aboutsummaryrefslogtreecommitdiffstats
path: root/CHANGELOG.rst
Commit message (Collapse)AuthorAgeFilesLines
* Reopen master for 2.7 (#4788)Alex Gaynor2019-02-281-0/+5
|
* 2.6.1 release with fixed wheels (#4792)Alex Gaynor2019-02-281-0/+8
|
* bump version and update changelog for 2.6 release (#4787)Paul Kehrer2019-02-271-6/+6
| | | | | | * bump version and update changelog for 2.6 release * 1.1.1b wheels for 2.6
* support ed25519 openssh public keys (#4785)Paul Kehrer2019-02-271-0/+2
| | | | | | * support ed25519 openssh public keys * don't need this check
* ed448 support (#4610)Paul Kehrer2019-02-271-0/+2
| | | | | | | | * ed448 support * move the changelog entry * flake8
* ed25519 support (#4114)Paul Kehrer2019-02-261-0/+2
| | | | | | * ed25519 support * review feedback
* support NO_ENGINE (#4763)Paul Kehrer2019-02-251-1/+4
| | | | | | | | * support OPENSSL_NO_ENGINE * support some new openssl config args * sigh
* add an EC OID to curve dictionary mapping (#4759)Paul Kehrer2019-02-201-0/+2
| | | | | | | | | | * add an EC OID to curve dictionary mapping * oid_to_curve function * changelog and docs fix * rename to get_curve_for_oid
* Fixes #4734 -- Deal with deprecated things (#4736)Alex Gaynor2019-01-231-0/+12
| | | | | | | | | | * Fixes #4734 -- Deal with deprecated things - Make year based aliases of PersistentlyDeprecated so we can easily assess age - Removed encode/decode rfc6979 signature - Removed Certificate.serial * Unused import
* reopen master for 2.6 work (#4730)Paul Kehrer2019-01-221-0/+8
|
* changelog and version bump for 2.5 (#4729)Paul Kehrer2019-01-221-4/+4
|
* deprecate encode_point and migrate all internal callers (#4720)Paul Kehrer2019-01-201-1/+2
|
* add support for encoding compressed points (#4638)Paul Kehrer2019-01-201-0/+2
| | | | | | * add support for encoding compressed points * review feedback
* shake128/256 support (#4611)Paul Kehrer2019-01-191-0/+3
| | | | | | | | | | | | | | * shake128/256 support * remove block_size * doc an exception * change how we detect XOF by adding _xof attribute * interface! * review feedback
* Fixed #4700 -- linkify method in changelog (#4715)Alex Gaynor2019-01-181-4/+6
| | | | | | | | | | * Fixed #4700 -- linkify method in changelog * fixed linkification * oxford comma * line length
* changelog for byteslike (#4712)Paul Kehrer2019-01-171-0/+3
| | | | | | * changelog for byteslike * bertter prose
* Serialization x25519 (#4688)Paul Kehrer2019-01-141-0/+4
| | | | | | | | | | | | | | | | | * modify x25519 serialization to match x448 supports raw and pkcs8 encoding on private_bytes supports raw and subjectpublickeyinfo on public_bytes deprecates zero argument call to public_bytes * add docs * this is public now * don't need that * review feedback
* add signature_hash_algorithm to OCSPResponse (#4681)Paul Kehrer2019-01-101-0/+2
| | | | | | * add signature_hash_algorithm to OCSPResponse * fix pointless asserts
* add x448 to changelog (#4652)Paul Kehrer2018-12-221-0/+2
|
* deprecate old from_encoded_point (#4640)Paul Kehrer2018-12-111-1/+3
|
* Compressed point support (#4629)Paul Kehrer2018-12-111-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | * compressed point support * refactor to use oct2point directly * small docs change * remove deprecation for the moment and a bit of review feedback * no backend arg, implicitly import it * missed a spot * double oops * remove superfluous call * use refactored method * use vector file * one last item
* allow bytes-like for key/iv/data for symmetric encryption (#4621)Paul Kehrer2018-12-091-0/+1
| | | | | | | | | | | | | | | | | | * allow bytearrays for key/iv for symmetric encryption * bump pypy/cffi requirements * update docs, fix some tests * old openssl is naught but pain * revert a typo * use trusty for old pypy * better error msg again * restore match
* Add RFC 4514 Distinguished Name formatting for Name, RDN and NameAttribute ↵Marti Raudsepp2018-12-081-0/+4
| | | | (#4304)
* remove idna as a primary dependency (#4624)Paul Kehrer2018-12-061-0/+4
| | | | | | | | | | * remove idna as a primary dependency * empty commit * dynamodb test fix (thanks to Matt Bullock) * review feedback
* IssuingDistributionPoint support (parse only) (#4552)Paul Kehrer2018-11-301-0/+1
| | | | | | | | | | | | | | | | | | | | | | * IssuingDistributionPoint support h/t to Irina Renteria for the initial work here * python 2 unfortunately still exists * py2 repr * typo caught by flake8 * add docs * review feedback * reorder args, other fixes * use the alex name * add changelog
* PKCS12 Basic Parsing (#4553)Paul Kehrer2018-11-281-0/+2
| | | | | | | | | | | | | | | | | | * PKCS12 parsing support * running all the tests is so gauche * rename func * various significant fixes * dangerous idiot here * move pkcs12 * docs updates * a bit more prose
* add sha3 support (#4573)Paul Kehrer2018-11-221-0/+5
| | | | | | | | * add sha3 support * missed versionadded * add prose, remove block_size
* port 2.4.2 changelog (#4599)Paul Kehrer2018-11-201-0/+8
|
* add SHA512/224 and SHA512/256 support (#4575)Paul Kehrer2018-11-121-0/+4
| | | | | | * add SHA512/224 and SHA512/256 support * add missing docs
* reopen master for 2.5 development (#4571)Paul Kehrer2018-11-111-0/+7
|
* Revert O_CLOEXEC change to fix builds (#4570)Alex Gaynor2018-11-111-0/+7
|
* bump versions and update changelog for 2.4 release (#4568)Paul Kehrer2018-11-111-4/+2
|
* add note about dropping LibreSSL 2.4.x support (#4506)Paul Kehrer2018-10-191-0/+1
|
* Fixes #4333 -- added support for precert poison extension (#4442)Alex Gaynor2018-08-311-0/+1
| | | | | | | | | | | | | | * Fixes #4333 -- added support for precert poison extension * Make work on all OpenSSL versions * fixed flake8 + docs * fix for older OpenSSLs * document this * spell
* Fixes #3460 -- deprecate OpenSSL 1.0.1 (#4427)Alex Gaynor2018-08-311-0/+4
| | | | | | | | | | | | * Fixes #3460 -- deprecate OpenSSL 1.0.1 * We need to import warnings * flake8 * words are hard * rephrase
* Added OCSP to the changelog (#4405)Alex Gaynor2018-08-161-0/+2
|
* port 2.3.1 changelog (#4397)Paul Kehrer2018-08-141-0/+8
|
* add CVE ID to security issue (#4360)Paul Kehrer2018-07-181-0/+1
|
* reopen master (#4359)Paul Kehrer2018-07-181-0/+7
|
* bump version and changelog for 2.3 release (#4356)Paul Kehrer2018-07-181-4/+2
|
* disallow implicit tag truncation with finalize_with_tag (#4342)Paul Kehrer2018-07-171-0/+5
|
* add crl.get_revoked_certificate method (#4331)Paul Kehrer2018-07-161-0/+3
| | | | | | | | * add crl.get_revoked_certificate method * lexicographic is the best ographic * rename
* Change the exception we raise in keywrap unwrapping on invalid length (#4337)Alex Gaynor2018-07-161-0/+4
| | | I believe this can reasonably be considered backwards compatible since other invalid inputs already lead to InvalidUnwrap, and clients shouldn't be distinguishing between these two conditions, and ValueError wasn't documented anyways.
* Make RelativeDistinguishedName preserve attribtue order (#4306)Marti Raudsepp2018-07-091-0/+3
| | | | Duplicate attributes now raise an error instead of silently discarding duplicates.
* Add py37 (#4298)Paul Kehrer2018-06-271-0/+1
| | | | | | | | | | | | | | * test against python 3.7 for windows * update docs to say we test on 3.7 * more succinct * maybe make this actually work. * link properly * moar changes
* LibreSSL 2.7.x support (#4270)Paul Kehrer2018-05-301-0/+2
| | | | | | | | * libre 2.7.3 compatibility * add a changelog * actually build against 2.7.3
* deprecate pythons without hmac.compare_digest (#4261)Paul Kehrer2018-05-241-0/+3
| | | | | | * deprecate the constant time bytes comparison path old python 2.7.x uses * pep8
* Add support for extracting timestamp from a Fernet token (#4229)Paul Kehrer2018-05-121-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add API for retrieving the seconds-to-expiry for the token, given a TTL. * Process PR feedback: * Do compute the TTL, but just the age of the token. The caller can decided what to do next. * Factored out the HMAC signature verification to a separate function. * Fixed a copy&paste mistake in the test cases * Tests cleanup. * `struct` no longer needed * Document `def age()` * typo in `age()` documentation * token, not data * remove test for TTL expiry that is already covered by the parameterized `test_invalid()`. * let's call this extract_timestamp and just return timestamp * review comments * it's UNIX I know this
* port changelog for 2.2.2 (#4172)Paul Kehrer2018-03-271-0/+8
|
* forward port 2.2.1 changelog (#4167)Alex Gaynor2018-03-201-0/+13
|