kehrer2018-12-111-1/+3
|
* Compressed point support (#4629)Paul Kehrer2018-12-111-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | * compressed point support * refactor to use oct2point directly * small docs change * remove deprecation for the moment and a bit of review feedback * no backend arg, implicitly import it * missed a spot * double oops * remove superfluous call * use refactored method * use vector file * one last item
* allow bytes-like for key/iv/data for symmetric encryption (#4621)Paul Kehrer2018-12-091-0/+1
| | | | | | | | | | | | | | | | | | * allow bytearrays for key/iv for symmetric encryption * bump pypy/cffi requirements * update docs, fix some tests * old openssl is naught but pain * revert a typo * use trusty for old pypy * better error msg again * restore match
* Add RFC 4514 Distinguished Name formatting for Name, RDN and NameAttribute ↵Marti Raudsepp2018-12-081-0/+4
| | | | (#4304)
* remove idna as a primary dependency (#4624)Paul Kehrer2018-12-061-0/+4
| | | | | | | | | | * remove idna as a primary dependency * empty commit * dynamodb test fix (thanks to Matt Bullock) * review feedback
* IssuingDistributionPoint support (parse only) (#4552)Paul Kehrer2018-11-301-0/+1
| | | | | | | | | | | | | | | | | | | | | | * IssuingDistributionPoint support h/t to Irina Renteria for the initial work here * python 2 unfortunately still exists * py2 repr * typo caught by flake8 * add docs * review feedback * reorder args, other fixes * use the alex name * add changelog
* PKCS12 Basic Parsing (#4553)Paul Kehrer2018-11-281-0/+2
| | | | | | | | | | | | | | | | | | * PKCS12 parsing support * running all the tests is so gauche * rename func * various significant fixes * dangerous idiot here * move pkcs12 * docs updates * a bit more prose
* add sha3 support (#4573)Paul Kehrer2018-11-221-0/+5
| | | | | | | | * add sha3 support * missed versionadded * add prose, remove block_size
* port 2.4.2 changelog (#4599)Paul Kehrer2018-11-201-0/+8
|
* add SHA512/224 and SHA512/256 support (#4575)Paul Kehrer2018-11-121-0/+4
| | | | | | * add SHA512/224 and SHA512/256 support * add missing docs
* reopen master for 2.5 development (#4571)Paul Kehrer2018-11-111-0/+7
|
* Revert O_CLOEXEC change to fix builds (#4570)Alex Gaynor2018-11-111-0/+7
|
* bump versions and update changelog for 2.4 release (#4568)Paul Kehrer2018-11-111-4/+2
|
* add note about dropping LibreSSL 2.4.x support (#4506)Paul Kehrer2018-10-191-0/+1
|
* Fixes #4333 -- added support for precert poison extension (#4442)Alex Gaynor2018-08-311-0/+1
| | | | | | | | | | | | | | * Fixes #4333 -- added support for precert poison extension * Make work on all OpenSSL versions * fixed flake8 + docs * fix for older OpenSSLs * document this * spell
* Fixes #3460 -- deprecate OpenSSL 1.0.1 (#4427)Alex Gaynor2018-08-311-0/+4
| | | | | | | | | | | | * Fixes #3460 -- deprecate OpenSSL 1.0.1 * We need to import warnings * flake8 * words are hard * rephrase
* Added OCSP to the changelog (#4405)Alex Gaynor2018-08-161-0/+2
|
* port 2.3.1 changelog (#4397)Paul Kehrer2018-08-141-0/+8
|
* add CVE ID to security issue (#4360)Paul Kehrer2018-07-181-0/+1
|
* reopen master (#4359)Paul Kehrer2018-07-181-0/+7
|
* bump version and changelog for 2.3 release (#4356)Paul Kehrer2018-07-181-4/+2
|
* disallow implicit tag truncation with finalize_with_tag (#4342)Paul Kehrer2018-07-171-0/+5
|
* add crl.get_revoked_certificate method (#4331)Paul Kehrer2018-07-161-0/+3
| | | | | | | | * add crl.get_revoked_certificate method * lexicographic is the best ographic * rename
* Change the exception we raise in keywrap unwrapping on invalid length (#4337)Alex Gaynor2018-07-161-0/+4
| | | I believe this can reasonably be considered backwards compatible since other invalid inputs already lead to InvalidUnwrap, and clients shouldn't be distinguishing between these two conditions, and ValueError wasn't documented anyways.
* Make RelativeDistinguishedName preserve attribtue order (#4306)Marti Raudsepp2018-07-091-0/+3
| | | | Duplicate attributes now raise an error instead of silently discarding duplicates.
* Add py37 (#4298)Paul Kehrer2018-06-271-0/+1
| | | | | | | | | | | | | | * test against python 3.7 for windows * update docs to say we test on 3.7 * more succinct * maybe make this actually work. * link properly * moar changes
* LibreSSL 2.7.x support (#4270)Paul Kehrer2018-05-301-0/+2
| | | | | | | | * libre 2.7.3 compatibility * add a changelog * actually build against 2.7.3
* deprecate pythons without hmac.compare_digest (#4261)Paul Kehrer2018-05-241-0/+3
| | | | | | * deprecate the constant time bytes comparison path old python 2.7.x uses * pep8
* Add support for extracting timestamp from a Fernet token (#4229)Paul Kehrer2018-05-121-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add API for retrieving the seconds-to-expiry for the token, given a TTL. * Process PR feedback: * Do compute the TTL, but just the age of the token. The caller can decided what to do next. * Factored out the HMAC signature verification to a separate function. * Fixed a copy&paste mistake in the test cases * Tests cleanup. * `struct` no longer needed * Document `def age()` * typo in `age()` documentation * token, not data * remove test for TTL expiry that is already covered by the parameterized `test_invalid()`. * let's call this extract_timestamp and just return timestamp * review comments * it's UNIX I know this
* port changelog for 2.2.2 (#4172)Paul Kehrer2018-03-271-0/+8
|
* forward port 2.2.1 changelog (#4167)Alex Gaynor2018-03-201-0/+13
|
* open master for 2.3 (#4151)Paul Kehrer2018-03-181-0/+7
|
* 2.2 release! (#4150)Paul Kehrer2018-03-181-4/+3
| | | | | | * 2.2 release! * also change versions
* implement AES KW with padding (RFC 5649) (#3880)Paul Kehrer2018-03-181-0/+5
| | | | | | | | | | | | | | | | | | * implement AES KW with padding (RFC 5649) fixes #3791 * oops, 2.2 * make sure this is the right valueerror * more match * make key padding easier to read * review feedback * review feedback
* Brainpool curves (#4129)Paul Kehrer2018-03-151-0/+4
| | | | | | | | | | | | | | | | | | * added brainpool ec-curves key_length >= 256bit * limit brainpool curves to the set that appear required + docs * oops * typos all around me * add brainpool ECDH kex tests * switch to using rfc 7027 vectors * review feedback * empty commits are the best
* memory leak changelog (#4097)Paul Kehrer2018-02-051-0/+2
|
* The HKDF limit is actually 255 * digest_length_in_bytes (#4037)Paul Kehrer2018-01-061-0/+1
| | | | | | | | | | | * The HKDF limit is actually 255 * digest_length_in_bytes Previously we had a bug where we divided digest_size by 8...but HashAlgorithm.digest_size is already in bytes. * test longer output * changelog
* port changelog for 2.1.4 to master (#4031)Paul Kehrer2017-11-291-0/+7
|
* forward port changelog (#4009)Alex Gaynor2017-11-021-0/+8
|
* Forward port 2.1.2 changelog (#3998)Alex Gaynor2017-10-241-0/+8
|
* Add Multifernet.rotate method (#3979)Chris Wolfe2017-10-191-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add rotate method * add some more tests for the failure modes * start adding some documentation for the rotate method * operate on a single token at a time, leave lists to the caller * add versionadded add versionadded, drop rotate from class doctest * give rotate a doctest * single level, not aligned * add changelog for mf.rotate * show that, once rotated, the old fernet instance can no longer decrypt the token * add the instead of just the how * update docs to reflect removal of ttl from rotate * update tests * refactor internal methods so that we can extract the timestamp * implement rotate * update wordlist (case sensitive?) * lints * consistent naming * get_token_data/get_unverified_token_data -> better name * doc changes * use the static method, do not treat as imethod * move up to MultiFernet docs * add to authors * alter wording * monkeypatch time to make it less possible for the test to pass simply due to calls occuring in less than one second * set the time after encryption to make sure that the time is preserved as part of re-encryption
* Make changelog for A-label more readable (#3977)Christian Heimes2017-10-171-7/+9
| | | | | "value, value, and value" isn't very helpful. Signed-off-by: Christian Heimes <cheimes@redhat.com>
* port 2.1.1 changelog (#3975)Paul Kehrer2017-10-121-0/+7
|
* expunge python 2.6 (#3962)Paul Kehrer2017-10-111-0/+1
| | | | | | | | | | * expunge python 2.6 * how did THAT happen * remove another unsupported python from the tox envlist * hypothesis can now be unconditionally imported
* start the twenty second release cycle (#3960)Paul Kehrer2017-10-111-0/+7
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 08:46:03 +0000