Workflow

Cryptography

Latest version: v44.0.2

Safety actively analyzes 722955 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 22 of 23

0.6

Not secure
~~~~~~~~~~~~~~~~

* Added
:func:`~cryptography.hazmat.primitives.serialization.load_pem_private_key` to
ease loading private keys, and
:func:`~cryptography.hazmat.primitives.serialization.load_pem_public_key` to
support loading public keys.
* Removed the, deprecated in 0.4, support for the ``salt_length`` argument to
the :class:`~cryptography.hazmat.primitives.asymmetric.padding.MGF1`
constructor. The ``salt_length`` should be passed to
:class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS` instead.
* Fix compilation on OS X Yosemite.
* Deprecated ``elliptic_curve_private_key_from_numbers`` and
``elliptic_curve_public_key_from_numbers`` in favor of
``load_elliptic_curve_private_numbers`` and
``load_elliptic_curve_public_numbers`` on ``EllipticCurveBackend``.
* Added ``EllipticCurvePrivateKeyWithNumbers`` and
``EllipticCurvePublicKeyWithNumbers`` support.
* Work around three GCM related bugs in CommonCrypto and OpenSSL.

* On the CommonCrypto backend adding AAD but not subsequently calling update
would return null tag bytes.

* One the CommonCrypto backend a call to update without an empty add AAD call
would return null ciphertext bytes.

* On the OpenSSL backend with certain versions adding AAD only would give
invalid tag bytes.

* Support loading EC private keys from PEM.


.. _v0-5-4:

0.5.4

Not secure
~~~~~~~~~~~~~~~~~~

* Added several functions to the OpenSSL bindings to support new
functionality in pyOpenSSL.
* Fixed a redefined constant causing compilation failure with Solaris 11.2.


.. _v0-5-3:

0.5.3

Not secure
~~~~~~~~~~~~~~~~~~

* Updated Windows wheels to be compiled against OpenSSL 1.0.1i.


.. _v0-5-2:

0.5.2

Not secure
~~~~~~~~~~~~~~~~~~

* Add ``TraditionalOpenSSLSerializationBackend`` support to ``multibackend``.
* Fix compilation error on OS X 10.8 (Mountain Lion).


.. _v0-5-1:

0.5.1

Not secure
~~~~~~~~~~~~~~~~~~

* Add ``PKCS8SerializationBackend`` support to ``multibackend``.


.. _v0-5:

0.5

Not secure
~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:**
:class:`~cryptography.hazmat.primitives.ciphers.modes.GCM` no longer allows
truncation of tags by default. Previous versions of ``cryptography`` allowed
tags to be truncated by default, applications wishing to preserve this
behavior (not recommended) can pass the ``min_tag_length`` argument.
* Windows builds now statically link OpenSSL by default. When installing a
wheel on Windows you no longer need to install OpenSSL separately. Windows
users can switch between static and dynamic linking with an environment
variable. See :doc:`/installation` for more details.
* Added :class:`~cryptography.hazmat.primitives.kdf.hkdf.HKDFExpand`.
* Added :class:`~cryptography.hazmat.primitives.ciphers.modes.CFB8` support
for :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` and
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` on
``commoncrypto`` and ``openssl``.
* Added ``AES`` :class:`~cryptography.hazmat.primitives.ciphers.modes.CTR`
support to the OpenSSL backend when linked against 0.9.8.
* Added ``PKCS8SerializationBackend`` and
``TraditionalOpenSSLSerializationBackend`` support to ``openssl``.
* Added :doc:`/hazmat/primitives/asymmetric/ec` and ``EllipticCurveBackend``.
* Added :class:`~cryptography.hazmat.primitives.ciphers.modes.ECB` support
for :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` on
``commoncrypto`` and ``openssl``.
* Deprecated the concrete ``RSAPrivateKey`` class in favor of backend
specific providers of the
:class:`cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`
interface.
* Deprecated the concrete ``RSAPublicKey`` in favor of backend specific
providers of the
:class:`cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`
interface.
* Deprecated the concrete ``DSAPrivateKey`` class in favor of backend
specific providers of the
:class:`cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`
interface.
* Deprecated the concrete ``DSAPublicKey`` class in favor of backend specific
providers of the
:class:`cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`
interface.
* Deprecated the concrete ``DSAParameters`` class in favor of backend specific
providers of the
:class:`cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters`
interface.
* Deprecated ``encrypt_rsa``, ``decrypt_rsa``, ``create_rsa_signature_ctx`` and
``create_rsa_verification_ctx`` on ``RSABackend``.
* Deprecated ``create_dsa_signature_ctx`` and ``create_dsa_verification_ctx``
on ``DSABackend``.


.. _v0-4:

Page 22 of 23

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.