Bump cryptography from 41.0.7 to 42.0.1
Bumps cryptography from 41.0.7 to 42.0.1.
Changelog
Sourced from cryptography's changelog.
42.0.1 - 2024-01-24
* Fixed an issue with incorrect keyword-argument naming with ``EllipticCurvePrivateKey`` :meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign`. * Resolved compatibility issue with loading certain RSA public keys in :func:`~cryptography.hazmat.primitives.serialization.load_pem_public_key`. .. _v42-0-0: 42.0.0 - 2024-01-22
- BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.7.
- BACKWARDS INCOMPATIBLE: Loading a PKCS7 with no content field using :func:
~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certificates
or :func:~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certificates
will now raise aValueError
rather than return an empty list.- Parsing SSH certificates no longer permits malformed critical options with values, as documented in the 41.0.2 release notes.
- Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0.
- Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0.
- We now publish both
py37
andpy39
abi3
wheels. This should resolve some errors relating to initializing a module multiple times per process.- Support :class:
~cryptography.hazmat.primitives.asymmetric.padding.PSS
for X.509 certificate signing requests and certificate revocation lists with the keyword-only argumentrsa_padding
on thesign
methods for :class:~cryptography.x509.CertificateSigningRequestBuilder
and :class:~cryptography.x509.CertificateRevocationListBuilder
.- Added support for obtaining X.509 certificate signing request signature algorithm parameters (including PSS) via :meth:
~cryptography.x509.CertificateSigningRequest.signature_algorithm_parameters
.- Added support for obtaining X.509 certificate revocation list signature algorithm parameters (including PSS) via :meth:
~cryptography.x509.CertificateRevocationList.signature_algorithm_parameters
.- Added
mgf
property to :class:~cryptography.hazmat.primitives.asymmetric.padding.PSS
.- Added
algorithm
andmgf
properties to :class:~cryptography.hazmat.primitives.asymmetric.padding.OAEP
.- Added the following properties that return timezone-aware
datetime
objects: :meth:~cryptography.x509.Certificate.not_valid_before_utc
, :meth:~cryptography.x509.Certificate.not_valid_after_utc
, :meth:~cryptography.x509.RevokedCertificate.revocation_date_utc
, :meth:~cryptography.x509.CertificateRevocationList.next_update_utc
, :meth:~cryptography.x509.CertificateRevocationList.last_update_utc
. These are timezone-aware variants of existing properties that return naïvedatetime
objects.- Deprecated the following properties that return naïve
datetime
objects:
... (truncated)
Commits
-
337437d
42.0.1 bump (#10252) -
56255de
allow SPKI RSA keys to be parsed even if they have an incorrect delimiter (#1... -
12f038b
fixes #10237 -- correct EC sign parameter name (#10239) (#10240) -
4e64baf
42.0.0 version bump (#10232) -
7cb13a3
we'll ship 3.2.0 for 42 (#9951) -
605c74e
Bump x509-limbo and/or wycheproof in CI (#10231) -
97578b9
Bump BoringSSL and/or OpenSSL in CI (#10230) -
972a7b5
verification: add test_verify_tz_aware (#10229) -
41daf2d
Migrate PKCS7 backend to Rust (#10228) -
d54093e
Remove some skips in tests that aren't needed anymore (#10223) - Additional commits viewable in compare view