aci-learning-labs-code-samples

aci-learning-labs-code-samples copied to clipboard

Sourced from cryptography's changelog.

2.3 - 2018-07-18

* **SECURITY ISSUE:**
  :meth:`~cryptography.hazmat.primitives.ciphers.AEADDecryptionContext.finalize_with_tag`
  allowed tag truncation by default which can allow tag forgery in some cases.
  The method now enforces the ``min_tag_length`` provided to the
  :class:`~cryptography.hazmat.primitives.ciphers.modes.GCM` constructor.
  *CVE-2018-10903*
* Added support for Python 3.7.
* Added :meth:`~cryptography.fernet.Fernet.extract_timestamp` to get the
  authenticated timestamp of a :doc:`Fernet </fernet>` token.
* Support for Python 2.7.x without ``hmac.compare_digest`` has been deprecated.
  We will require Python 2.7.7 or higher (or 2.7.6 on Ubuntu) in the next
  ``cryptography`` release.
* Fixed multiple issues preventing ``cryptography`` from compiling against
  LibreSSL 2.7.x.
* Added
  :class:`~cryptography.x509.CertificateRevocationList.get_revoked_certificate_by_serial_number`
  for quick serial number searches in CRLs.
* The :class:`~cryptography.x509.RelativeDistinguishedName` class now
  preserves the order of attributes. Duplicate attributes now raise an error
  instead of silently discarding duplicates.
* :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap` and
  :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding`
  now raise :class:`~cryptography.hazmat.primitives.keywrap.InvalidUnwrap` if
  the wrapped key is an invalid length, instead of ``ValueError``.

.. _v2-2-2:

2.2.2 - 2018-03-27

• Updated Windows, macOS, and manylinux1 wheels to be compiled with OpenSSL 1.1.0h.

.. _v2-2-1:

2.2.1 - 2018-03-20

* Reverted a change to ``GeneralNames`` which prohibited having zero elements,
  due to breakages.
* Fixed a bug in
  :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding`
  that caused it to raise ``InvalidUnwrap`` when key length modulo 8 was
  zero.


.. _v2-2:
</tr></table> ... (truncated)

• 0a846e2 bump version and changelog for 2.3 release (#4356)
• feb1345 Refs #3331 -- integrated wycheproof ECDH tests (#4354)
• dfb332d improve skip msg when skipping an ECDH test in test_ec (#4355)
• 4de0049 add wycheproof gcm tests (#4349)
• c563b57 min_tag_length is an int (#4351)
• db62ec9 also check iv length for GCM nonce in AEAD (#4350)
• 12a1cac raise ValueError on zero length GCM IV (#4348)
• 7ca0e46 add chacha20poly1305 wycheproof tests (#4345)
• 14faf3c add wycheproof tests for AES CMAC (#4344)
• d4378e4 disallow implicit tag truncation with finalize_with_tag (#4342)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.