PyCA cryptography 2.5 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, asymmetric algorithms, message digests, X509, key derivation functions, and much more. We support Python 2.7, Python 3.4+, and PyPy. Changelog (https://cryptography.io/en/latest/changelog/#v2-5): * BACKWARDS INCOMPATIBLE: U-label strings were deprecated in version 2.1, but this version removes the default idna dependency as well. If you still need this deprecated path please install cryptography with the idna extra: pip install cryptography[idna]. * BACKWARDS INCOMPATIBLE: The minimum supported PyPy version is now 5.4. * Numerous classes and functions have been updated to allow bytes-like types for keying material and passwords, including symmetric algorithms, AEAD ciphers, KDFs, loading asymmetric keys, and one time password classes. * Updated Windows, macOS, and manylinux1 wheels to be compiled with OpenSSL 1.1.1a. * Added support for SHA512_224 and SHA512_256 when using OpenSSL 1.1.1. * Added support for SHA3_224, SHA3_256, SHA3_384, and SHA3_512 when using OpenSSL 1.1.1. * Added support for X448 key exchange when using OpenSSL 1.1.1. * Added support for SHAKE128 and SHAKE256 when using OpenSSL 1.1.1. * Added initial support for parsing PKCS12 files with load_key_and_certificates(). * Added support for IssuingDistributionPoint. * Added rfc4514_string() method to x509.Name, x509.RelativeDistinguishedName, and x509.NameAttribute to format the name or component an RFC 4514 Distinguished Name string. * Added from_encoded_point(), which immediately checks if the point is on the curve and supports compressed points. Deprecated the previous method from_encoded_point(). * Added signature_hash_algorithm to OCSPResponse. * Updated X25519 key exchange support to allow additional serialization methods. Calling public_bytes() with no arguments has been deprecated. * Added support for encoding compressed and uncompressed points via public_bytes(). Deprecated the previous method encode_point(). -Paul Kehrer (reaperhulk)