Rocksolid Light

Welcome to Rocksolid Light

mail  files  register  newsreader  groups  login

Message-ID:  

"Here comes Mr. Bill's dog." -- Narrator, Saturday Night Live

devel / comp.lang.python.announce / [Python-announce] PyCA cryptography 42.0.0 released

SubjectAuthor
o [Python-announce] PyCA cryptography 42.0.0 releasedPaul Kehrer

1
[Python-announce] PyCA cryptography 42.0.0 released

<CABj5TKS0hf-ozdyJQmyMhxfNF37+ya8vR6Q_EweGG_aC8mhOUA@mail.gmail.com>

  copy mid

https://news.novabbs.org/devel/article-flat.php?id=1371&group=comp.lang.python.announce#1371

  copy link   Newsgroups: comp.lang.python.announce
Path: i2pn2.org!i2pn.org!news.neodome.net!fu-berlin.de!uni-berlin.de!not-for-mail
From: paul.l.kehrer@gmail.com (Paul Kehrer)
Newsgroups: comp.lang.python.announce
Subject: [Python-announce] PyCA cryptography 42.0.0 released
Date: Mon, 22 Jan 2024 19:41:31 -0600
Lines: 52
Approved: python-announce-list@python.org
Message-ID: <CABj5TKS0hf-ozdyJQmyMhxfNF37+ya8vR6Q_EweGG_aC8mhOUA@mail.gmail.com>
Reply-To: python-list@python.org
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Trace: news.uni-berlin.de DHT4S4Pv4+jVKHT1FfLVEgRLSTGwHAIUam5uUDsGlpLQ==
Cancel-Lock: sha1:Fp2vESQewcWzckMin+M5/gwyOM0= sha256:l/KMqXU1jbdVnKF7tt5Vdbm0RjTEyvMiirBR6BpXI/o=
Authentication-Results: mail.python.org; dkim=pass
reason="2048-bit key; unprotected key"
header.d=gmail.com header.i=@gmail.com header.b=khD52ehw;
dkim-adsp=pass; dkim-atps=neutral
X-Spam-Status: OK 0.028
X-Spam-Evidence: '*H*': 0.94; '*S*': 0.00; 'argument': 0.04;
'windows,': 0.05; 'certificates': 0.07; 'datetime': 0.09;
'interfaces': 0.09; 'linux': 0.09; 'macos,': 0.09; 'properties':
0.09; 'to:addr:python-announce-list': 0.09; 'supported': 0.15;
'3.7.': 0.16; 'algorithms': 0.16; 'algorithms,': 0.16; 'apis':
0.16; 'compiled': 0.16; 'cryptography': 0.16; 'digests,': 0.16;
'exception.': 0.16; 'functions,': 0.16; 'guarantees': 0.16;
'objects.': 0.16; 'objects:': 0.16; 'parsing': 0.16; 'pypi.':
0.16; 'received:mail-ot1-x32a.google.com': 0.16; 'symmetric':
0.16; 'url:latest': 0.16; 'values,': 0.16; 'python': 0.16; 'to:no
real name:2**1': 0.22; 'version': 0.23; 'certificate': 0.26;
'signing': 0.26; 'requests': 0.28; 'sfxlen:2': 0.31; 'module':
0.31; 'raise': 0.31; 'dropped': 0.32; 'empty': 0.32; 'negative':
0.32; 'resolve': 0.32; 'message-id:@mail.gmail.com': 0.32; 'path':
0.33; 'release': 0.34; 'received:google.com': 0.34; 'url-
ip:104.17/16': 0.35; 'following': 0.35; 'from:addr:gmail.com':
0.35; 'request': 0.35; 'errors': 0.36; 'lists': 0.37; 'using':
0.37; 'added': 0.39; 'mentioned': 0.39; 'list': 0.39; 'methods':
0.39; 'both': 0.40; 'should': 0.40; 'critical': 0.62; 'subject':
0.63; 'our': 0.64; 'key': 0.64; 'skip:r 20': 0.64; 'validation':
0.64; 'process.': 0.65; 'per': 0.68; 'obtaining': 0.69; 'times':
0.69; 'longer': 0.71; 'future': 0.72; 'content': 0.72; 'low':
0.74; 'released': 0.75; 'documented': 0.76; 'favor': 0.76;
'signature': 0.76; 'field': 0.78; 'more.': 0.82; 'publish': 0.84;
'3.0': 0.84; 'backwards': 0.84; 'permits': 0.84; 'signatures':
0.84; 'stability': 0.84; 'wheels': 0.84; 'property': 0.88
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1705974104; x=1706578904; darn=python.org;
h=content-transfer-encoding:to:subject:message-id:date:from
:mime-version:from:to:cc:subject:date:message-id:reply-to;
bh=aH2IChDtbNYnUWp7aHZRKTh5/1vzjQx202NLKybnMP0=;
b=khD52ehw3qba+eGHtMONeD17oLGWchCY0zM2RIWmindBEbFewVxGFbRpw/jK0+LQpF
qmYdXdqYuajRtk5duOJBgfOS+zbhIC/wUnw4NIaPZJ+DOFe/qJisKq/5mbbtE2lHenjS
0Oh3970i5P6M9/pIy0KwnaQ97UuBro+3FU/JaOc3/g+7iA9H2kSyWGopaNXMN/YH4Rm1
T9KTVB3CXxupPC1OLkdQUtTkGkWQhgZfcpfR6MaK+uMtpAsr+VwuwLJCAAW160Q1GkOU
g/mQMNJPsFHaMKRqEJwodFYj+AClF0FojdrExg5GF8KC54UCY4LwU98+00CtRA1YLkw5
CcMQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1705974104; x=1706578904;
h=content-transfer-encoding:to:subject:message-id:date:from
:mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=aH2IChDtbNYnUWp7aHZRKTh5/1vzjQx202NLKybnMP0=;
b=X26Y8sOq2EC0RwNsEzeRVQiSq/W/KG9/XX6lg2FNhTKUEtJmpB5/8ECSdX/AmgjE0Y
Y3RPTxbIImyRCjnImU68csmGeSDDcgtBi4JQ3Bt2S+Wo6R5VmjZKR+TMQNKns/LiU8AC
ZhZ13JeeT4onqPiWxAjfFcpZNvHYGiU4ldUAJUi+zJ9P244xanbFTj8sXoTmJr/wwjn+
F6i5GJcl4oMhgC16ImcXiJ6H482lAw3k2lkGJqB7uvLaMzoMIQIsyNgYCxf8gwDt3ct/
O7cBT3lEaau2i/cKCEbPJkvr21Vcksxi1uRxDOCN17jbl9gc71/CTN+yS3kDHGktwAoK
YVEg==
X-Gm-Message-State: AOJu0Yy8H1yowuRcs5eDJnRI3jEx184vFxRRi3YiJfK7gPmpHK1zM9pg
5yWvav6LzeeAPR4gCUDYFpm6FtfLh+L8JmUgkRtCynIXyV6AoH565yy14R6DRaXBCQ6RXNKl5zs
toCmUsQ8Fpz5kJqx30p7g5cJdr1EOIwaqhdM=
X-Google-Smtp-Source: AGHT+IHS21I84HrTAl6s7ia2dPQRTrifTno15geTKA6kxWKOowsmSZDndVBeop1Ltn7OthO5RLAkA7A9xz8zOdyBM4w=
X-Received: by 2002:a05:6358:9499:b0:175:e1fd:11dc with SMTP id
i25-20020a056358949900b00175e1fd11dcmr5958292rwb.55.1705974104197; Mon, 22
Jan 2024 17:41:44 -0800 (PST)
X-MailFrom: paul.l.kehrer@gmail.com
X-Mailman-Rule-Hits: emergency
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved
Message-ID-Hash: 3E5JIT7GQBKZ3536OP6PEYQ3I34YCU2Z
X-Message-ID-Hash: 3E5JIT7GQBKZ3536OP6PEYQ3I34YCU2Z
X-Mailman-Approved-At: Mon, 22 Jan 2024 21:14:16 -0500
X-Mailman-Version: 3.3.10b1
Precedence: list
List-Id: Announcement-only list for the Python programming language <python-announce-list.python.org>
Archived-At: <https://mail.python.org/archives/list/python-announce-list@python.org/message/3E5JIT7GQBKZ3536OP6PEYQ3I34YCU2Z/>
List-Archive: <https://mail.python.org/archives/list/python-announce-list@python.org/>
List-Help: <mailto:python-announce-list-request@python.org?subject=help>
List-Owner: <mailto:python-announce-list-owner@python.org>
List-Post: <mailto:python-announce-list@python.org>
List-Subscribe: <mailto:python-announce-list-join@python.org>
List-Unsubscribe: <mailto:python-announce-list-leave@python.org>
 by: Paul Kehrer - Tue, 23 Jan 2024 01:41 UTC

PyCA cryptography 42.0.0 has been released to PyPI. cryptography
includes both high level recipes and low level interfaces to common
cryptographic algorithms such as symmetric ciphers, asymmetric
algorithms, message digests, X509, key derivation functions, and much
more. We support Python 3.7+, and PyPy3 7.3.10+.

Changelog (https://cryptography.io/en/latest/changelog/#v42-0-0):
* BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.7.
* BACKWARDS INCOMPATIBLE: Loading a PKCS7 with no content field using
load_pem_pkcs7_certificates() or load_der_pkcs7_certificates() will
now raise a ValueError rather than return an empty list.
* Parsing SSH certificates no longer permits malformed critical
options with values, as documented in the 41.0.2 release notes.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0.
* Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0.
* We now publish both py37 and py39 abi3 wheels. This should resolve
some errors relating to initializing a module multiple times per
process.
* Support PSS for X.509 certificate signing requests and certificate
revocation lists with the keyword-only argument rsa_padding on the
sign methods for CertificateSigningRequestBuilder and
CertificateRevocationListBuilder.
* Added support for obtaining X.509 certificate signing request
signature algorithm parameters (including PSS) via
signature_algorithm_parameters().
* Added support for obtaining X.509 certificate revocation list
signature algorithm parameters (including PSS) via
signature_algorithm_parameters().
* Added mgf property to PSS.
* Added algorithm and mgf properties to OAEP.
* Added the following properties that return timezone-aware datetime
objects: not_valid_before_utc(), not_valid_after_utc(),
revocation_date_utc(), next_update_utc(), last_update_utc(). These are
timezone-aware variants of existing properties that return naïve
datetime objects.
* Deprecated the following properties that return naïve datetime
objects: not_valid_before(), not_valid_after(), revocation_date(),
next_update(), last_update() in favor of the new timezone-aware
variants mentioned above.
* Added support for ChaCha20 on LibreSSL.
* Added support for RSA PSS signatures in PKCS7 with add_signer().
* In the next release (43.0.0) of cryptography, loading an X.509
certificate with a negative serial number will raise an exception.
This has been deprecated since 36.0.0.
* Added support for AESGCMSIV when using OpenSSL 3.2.0+.
* Added the X.509 path validation APIs for Certificate chains. These
APIs should be considered unstable and not subject to our stability
guarantees until documented as such in a future release.
* Added support for SM4 GCM when using OpenSSL 3.0 or greater.

-Paul Kehrer (reaperhulk)

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor