PyCA cryptography 1.6 has been released to PyPI. cryptography is a package which provides cryptographic recipes and primitives to Python developers. Our goal is for it to be your "cryptographic standard library". We support Python 2.6-2.7, Python 3.3+, and PyPy.
* Deprecated support for OpenSSL 1.0.0. Support will be removed in cryptography 1.7. * Replaced the Python-based OpenSSL locking callbacks with a C version to fix a potential deadlock that could occur if a garbage collection cycle occurred while inside the lock. * Added support for BLAKE2b and BLAKE2s when using OpenSSL 1.1.0. * Added signature_algorithm_oid support to Certificate. * Added signature_algorithm_oid support to CertificateSigningRequest. * Added signature_algorithm_oid support to CertificateRevocationList. * Added support for Scrypt when using OpenSSL 1.1.0. * Added a workaround to improve compatibility with Python application bundling tools like PyInstaller and cx_freeze. * Added support for generating a random_serial_number(). * Added support for encoding IPv4Network and IPv6Network in X.509 certificates for use with NameConstraints. * Added public_bytes() to Name. * Added RelativeDistinguishedName * DistributionPoint now accepts RelativeDistinguishedName for relative_name. Deprecated use of Name as relative_name. * Name now accepts an iterable of RelativeDistinguishedName. RDNs can be accessed via the rdns attribute. When constructed with an iterable of NameAttribute, each attribute becomes a single-valued RDN. * Added derive_private_key(). * Added support for signing and verifying RSA, DSA, and ECDSA signatures with Prehashed digests.
Due to the volume of changes in this release the switch to bundling OpenSSL 1.1.0 in the macOS and Windows wheels has been pushed back to version 1.8. 1.7 is tentatively planned to be out in the next 2-3 weeks with some large features that didn't make the cut for this release.
-Paul Kehrer (reaperhulk)