Update cryptography to 46.0.6

[pyup-bot]

This PR updates cryptography from 36.0.1 to 46.0.6.

Changelog

46.0.6

~~~~~~~~~~~~~~~~~~~

* **SECURITY ISSUE**: Fixed a bug where name constraints were not applied
to peer names during verification when the leaf certificate contains a
wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug,
including those used by the Web PKI. Credit to **Oleh Konko (1seal)** for
reporting the issue. **CVE-2026-34073**

.. _v46-0-5:

46.0.5

~~~~~~~~~~~~~~~~~~~

* An attacker could create a malicious public key that reveals portions of your
private key when using certain uncommon elliptic curves (binary curves).
This version now includes additional security checks to prevent this attack.
This issue only affects binary elliptic curves, which are rarely used in
real-world applications. Credit to **XlabAI Team of Tencent Xuanwu Lab and
Atuin Automated Vulnerability Discovery Engine** for reporting the issue.
**CVE-2026-26007**
* Support for ``SECT*`` binary elliptic curves is deprecated and will be
removed in the next release.

.. v46-0-4:

46.0.4

~~~~~~~~~~~~~~~~~~~

* `Dropped support for win_arm64 wheels`_.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.5.

.. _v46-0-3:

46.0.3

~~~~~~~~~~~~~~~~~~~

* Fixed compilation when using LibreSSL 4.2.0.

.. _v46-0-2:

46.0.2

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.4.

.. _v46-0-1:

46.0.1

~~~~~~~~~~~~~~~~~~~

* Fixed an issue where users installing via ``pip`` on Python 3.14 development
versions would not properly install a dependency.
* Fixed an issue building the free-threaded macOS 3.14 wheels.

.. _v46-0-0:

46.0.0

~~~~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** Support for Python 3.7 has been removed.
* Support for OpenSSL < 3.0 is deprecated and will be removed in the next
release.
* Support for ``x86_64`` macOS (including publishing wheels) is deprecated
and will be removed in two releases. We will switch to publishing an
``arm64`` only wheel for macOS.
* Support for 32-bit Windows (including publishing wheels) is deprecated
and will be removed in two releases. Users should move to a 64-bit
Python installation.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.3.
* We now build ``ppc64le`` ``manylinux`` wheels and publish them to PyPI.
* We now build ``win_arm64`` (Windows on Arm) wheels and publish them to PyPI.
* Added support for free-threaded Python 3.14.
* Removed the deprecated ``get_attribute_for_oid`` method on
:class:`~cryptography.x509.CertificateSigningRequest`. Users should use
:meth:`~cryptography.x509.Attributes.get_attribute_for_oid` instead.
* Removed the deprecated ``CAST5``, ``SEED``, ``IDEA``, and ``Blowfish``
classes from the cipher module. These are still available in
:doc:`/hazmat/decrepit/index`.
* In X.509, when performing a PSS signature with a SHA-3 hash, it is now
encoded with the official NIST SHA3 OID.

.. _v45-0-7:

45.0.7

~~~~~~~~~~~~~~~~~~~

* Added a function to support an upcoming ``pyOpenSSL`` release.

.. _v45-0-6:

45.0.6

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.2.

.. _v45-0-5:

45.0.5

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.1.

.. _v45-0-4:

45.0.4

~~~~~~~~~~~~~~~~~~~

* Fixed decrypting PKCS8 files encrypted with SHA1-RC4. (This is not
considered secure, and is supported only for backwards compatibility.)

.. _v45-0-3:

45.0.3

~~~~~~~~~~~~~~~~~~~

* Fixed decrypting PKCS8 files encrypted with long salts (this impacts keys
encrypted by Bouncy Castle).
* Fixed decrypting PKCS8 files encrypted with DES-CBC-MD5. While wildly
insecure, this remains prevalent.

.. _v45-0-2:

45.0.2

~~~~~~~~~~~~~~~~~~~

* Fixed using ``mypy`` with ``cryptography`` on older versions of Python.

.. _v45-0-1:

45.0.1

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.0.

.. _v45-0-0:

45.0.0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~

* Support for Python 3.7 is deprecated and will be removed in the next
``cryptography`` release.
* Updated the minimum supported Rust version (MSRV) to 1.74.0, from 1.65.0.
* Added support for serialization of PKCS12 Java truststores in
:func:`~cryptography.hazmat.primitives.serialization.pkcs12.serialize_java_truststore`
* Added :meth:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id.derive_phc_encoded` and
:meth:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id.verify_phc_encoded` methods
to support password hashing in the PHC string format
* Added support for PKCS7 decryption and encryption using AES-256 as the
content algorithm, in addition to AES-128.
* **BACKWARDS INCOMPATIBLE:** Made SSH private key loading more consistent with
other private key loading:
:func:`~cryptography.hazmat.primitives.serialization.load_ssh_private_key`
now raises a ``TypeError`` if the key is unencrypted but a password is
provided (previously no exception was raised), and raises a ``TypeError`` if
the key is encrypted but no password is provided (previously a ``ValueError``
was raised).
* Added ``__copy__`` to the
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.ed448.Ed448PublicKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.ed448.Ed448PrivateKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PublicKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PrivateKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.x448.X448PublicKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.x448.X448PrivateKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`,
:class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey`, and
:class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPublicKey`
abstract base classes.
* We significantly refactored how private key loading (
:func:`~cryptography.hazmat.primitives.serialization.load_pem_private_key`
and
:func:`~cryptography.hazmat.primitives.serialization.load_der_private_key`)
works. This is intended to be backwards compatible for all well-formed keys,
therefore if you discover a key that now raises an exception, please file a
bug with instructions for reproducing.
* Added ``unsafe_skip_rsa_key_validation`` keyword-argument to
:func:`~cryptography.hazmat.primitives.serialization.load_ssh_private_key`.
* Added :class:`~cryptography.hazmat.primitives.hashes.XOFHash` to support
repeated :meth:`~cryptography.hazmat.primitives.hashes.XOFHash.squeeze`
operations on extendable output functions.
* Added
:meth:`~cryptography.x509.ocsp.OCSPResponseBuilder.add_response_by_hash`
method to allow creating OCSP responses using certificate hash values rather
than full certificates.
* Extended the :mod:`X.509 path validation <cryptography.x509.verification>` API to
support user-configured extension policies via the
:meth:`PolicyBuilder.extension_policies <cryptography.x509.verification.PolicyBuilder.extension_policies>` method.
* Deprecated the ``subject``, ``verification_time`` and ``max_chain_depth``
properties on :class:`~cryptography.x509.verification.ClientVerifier` and
:class:`~cryptography.x509.verification.ServerVerifier` in favor of a new ``policy`` property.
These properties will be removed in the next release of ``cryptography``.
* **BACKWARDS INCOMPATIBLE:** The
:meth:`VerifiedClient.subject <cryptography.x509.verification.VerifiedClient.subjects>`
property can now be `None` since a custom extension policy may allow certificates
without a Subject Alternative Name extension.
* Changed the behavior when the OpenSSL 3 legacy provider fails to load.
Instead of raising an exception, a warning is now emitted. The
``CRYPTOGRAPHY_OPENSSL_NO_LEGACY`` environment variable can still be used to
disable the legacy provider at runtime.
* Added support for the ``CRYPTOGRAPHY_BUILD_OPENSSL_NO_LEGACY`` environment
variable during build time, which prevents the library from ever attempting
to load the legacy provider.
* Added support for the :class:`~cryptography.x509.PrivateKeyUsagePeriod` X.509 extension.
This extension defines the period during which the private key corresponding
to the certificate's public key may be used.
* Added support for compiling against `aws-lc`_.
* Parsing X.509 structures now more strictly enforces that ``Name`` structures
do not have malformed ASN.1.
* We now publish ``py311`` wheels that utilize the faster ``pyo3::buffer::PyBuffer``
interface, resulting in significantly improved performance for operations
involving small buffers.
* Added :func:`~cryptography.hazmat.primitives.serialization.ssh_key_fingerprint`
for computing fingerprints of SSH public keys.
* Added support for deterministic ECDSA signing via the new keyword-only argument
``ecdsa_deterministic`` in :meth:`~cryptography.x509.CertificateBuilder.sign`,
:meth:`~cryptography.x509.CertificateRevocationListBuilder.sign`
and :meth:`~cryptography.x509.CertificateSigningRequestBuilder.sign`.

.. _v44-0-3:

44.0.3

~~~~~~~~~~~~~~~~~~~

* Fixed compilation when using LibreSSL 4.1.0.

.. _v44-0-2:

44.0.2

~~~~~~~~~~~~~~~~~~~

* We now build wheels for PyPy 3.11.

.. _v44-0-1:

44.0.1

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.
* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.
* We now build ``manylinux_2_34`` wheels and publish them to PyPI.

.. _v44-0-0:

44.0.0

~~~~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.9.
* Deprecated Python 3.7 support. Python 3.7 is no longer supported by the
Python core team. Support for Python 3.7 will be removed in a future
``cryptography`` release.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.
* macOS wheels are now built against the macOS 10.13 SDK. Users on older
versions of macOS should upgrade, or they will need to build
``cryptography`` themselves.
* Enforce the :rfc:`5280` requirement that extended key usage extensions must
not be empty.
* Added support for timestamp extraction to the
:class:`~cryptography.fernet.MultiFernet` class.
* Relax the Authority Key Identifier requirements on root CA certificates
during X.509 verification to allow fields permitted by :rfc:`5280` but
forbidden by the CA/Browser BRs.
* Added support for :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id`
when using OpenSSL 3.2.0+.
* Added support for the :class:`~cryptography.x509.Admissions` certificate extension.
* Added basic support for PKCS7 decryption (including S/MIME 3.2) via
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`,
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`, and
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.

.. _v43-0-3:

43.0.3

~~~~~~~~~~~~~~~~~~~

* Fixed release metadata for ``cryptography-vectors``

.. _v43-0-2:

43.0.2

~~~~~~~~~~~~~~~~~~~

* Fixed compilation when using LibreSSL 4.0.0.

.. _v43-0-1:

43.0.1

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.2.

.. _v43-0-0:

43.0.0

~~~~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** Support for OpenSSL less than 1.1.1e has been
removed.  Users on older version of OpenSSL will need to upgrade.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.8.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.1.
* Updated the minimum supported Rust version (MSRV) to 1.65.0, from 1.63.0.
* :func:`~cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key`
now enforces a minimum RSA key size of 1024-bit. Note that 1024-bit is still
considered insecure, users should generally use a key size of 2048-bits.
* :func:`~cryptography.hazmat.primitives.serialization.pkcs7.serialize_certificates`
now emits ASN.1 that more closely follows the recommendations in :rfc:`2315`.
* Added new :doc:`/hazmat/decrepit/index` module which contains outdated and
insecure cryptographic primitives.
``CAST5``, ``SEED``, ``IDEA``, and ``Blowfish``, which were
deprecated in 37.0.0, have been added to this module. They will be removed
from the ``cipher`` module in 45.0.0.
* Moved :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES`
and :class:`~cryptography.hazmat.primitives.ciphers.algorithms.ARC4` into
:doc:`/hazmat/decrepit/index` and deprecated them in the ``cipher`` module.
They will be removed from the ``cipher`` module in 48.0.0.
* Added support for deterministic
:class:`~cryptography.hazmat.primitives.asymmetric.ec.ECDSA` (:rfc:`6979`)
* Added support for client certificate verification to the
:mod:`X.509 path validation <cryptography.x509.verification>` APIs in the
form of :class:`~cryptography.x509.verification.ClientVerifier`,
:class:`~cryptography.x509.verification.VerifiedClient`, and
``PolicyBuilder``
:meth:`~cryptography.x509.verification.PolicyBuilder.build_client_verifier`.
* Added Certificate
:attr:`~cryptography.x509.Certificate.public_key_algorithm_oid`
and Certificate Signing Request
:attr:`~cryptography.x509.CertificateSigningRequest.public_key_algorithm_oid`
to determine the :class:`~cryptography.hazmat._oid.PublicKeyAlgorithmOID`
Object Identifier of the public key found inside the certificate.
* Added :attr:`~cryptography.x509.InvalidityDate.invalidity_date_utc`, a
timezone-aware alternative to the naïve ``datetime`` attribute
:attr:`~cryptography.x509.InvalidityDate.invalidity_date`.
* Added support for parsing empty DN string in
:meth:`~cryptography.x509.Name.from_rfc4514_string`.
* Added the following properties that return timezone-aware ``datetime`` objects:
:meth:`~cryptography.x509.ocsp.OCSPResponse.produced_at_utc`,
:meth:`~cryptography.x509.ocsp.OCSPResponse.revocation_time_utc`,
:meth:`~cryptography.x509.ocsp.OCSPResponse.this_update_utc`,
:meth:`~cryptography.x509.ocsp.OCSPResponse.next_update_utc`,
:meth:`~cryptography.x509.ocsp.OCSPSingleResponse.revocation_time_utc`,
:meth:`~cryptography.x509.ocsp.OCSPSingleResponse.this_update_utc`,
:meth:`~cryptography.x509.ocsp.OCSPSingleResponse.next_update_utc`,
These are timezone-aware variants of existing properties that return naïve
``datetime`` objects.
* Added
:func:`~cryptography.hazmat.primitives.asymmetric.rsa.rsa_recover_private_exponent`
* Added :meth:`~cryptography.hazmat.primitives.ciphers.CipherContext.reset_nonce`
for altering the ``nonce`` of a cipher context without initializing a new
instance. See the docs for additional restrictions.
* :class:`~cryptography.x509.NameAttribute` now raises an exception when
attempting to create a common name whose length is shorter or longer than
:rfc:`5280` permits.
* Added basic support for PKCS7 encryption (including SMIME) via
:class:`~cryptography.hazmat.primitives.serialization.pkcs7.PKCS7EnvelopeBuilder`.

.. _v42-0-8:

42.0.8

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.2.

.. _v42-0-7:

42.0.7

~~~~~~~~~~~~~~~~~~~

* Restored Windows 7 compatibility for our pre-built wheels. Note that we do
not test on Windows 7 and wheels for our next release will not support it.
Microsoft no longer provides support for Windows 7 and users are encouraged
to upgrade.

.. _v42-0-6:

42.0.6

~~~~~~~~~~~~~~~~~~~

* Fixed compilation when using LibreSSL 3.9.1.

.. _v42-0-5:

42.0.5

~~~~~~~~~~~~~~~~~~~

* Limit the number of name constraint checks that will be performed in
:mod:`X.509 path validation <cryptography.x509.verification>` to protect
against denial of service attacks.
* Upgrade ``pyo3`` version, which fixes building on PowerPC.

.. _v42-0-4:

42.0.4

~~~~~~~~~~~~~~~~~~~

* Fixed a null-pointer-dereference and segfault that could occur when creating
a PKCS12 bundle. Credit to **Alexander-Programming** for reporting the
issue. **CVE-2024-26130**
* Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields ``SMIMECapabilities``
and ``SignatureAlgorithmIdentifier`` should now be correctly encoded according to the
definitions in :rfc:`2633` :rfc:`3370`.

.. _v42-0-3:

42.0.3

~~~~~~~~~~~~~~~~~~~

* Fixed an initialization issue that caused key loading failures for some
users.

.. _v42-0-2:

42.0.2

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.1.
* Fixed an issue that prevented the use of Python buffer protocol objects in
``sign`` and ``verify`` methods on asymmetric keys.
* Fixed an issue with incorrect keyword-argument naming with ``EllipticCurvePrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.exchange`,
``X25519PrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PrivateKey.exchange`,
``X448PrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.x448.X448PrivateKey.exchange`,
and ``DHPrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey.exchange`.

.. _v42-0-1:

42.0.1

~~~~~~~~~~~~~~~~~~~

* Fixed an issue with incorrect keyword-argument naming with ``EllipticCurvePrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign`.
* Resolved compatibility issue with loading certain RSA public keys in
:func:`~cryptography.hazmat.primitives.serialization.load_pem_public_key`.

.. _v42-0-0:

42.0.0

~~~~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.7.
* **BACKWARDS INCOMPATIBLE:** Loading a PKCS7 with no content field using
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certificates`
or
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certificates`
will now raise a ``ValueError`` rather than return an empty list.
* Parsing SSH certificates no longer permits malformed critical options with
values, as documented in the 41.0.2 release notes.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0.
* Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0.
* We now publish both ``py37`` and ``py39`` ``abi3`` wheels. This should
resolve some errors relating to initializing a module multiple times per
process.
* Support :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS` for
X.509 certificate signing requests and certificate revocation lists with the
keyword-only argument ``rsa_padding`` on the ``sign`` methods for
:class:`~cryptography.x509.CertificateSigningRequestBuilder` and
:class:`~cryptography.x509.CertificateRevocationListBuilder`.
* Added support for obtaining X.509 certificate signing request signature
algorithm parameters (including PSS) via
:meth:`~cryptography.x509.CertificateSigningRequest.signature_algorithm_parameters`.
* Added support for obtaining X.509 certificate revocation list signature
algorithm parameters (including PSS) via
:meth:`~cryptography.x509.CertificateRevocationList.signature_algorithm_parameters`.
* Added ``mgf`` property to
:class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`.
* Added ``algorithm`` and ``mgf`` properties to
:class:`~cryptography.hazmat.primitives.asymmetric.padding.OAEP`.
* Added the following properties that return timezone-aware ``datetime`` objects:
:meth:`~cryptography.x509.Certificate.not_valid_before_utc`,
:meth:`~cryptography.x509.Certificate.not_valid_after_utc`,
:meth:`~cryptography.x509.RevokedCertificate.revocation_date_utc`,
:meth:`~cryptography.x509.CertificateRevocationList.next_update_utc`,
:meth:`~cryptography.x509.CertificateRevocationList.last_update_utc`.
These are timezone-aware variants of existing properties that return naïve
``datetime`` objects.
* Deprecated the following properties that return naïve ``datetime`` objects:
:meth:`~cryptography.x509.Certificate.not_valid_before`,
:meth:`~cryptography.x509.Certificate.not_valid_after`,
:meth:`~cryptography.x509.RevokedCertificate.revocation_date`,
:meth:`~cryptography.x509.CertificateRevocationList.next_update`,
:meth:`~cryptography.x509.CertificateRevocationList.last_update`
in favor of the new timezone-aware variants mentioned above.
* Added support for
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.ChaCha20`
on LibreSSL.
* Added support for RSA PSS signatures in PKCS7 with
:meth:`~cryptography.hazmat.primitives.serialization.pkcs7.PKCS7SignatureBuilder.add_signer`.
* In the next release (43.0.0) of cryptography, loading an X.509 certificate
with a negative serial number will raise an exception. This has been
deprecated since 36.0.0.
* Added support for
:class:`~cryptography.hazmat.primitives.ciphers.aead.AESGCMSIV` when using
OpenSSL 3.2.0+.
* Added the :mod:`X.509 path validation <cryptography.x509.verification>` APIs
for :class:`~cryptography.x509.Certificate` chains. These APIs should be
considered unstable and not subject to our stability guarantees until
documented as such in a future release.
* Added support for
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.SM4`
:class:`~cryptography.hazmat.primitives.ciphers.modes.GCM`
when using OpenSSL 3.0 or greater.

.. _v41-0-7:

41.0.7

~~~~~~~~~~~~~~~~~~~

* Fixed compilation when using LibreSSL 3.8.2.

.. _v41-0-6:

41.0.6

~~~~~~~~~~~~~~~~~~~

* Fixed a null-pointer-dereference and segfault that could occur when loading
certificates from a PKCS7 bundle.  Credit to **pkuzco** for reporting the
issue. **CVE-2023-49083**

.. _v41-0-5:

41.0.5

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.4.
* Added a function to support an upcoming ``pyOpenSSL`` release.

.. _v41-0-4:

41.0.4

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.3.

.. _v41-0-3:

41.0.3

~~~~~~~~~~~~~~~~~~~

* Fixed performance regression loading DH public keys.
* Fixed a memory leak when using
:class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305`.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.2.

.. _v41-0-2:

41.0.2

~~~~~~~~~~~~~~~~~~~

* Fixed bugs in creating and parsing SSH certificates where critical options
with values were handled incorrectly. Certificates are now created correctly
and parsing accepts correct values as well as the previously generated
invalid forms with a warning. In the next release, support for parsing these
invalid forms will be removed.

.. _v41-0-1:

41.0.1

~~~~~~~~~~~~~~~~~~~

* Temporarily allow invalid ECDSA signature algorithm parameters in X.509
certificates, which are generated by older versions of Java.
* Allow null bytes in pass phrases when serializing private keys.

.. _v41-0-0:

41.0.0

~~~~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** Support for OpenSSL less than 1.1.1d has been
removed.  Users on older version of OpenSSL will need to upgrade.
* **BACKWARDS INCOMPATIBLE:** Support for Python 3.6 has been removed.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.6.
* Updated the minimum supported Rust version (MSRV) to 1.56.0, from 1.48.0.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.1.
* Added support for the :class:`~cryptography.x509.OCSPAcceptableResponses`
OCSP extension.
* Added support for the :class:`~cryptography.x509.MSCertificateTemplate`
proprietary Microsoft certificate extension.
* Implemented support for equality checks on all asymmetric public key types.
* Added support for ``aes256-gcmopenssh.com`` encrypted keys in
:func:`~cryptography.hazmat.primitives.serialization.load_ssh_private_key`.
* Added support for obtaining X.509 certificate signature algorithm parameters
(including PSS) via
:meth:`~cryptography.x509.Certificate.signature_algorithm_parameters`.
* Support signing :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`
X.509 certificates via the new keyword-only argument ``rsa_padding`` on
:meth:`~cryptography.x509.CertificateBuilder.sign`.
* Added support for
:class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305`
on BoringSSL.

.. _v40-0-2:

40.0.2

~~~~~~~~~~~~~~~~~~~

* Fixed compilation when using LibreSSL 3.7.2.
* Added some functions to support an upcoming ``pyOpenSSL`` release.

.. _v40-0-1:

40.0.1

~~~~~~~~~~~~~~~~~~~

* Fixed a bug where certain operations would fail if an object happened to be
in the top-half of the memory-space. This only impacted 32-bit systems.

.. _v40-0-0:

40.0.0

~~~~~~~~~~~~~~~~~~~


* **BACKWARDS INCOMPATIBLE:** As announced in the 39.0.0 changelog, the way
``cryptography`` links OpenSSL has changed. This only impacts users who
build ``cryptography`` from source (i.e., not from a ``wheel``), and
specify their own version of OpenSSL. For those users, the ``CFLAGS``,
``LDFLAGS``, ``INCLUDE``, ``LIB``, and ``CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS``
environment variables are no longer valid. Instead, users need to configure
their builds `as documented here`_.
* Support for Python 3.6 is deprecated and will be removed in the next
release.
* Deprecated the current minimum supported Rust version (MSRV) of 1.48.0.
In the next release we will raise MSRV to 1.56.0. Users with the latest
``pip`` will typically get a wheel and not need Rust installed, but check
:doc:`/installation` for documentation on installing a newer ``rustc`` if
required.
* Deprecated support for OpenSSL less than 1.1.1d. The next release of
``cryptography`` will drop support for older versions.
* Deprecated support for DSA keys in
:func:`~cryptography.hazmat.primitives.serialization.load_ssh_public_key`
and
:func:`~cryptography.hazmat.primitives.serialization.load_ssh_private_key`.
* Deprecated support for OpenSSH serialization in
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`
and
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`.
* The minimum supported version of PyPy3 is now 7.3.10.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.0.
* Added support for parsing SSH certificates in addition to public keys with
:func:`~cryptography.hazmat.primitives.serialization.load_ssh_public_identity`.
:func:`~cryptography.hazmat.primitives.serialization.load_ssh_public_key`
continues to support only public keys.
* Added support for generating SSH certificates with
:class:`~cryptography.hazmat.primitives.serialization.SSHCertificateBuilder`.
* Added :meth:`~cryptography.x509.Certificate.verify_directly_issued_by` to
:class:`~cryptography.x509.Certificate`.
* Added a check to :class:`~cryptography.x509.NameConstraints` to ensure that
:class:`~cryptography.x509.DNSName` constraints do not contain any ``*``
wildcards.
* Removed many unused CFFI OpenSSL bindings. This will not impact you unless
you are using ``cryptography`` to directly invoke OpenSSL's C API. Note that
these have never been considered a stable, supported, public API by
``cryptography``, this note is included as a courtesy.
* The X.509 builder classes now raise ``UnsupportedAlgorithm`` instead of
``ValueError`` if an unsupported hash algorithm is passed.
* Added public union type aliases for type hinting:

* Asymmetric types:
 :const:`~cryptography.hazmat.primitives.asymmetric.types.PublicKeyTypes`,
 :const:`~cryptography.hazmat.primitives.asymmetric.types.PrivateKeyTypes`,
 :const:`~cryptography.hazmat.primitives.asymmetric.types.CertificatePublicKeyTypes`,
 :const:`~cryptography.hazmat.primitives.asymmetric.types.CertificateIssuerPublicKeyTypes`,
 :const:`~cryptography.hazmat.primitives.asymmetric.types.CertificateIssuerPrivateKeyTypes`.
* SSH keys:
 :const:`~cryptography.hazmat.primitives.serialization.SSHPublicKeyTypes`,
 :const:`~cryptography.hazmat.primitives.serialization.SSHPrivateKeyTypes`,
 :const:`~cryptography.hazmat.primitives.serialization.SSHCertPublicKeyTypes`,
 :const:`~cryptography.hazmat.primitives.serialization.SSHCertPrivateKeyTypes`.
* PKCS12:
 :const:`~cryptography.hazmat.primitives.serialization.pkcs12.PKCS12PrivateKeyTypes`
* PKCS7:
 :const:`~cryptography.hazmat.primitives.serialization.pkcs7.PKCS7HashTypes`,
 :const:`~cryptography.hazmat.primitives.serialization.pkcs7.PKCS7PrivateKeyTypes`.
* Two-factor:
 :const:`~cryptography.hazmat.primitives.twofactor.hotp.HOTPHashTypes`

* Deprecated previously undocumented but not private type aliases in the
``cryptography.hazmat.primitives.asymmetric.types`` module in favor of new
ones above.


.. _v39-0-2:

39.0.2

~~~~~~~~~~~~~~~~~~~

* Fixed a bug where the content type header was not properly encoded for
PKCS7 signatures when using the ``Text`` option and ``SMIME`` encoding.


.. _v39-0-1:

39.0.1

~~~~~~~~~~~~~~~~~~~

* **SECURITY ISSUE** - Fixed a bug where ``Cipher.update_into`` accepted Python
buffer protocol objects, but allowed immutable buffers. **CVE-2023-23931**
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.8.

.. _v39-0-0:

39.0.0

~~~~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:** Support for OpenSSL 1.1.0 has been removed.
Users on older version of OpenSSL will need to upgrade.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.5. The new
minimum LibreSSL version is 3.5.0. Going forward our policy is to support
versions of LibreSSL that are available in versions of OpenBSD that are
still receiving security support.
* **BACKWARDS INCOMPATIBLE:** Removed the ``encode_point`` and
``from_encoded_point`` methods on
:class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicNumbers`,
which had been deprecated for several years.
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.public_bytes`
and
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.from_encoded_point`
should be used instead.
* **BACKWARDS INCOMPATIBLE:** Support for using MD5 or SHA1 in
:class:`~cryptography.x509.CertificateBuilder`, other X.509 builders, and
PKCS7 has been removed.
* **BACKWARDS INCOMPATIBLE:** Dropped support for macOS 10.10 and 10.11, macOS
users must upgrade to 10.12 or newer.
* **ANNOUNCEMENT:** The next version of ``cryptography`` (40.0) will change
the way we link OpenSSL. This will only impact users who build
``cryptography`` from source (i.e., not from a ``wheel``), and specify their
own version of OpenSSL. For those users, the ``CFLAGS``, ``LDFLAGS``,
``INCLUDE``, ``LIB``, and ``CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS`` environment
variables will no longer be respected. Instead, users will need to
configure their builds `as documented here`_.
* Added support for
:ref:`disabling the legacy provider in OpenSSL 3.0.x<legacy-provider>`.
* Added support for disabling RSA key validation checks when loading RSA
keys via
:func:`~cryptography.hazmat.primitives.serialization.load_pem_private_key`,
:func:`~cryptography.hazmat.primitives.serialization.load_der_private_key`,
and
:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers.private_key`.
This speeds up key loading but is :term:`unsafe` if you are loading potentially
attacker supplied keys.
* Significantly improved performance for
:class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305`
when repeatedly calling ``encrypt`` or ``decrypt`` with the same key.
* Added support for creating OCSP requests with precomputed hashes using
:meth:`~cryptography.x509.ocsp.OCSPRequestBuilder.add_certificate_by_hash`.
* Added support for loading multiple PEM-encoded X.509 certificates from
a single input via :func:`~cryptography.x509.load_pem_x509_certificates`.

.. _v38-0-4:

38.0.4

~~~~~~~~~~~~~~~~~~~

* Fixed compilation when using LibreSSL 3.6.0.
* Fixed error when using ``py2app`` to build an application with a
``cryptography`` dependency.

.. _v38-0-3:

38.0.3

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.7,
which resolves *CVE-2022-3602* and *CVE-2022-3786*.

.. _v38-0-2:

38.0.2

~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.. attention::

 This release was subsequently yanked from PyPI due to a regression in OpenSSL.

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.6.


.. _v38-0-1:

38.0.1

~~~~~~~~~~~~~~~~~~~

* Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically
seen in large CRLs).

.. _v38-0-0:

38.0.0

~~~~~~~~~~~~~~~~~~~

* Final deprecation of OpenSSL 1.1.0. The next release of ``cryptography``
will drop support.
* We no longer ship ``manylinux2010`` wheels. Users should upgrade to the
latest ``pip`` to ensure this doesn't cause issues downloading wheels on
their platform. We now ship ``manylinux_2_28`` wheels for users on new
enough platforms.
* Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0.
Users with the latest ``pip`` will typically get a wheel and not need Rust
installed, but check :doc:`/installation` for documentation on installing a
newer ``rustc`` if required.
* :meth:`~cryptography.fernet.Fernet.decrypt` and related methods now accept
both ``str`` and ``bytes`` tokens.
* Parsing ``CertificateSigningRequest`` restores the behavior of enforcing
that the ``Extension`` ``critical`` field must be correctly encoded DER. See
`the issue <https://github.com/pyca/cryptography/issues/6368>`_ for complete
details.
* Added two new OpenSSL functions to the bindings to support an upcoming
``pyOpenSSL`` release.
* When parsing :class:`~cryptography.x509.CertificateRevocationList` and
:class:`~cryptography.x509.CertificateSigningRequest` values, it is now
enforced that the ``version`` value in the input must be valid according to
the rules of :rfc:`2986` and :rfc:`5280`.
* Using MD5 or SHA1 in :class:`~cryptography.x509.CertificateBuilder` and
other X.509 builders is deprecated and support will be removed in the next
version.
* Added additional APIs to
:class:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp`, including
:attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_hash_algorithm`,
:attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_algorithm`,
:attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature`, and
:attr:`~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.extension_bytes`.
* Added :attr:`~cryptography.x509.Certificate.tbs_precertificate_bytes`, allowing
users to access the to-be-signed pre-certificate data needed for signed
certificate timestamp verification.
* :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFHMAC` and
:class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFCMAC` now support
:attr:`~cryptography.hazmat.primitives.kdf.kbkdf.CounterLocation.MiddleFixed`
counter location.
* Fixed :rfc:`4514` name parsing to reverse the order of the RDNs according
to the section 2.1 of the RFC, affecting method
:meth:`~cryptography.x509.Name.from_rfc4514_string`.
* It is now possible to customize some aspects of encryption when serializing
private keys, using
:meth:`~cryptography.hazmat.primitives.serialization.PrivateFormat.encryption_builder`.
* Removed several legacy symbols from our OpenSSL bindings. Users of pyOpenSSL
versions older than 22.0 will need to upgrade.
* Added
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES128` and
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES256` classes.
These classes do not replace
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` (which
allows all AES key lengths), but are intended for applications where
developers want to be explicit about key length.

.. _v37-0-4:

37.0.4

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.5.

.. _v37-0-3:

37.0.3

~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.. attention::

 This release was subsequently yanked from PyPI due to a regression in OpenSSL.

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.4.

.. _v37-0-2:

37.0.2

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.3.
* Added a constant needed for an upcoming pyOpenSSL release.

.. _v37-0-1:

37.0.1

~~~~~~~~~~~~~~~~~~~

* Fixed an issue where parsing an encrypted private key with the public
loader functions would hang waiting for console input on OpenSSL 3.0.x rather
than raising an error.
* Restored some legacy symbols for older ``pyOpenSSL`` users. These will be
removed again in the future, so ``pyOpenSSL`` users should still upgrade
to the latest version of that package when they upgrade ``cryptography``.

.. _v37-0-0:

37.0.0

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.2.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL 2.9.x and 3.0.x.
The new minimum LibreSSL version is 3.1+.
* **BACKWARDS INCOMPATIBLE:** Removed ``signer`` and ``verifier`` methods
from the public key and private key classes. These methods were originally
deprecated in version 2.0, but had an extended deprecation timeline due
to usage. Any remaining users should transition to ``sign`` and ``verify``.
* Deprecated OpenSSL 1.1.0 support. OpenSSL 1.1.0 is no longer supported by
the OpenSSL project. The next release of ``cryptography`` will be the last
to support compiling with OpenSSL 1.1.0.
* Deprecated Python 3.6 support. Python 3.6 is no longer supported by the
Python core team. Support for Python 3.6 will be removed in a future
``cryptography`` release.
* Deprecated the current minimum supported Rust version (MSRV) of 1.41.0.
In the next release we will raise MSRV to 1.48.0. Users with the latest
``pip`` will typically get a wheel and not need Rust installed, but check
:doc:`/installation` for documentation on installing a newer ``rustc`` if
required.
* Deprecated ``CAST5``, ``SEED``, ``IDEA``, and ``Blowfish`` because
they are legacy algorithms with extremely low usage. These will be removed
in a future version of ``cryptography``.
* Added limited support for distinguished names containing a bit string.
* We now ship ``universal2`` wheels on macOS, which contain both ``arm64``
and ``x86_64`` architectures. Users on macOS should upgrade to the latest
``pip`` to ensure they can use this wheel, although we will continue to
ship ``x86_64`` specific wheels for now to ease the transition.
* This will be the final release for which we ship ``manylinux2010`` wheels.
Going forward the minimum supported ``manylinux`` ABI for our wheels will
be ``manylinux2014``. The vast majority of users will continue to receive
``manylinux`` wheels provided they have an up to date ``pip``. For PyPy
wheels this release already requires ``manylinux2014`` for compatibility
with binaries distributed by upstream.
* Added support for multiple
:class:`~cryptography.x509.ocsp.OCSPSingleResponse` in a
:class:`~cryptography.x509.ocsp.OCSPResponse`.
* Restored support for signing certificates and other structures in
:doc:`/x509/index` with SHA3 hash algorithms.
* :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` is
disabled in FIPS mode.
* Added support for serialization of PKCS12 CA friendly names/aliases in
:func:`~cryptography.hazmat.primitives.serialization.pkcs12.serialize_key_and_certificates`
* Added support for 12-15 byte (96 to 120 bit) nonces to
:class:`~cryptography.hazmat.primitives.ciphers.aead.AESOCB3`. This class
previously supported only 12 byte (96 bit).
* Added support for
:class:`~cryptography.hazmat.primitives.ciphers.aead.AESSIV` when using
OpenSSL 3.0.0+.
* Added support for serializing PKCS7 structures from a list of
certificates with
:class:`~cryptography.hazmat.primitives.serialization.pkcs7.serialize_certificates`.
* Added support for parsing :rfc:`4514` strings with
:meth:`~cryptography.x509.Name.from_rfc4514_string`.
* Added :attr:`~cryptography.hazmat.primitives.asymmetric.padding.PSS.AUTO` to
:class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`. This can
be used to verify a signature where the salt length is not already known.
* Added :attr:`~cryptography.hazmat.primitives.asymmetric.padding.PSS.DIGEST_LENGTH`
to :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`. This
constant will set the salt length to the same length as the ``PSS`` hash
algorithm.
* Added support for loading RSA-PSS key types with
:func:`~cryptography.hazmat.primitives.serialization.load_pem_private_key`
and
:func:`~cryptography.hazmat.primitives.serialization.load_der_private_key`.
This functionality is limited to OpenSSL 1.1.1e+ and loads the key as a
normal RSA private key, discarding the PSS constraint information.

.. _v36-0-2:

36.0.2

~~~~~~~~~~~~~~~~~~~

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 1.1.1n.

.. _v36-0-1:

Links

• PyPI: https://pypi.org/project/cryptography
• Changelog: https://data.safetycli.com/changelogs/cryptography/