PyCA cryptography 3.2 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, asymmetric algorithms, message digests, X509, key derivation functions, and much more. We support Python 2.7, Python 3.5+, and PyPy. Changelog (https://cryptography.io/en/latest/changelog/): * SECURITY ISSUE: Attempted to make RSA PKCS#1v1.5 decryption more constant time, to protect against Bleichenbacher vulnerabilities. Due to limitations imposed by our API, we cannot completely mitigate this vulnerability and a future release will contain a new API which is designed to be resilient to these for contexts where it is required. Credit to Hubert Kario for reporting the issue. CVE-2020-25659 * Support for OpenSSL 1.0.2 has been removed. Users on older versions of OpenSSL will need to upgrade. * Added basic support for PKCS7 signing (including SMIME) via PKCS7SignatureBuilder. -Paul Kehrer (reaperhulk)
participants (1)
-
Paul Kehrer