From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 09/48] python3-cryptography:Update to version 38.0.1 and to work with python-3.10.8
Date: Wed, 09 Nov 2022 19:56:55 +0100 [thread overview]
Message-ID: <20221109185734.3920-9-adolf.belka@ipfire.org> (raw)
In-Reply-To: <20221109185734.3920-1-adolf.belka@ipfire.org>
[-- Attachment #1: Type: text/plain, Size: 11423 bytes --]
- Updated from version 36.0.2 to 38.0.1
- Update of rootfile
- Changelog
38.0.1 - 2022-09-07
Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically seen in large CRLs).
38.0.0 - 2022-09-06
Final deprecation of OpenSSL 1.1.0. The next release of cryptography will drop support.
We no longer ship many linux 2010 wheels. Users should upgrade to the latest pip to ensure this doesn’t cause issues downloading wheels on their platform. We now ship manylinux_2_28 wheels for users on new enough platforms.
Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0. Users with the latest pip will typically get a wheel and not need Rust installed, but check Installation for documentation on installing a newer rustc if required.
decrypt() and related methods now accept both str and bytes tokens.
Parsing CertificateSigningRequest restores the behavior of enforcing that the Extension critical field must be correctly encoded DER. See the issue for complete details.
Added two new OpenSSL functions to the bindings to support an upcoming pyOpenSSL release.
When parsing CertificateRevocationList and CertificateSigningRequest values, it is now enforced that the version value in the input must be valid according to the rules of RFC 2986 and RFC 5280.
Using MD5 or SHA1 in CertificateBuilder and other X.509 builders is deprecated and support will be removed in the next version.
Added additional APIs to SignedCertificateTimestamp, including signature_hash_algorithm, signature_algorithm, signature, and extension_bytes.
Added tbs_precertificate_bytes, allowing users to access the to-be-signed pre-certificate data needed for signed certificate timestamp verification.
KBKDFHMAC and KBKDFCMAC now support MiddleFixed counter location.
Fixed RFC 4514 name parsing to reverse the order of the RDNs according to the section 2.1 of the RFC, affecting method from_rfc4514_string().
It is now possible to customize some aspects of encryption when serializing private keys, using encryption_builder().
Removed several legacy symbols from our OpenSSL bindings. Users of pyOpenSSL versions older than 22.0 will need to upgrade.
Added AES128 and AES256 classes. These classes do not replace AES (which allows all AES key lengths), but are intended for applications where developers want to be explicit about key length.
37.0.4 - 2022-07-05
Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.5.
37.0.3 - 2022-06-21 (YANKED)¶
Attention
This release was subsequently yanked from PyPI due to a regression in OpenSSL.
Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.4.
37.0.2 - 2022-05-03
Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.3.
Added a constant needed for an upcoming pyOpenSSL release.
37.0.1 - 2022-04-27
Fixed an issue where parsing an encrypted private key with the public loader functions would hang waiting for console input on OpenSSL 3.0.x rather than raising an error.
Restored some legacy symbols for older pyOpenSSL users. These will be removed again in the future, so pyOpenSSL users should still upgrade to the latest version of that package when they upgrade cryptography.
37.0.0 - 2022-04-26
Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.2.
BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL 2.9.x and 3.0.x. The new minimum LibreSSL version is 3.1+.
BACKWARDS INCOMPATIBLE: Removed signer and verifier methods from the public key and private key classes. These methods were originally deprecated in version 2.0, but had an extended deprecation timeline due to usage. Any remaining users should transition to sign and verify.
Deprecated OpenSSL 1.1.0 support. OpenSSL 1.1.0 is no longer supported by the OpenSSL project. The next release of cryptography will be the last to support compiling with OpenSSL 1.1.0.
Deprecated Python 3.6 support. Python 3.6 is no longer supported by the Python core team. Support for Python 3.6 will be removed in a future cryptography release.
Deprecated the current minimum supported Rust version (MSRV) of 1.41.0. In the next release we will raise MSRV to 1.48.0. Users with the latest pip will typically get a wheel and not need Rust installed, but check Installation for documentation on installing a newer rustc if required.
Deprecated CAST5, SEED, IDEA, and Blowfish because they are legacy algorithms with extremely low usage. These will be removed in a future version of cryptography.
Added limited support for distinguished names containing a bit string.
We now ship universal2 wheels on macOS, which contain both arm64 and x86_64 architectures. Users on macOS should upgrade to the latest pip to ensure they can use this wheel, although we will continue to ship x86_64 specific wheels for now to ease the transition.
This will be the final release for which we ship manylinux2010 wheels. Going forward the minimum supported manylinux ABI for our wheels will be manylinux2014. The vast majority of users will continue to receive manylinux wheels provided they have an up to date pip. For PyPy wheels this release already requires manylinux2014 for compatibility with binaries distributed by upstream.
Added support for multiple OCSPSingleResponse in a OCSPResponse.
Restored support for signing certificates and other structures in X.509 with SHA3 hash algorithms.
TripleDES is disabled in FIPS mode.
Added support for serialization of PKCS#12 CA friendly names/aliases in serialize_key_and_certificates()
Added support for 12-15 byte (96 to 120 bit) nonces to AESOCB3. This class previously supported only 12 byte (96 bit).
Added support for AESSIV when using OpenSSL 3.0.0+.
Added support for serializing PKCS7 structures from a list of certificates with serialize_certificates.
Added support for parsing RFC 4514 strings with from_rfc4514_string().
Added AUTO to PSS. This can be used to verify a signature where the salt length is not already known.
Added DIGEST_LENGTH to PSS. This constant will set the salt length to the same length as the PSS hash algorithm.
Added support for loading RSA-PSS key types with load_pem_private_key() and load_der_private_key(). This functionality is limited to OpenSSL 1.1.1e+ and loads the key as a normal RSA private key, discarding the PSS constraint information.
Tested-by: Adolf Belka <adolf.belka(a)ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/packages/python3-cryptography | 17 ++++++++---------
lfs/python3-cryptography | 6 +++---
2 files changed, 11 insertions(+), 12 deletions(-)
diff --git a/config/rootfiles/packages/python3-cryptography b/config/rootfiles/packages/python3-cryptography
index a9ee32faf..b665c0a03 100644
--- a/config/rootfiles/packages/python3-cryptography
+++ b/config/rootfiles/packages/python3-cryptography
@@ -1,11 +1,11 @@
usr/lib/python3.10/site-packages/cryptography
-#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info
-#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info/PKG-INFO
-#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info/SOURCES.txt
-#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info/dependency_links.txt
-#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info/not-zip-safe
-#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info/requires.txt
-#usr/lib/python3.10/site-packages/cryptography-36.0.2-py3.10.egg-info/top_level.txt
+#usr/lib/python3.10/site-packages/cryptography-38.0.1-py3.10.egg-info
+#usr/lib/python3.10/site-packages/cryptography-38.0.1-py3.10.egg-info/PKG-INFO
+#usr/lib/python3.10/site-packages/cryptography-38.0.1-py3.10.egg-info/SOURCES.txt
+#usr/lib/python3.10/site-packages/cryptography-38.0.1-py3.10.egg-info/dependency_links.txt
+#usr/lib/python3.10/site-packages/cryptography-38.0.1-py3.10.egg-info/not-zip-safe
+#usr/lib/python3.10/site-packages/cryptography-38.0.1-py3.10.egg-info/requires.txt
+#usr/lib/python3.10/site-packages/cryptography-38.0.1-py3.10.egg-info/top_level.txt
usr/lib/python3.10/site-packages/cryptography/__about__.py
usr/lib/python3.10/site-packages/cryptography/__init__.py
usr/lib/python3.10/site-packages/cryptography/exceptions.py
@@ -15,7 +15,6 @@ usr/lib/python3.10/site-packages/cryptography/hazmat/__init__.py
usr/lib/python3.10/site-packages/cryptography/hazmat/_oid.py
usr/lib/python3.10/site-packages/cryptography/hazmat/backends
usr/lib/python3.10/site-packages/cryptography/hazmat/backends/__init__.py
-usr/lib/python3.10/site-packages/cryptography/hazmat/backends/interfaces.py
usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl
usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/__init__.py
usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/aead.py
@@ -28,7 +27,6 @@ usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/dsa.py
usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/ec.py
usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/ed25519.py
usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/ed448.py
-usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/encode_asn1.py
usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/hashes.py
usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/hmac.py
usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/poly1305.py
@@ -40,6 +38,7 @@ usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/x509.py
usr/lib/python3.10/site-packages/cryptography/hazmat/bindings
usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/__init__.py
usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/_openssl.abi3.so
+usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/_openssl.pyi
usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/_rust
usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/_rust.abi3.so
usr/lib/python3.10/site-packages/cryptography/hazmat/bindings/_rust/__init__.pyi
diff --git a/lfs/python3-cryptography b/lfs/python3-cryptography
index 77e5f06b0..f977ed14b 100644
--- a/lfs/python3-cryptography
+++ b/lfs/python3-cryptography
@@ -24,7 +24,7 @@
include Config
-VER = 36.0.2
+VER = 38.0.1
THISAPP = cryptography-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = python3-cryptography
-PAK_VER = 2
+PAK_VER = 3
DEPS = python3-cffi
@@ -46,7 +46,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = b34b994e44b1ccd099a56fba4a167d563a29652f86ab0f0000ef78b4093a15cbfb82a9cebecdcaf6bca782a5fdd20f6c7d2206d68a219626a9fe8ae13e9aec5e
+$(DL_FILE)_BLAKE2 = 40e17d43b72c35e77fab27efb66762e1d8002f9ba419220de68eb5ce957a31410cca821a40494e0963cc590a4e0c01c70e4076009022056a26d08d22ce859664
install : $(TARGET)
--
2.38.1
next prev parent reply other threads:[~2022-11-09 18:56 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-09 18:56 [PATCH 01/48] python3: Update to version 3.10.8 Adolf Belka
2022-11-09 18:56 ` [PATCH 02/48] make.sh: Addition, deletion and re-orderiong of packages for Python-3.10.8 Adolf Belka
2022-11-09 18:56 ` [PATCH 03/48] python3-Cython: Removal of this module from IPFire Adolf Belka
2022-11-09 18:56 ` [PATCH 04/48] python3-build: Update to version 0.8.0 and to work with python-3.10.8 Adolf Belka
2022-11-09 18:56 ` [PATCH 05/48] python3-daemon: Update to version 2.3.1 " Adolf Belka
2022-11-09 18:56 ` [PATCH 06/48] python3-pep517:Update to version 0.13.0 " Adolf Belka
2022-11-09 18:56 ` [PATCH 07/48] python3-setuptools-rust:Update to version 1.5.2 " Adolf Belka
2022-11-09 18:56 ` [PATCH 08/48] python3-setuptools-scm:Update to version 7.0.5 " Adolf Belka
2022-11-09 18:56 ` Adolf Belka [this message]
2022-11-09 18:56 ` [PATCH 10/48] rust-chrono:Update to version 0.4.22 required by python3-cryptography Adolf Belka
2022-11-09 18:56 ` [PATCH 11/48] rust-iana-time-zone: Required by updated rust-chrono Adolf Belka
2022-11-09 18:56 ` [PATCH 12/48] rust-asn1: Update to version 0.12.2 - required by python3-cryptography Adolf Belka
2022-11-09 18:56 ` [PATCH 13/48] rust-asn1_derive:Update " Adolf Belka
2022-11-09 18:57 ` [PATCH 14/48] rust-ouroboros:Update to version 0.15.5 " Adolf Belka
2022-11-09 18:57 ` [PATCH 15/48] rust-ouroboros_macro:Update " Adolf Belka
2022-11-09 18:57 ` [PATCH 16/48] rust-pem:Update to version 1.1.0 " Adolf Belka
2022-11-09 18:57 ` [PATCH 17/48] rust-pyo3:Update to version 0.15.2 " Adolf Belka
2022-11-09 18:57 ` [PATCH 18/48] rust-pyo3-macros:Update " Adolf Belka
2022-11-09 18:57 ` [PATCH 19/48] rust-pyo3-macros-backend:Update " Adolf Belka
2022-11-09 18:57 ` [PATCH 20/48] rust-pyo3-build-config:Update " Adolf Belka
2022-11-09 18:57 ` [PATCH 21/48] python3-arrow:Update to version 1.2.3 and to work with python-3.10.8 Adolf Belka
2022-11-09 18:57 ` [PATCH 22/48] python3-attrs:Update to version 22.1.0 " Adolf Belka
2022-11-09 18:57 ` [PATCH 23/48] python3-botocore:Update to version 1.27.89 " Adolf Belka
2022-11-09 18:57 ` [PATCH 24/48] python3-certifi:Update to version 2022.9.4 " Adolf Belka
2022-11-09 18:57 ` [PATCH 25/48] python3-cffi:Update to version 1.15.1 " Adolf Belka
2022-11-09 18:57 ` [PATCH 26/48] python3-charset-normalizer:Update to version 2.1.1 " Adolf Belka
2022-11-09 18:57 ` [PATCH 27/48] python3-circuitbreaker:Update to version 1.4.0 " Adolf Belka
2022-11-09 18:57 ` [PATCH 28/48] python3-click:Update to version 8.1.3 " Adolf Belka
2022-11-09 18:57 ` [PATCH 29/48] python3-colorama:Update to version 0.4.5 " Adolf Belka
2022-11-09 18:57 ` [PATCH 30/48] python3-docutils:Update to version 0.19 " Adolf Belka
2022-11-09 18:57 ` [PATCH 31/48] python3-idna:Update to version 3.4 " Adolf Belka
2022-11-09 18:57 ` [PATCH 32/48] python3-jmespath:Update to version 1.0.1 " Adolf Belka
2022-11-09 18:57 ` [PATCH 33/48] python3-msgpack:Update to version 1.0.4 " Adolf Belka
2022-11-09 18:57 ` [PATCH 34/48] python3-pyfuse3:Update to version 3.2.2 " Adolf Belka
2022-11-09 18:57 ` [PATCH 35/48] python3-pyparsing:Update to version 3.0.9 " Adolf Belka
2022-11-09 18:57 ` [PATCH 36/48] python3-pytz:Update to version 2022.4 " Adolf Belka
2022-11-09 18:57 ` [PATCH 37/48] python3-requests:Update to version 2.28.1 " Adolf Belka
2022-11-09 18:57 ` [PATCH 38/48] python3-rsa:Update to version 4.9 " Adolf Belka
2022-11-09 18:57 ` [PATCH 39/48] python3-s3transfer:Update to version 0.6.0 " Adolf Belka
2022-11-09 18:57 ` [PATCH 40/48] python3-semantic_version:Update to version 2.10.0 " Adolf Belka
2022-11-09 18:57 ` [PATCH 41/48] python3-setuptools:Update to version 65.4.1 " Adolf Belka
2022-11-09 18:57 ` [PATCH 42/48] python3-sniffio:Update to version 1.3.0 " Adolf Belka
2022-11-09 18:57 ` [PATCH 43/48] python3-trio:Update to version 0.22.0 " Adolf Belka
2022-11-09 18:57 ` [PATCH 44/48] python3-typing_extensions:Update to version 4.4.0 " Adolf Belka
2022-11-09 18:57 ` [PATCH 45/48] python3-urllib3:Update to version 1.26.12 " Adolf Belka
2022-11-09 18:57 ` [PATCH 46/48] python3-flit:Modify lfs " Adolf Belka
2022-11-09 18:57 ` [PATCH 47/48] libplist: Update rootfile for operation " Adolf Belka
2022-11-09 18:57 ` [PATCH 48/48] iotop: Modified rootfile " Adolf Belka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221109185734.3920-9-adolf.belka@ipfire.org \
--to=adolf.belka@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox