Cryptography

~~~~~~~~~~~~~~~~~~

* Add ``TraditionalOpenSSLSerializationBackend`` support to ``multibackend``.
* Fix compilation error on OS X 10.8 (Mountain Lion).


.. _v0-5-1:

~~~~~~~~~~~~~~~~~~

* Add ``PKCS8SerializationBackend`` support to ``multibackend``.


.. _v0-5:

~~~~~~~~~~~~~~~~

* **BACKWARDS INCOMPATIBLE:**
:class:`~cryptography.hazmat.primitives.ciphers.modes.GCM` no longer allows
truncation of tags by default. Previous versions of ``cryptography`` allowed
tags to be truncated by default, applications wishing to preserve this
behavior (not recommended) can pass the ``min_tag_length`` argument.
* Windows builds now statically link OpenSSL by default. When installing a
wheel on Windows you no longer need to install OpenSSL separately. Windows
users can switch between static and dynamic linking with an environment
variable. See :doc:`/installation` for more details.
* Added :class:`~cryptography.hazmat.primitives.kdf.hkdf.HKDFExpand`.
* Added :class:`~cryptography.hazmat.primitives.ciphers.modes.CFB8` support
for :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` and
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` on
``commoncrypto`` and ``openssl``.
* Added ``AES`` :class:`~cryptography.hazmat.primitives.ciphers.modes.CTR`
support to the OpenSSL backend when linked against 0.9.8.
* Added ``PKCS8SerializationBackend`` and
``TraditionalOpenSSLSerializationBackend`` support to ``openssl``.
* Added :doc:`/hazmat/primitives/asymmetric/ec` and ``EllipticCurveBackend``.
* Added :class:`~cryptography.hazmat.primitives.ciphers.modes.ECB` support
for :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` on
``commoncrypto`` and ``openssl``.
* Deprecated the concrete ``RSAPrivateKey`` class in favor of backend
specific providers of the
:class:`cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`
interface.
* Deprecated the concrete ``RSAPublicKey`` in favor of backend specific
providers of the
:class:`cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`
interface.
* Deprecated the concrete ``DSAPrivateKey`` class in favor of backend
specific providers of the
:class:`cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`
interface.
* Deprecated the concrete ``DSAPublicKey`` class in favor of backend specific
providers of the
:class:`cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`
interface.
* Deprecated the concrete ``DSAParameters`` class in favor of backend specific
providers of the
:class:`cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters`
interface.
* Deprecated ``encrypt_rsa``, ``decrypt_rsa``, ``create_rsa_signature_ctx`` and
``create_rsa_verification_ctx`` on ``RSABackend``.
* Deprecated ``create_dsa_signature_ctx`` and ``create_dsa_verification_ctx``
on ``DSABackend``.


.. _v0-4:

~~~~~~~~~~~~~~~~

* Deprecated ``salt_length`` on
:class:`~cryptography.hazmat.primitives.asymmetric.padding.MGF1` and added it
to :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`. It will
be removed from ``MGF1`` in two releases per our :doc:`/api-stability`
policy.
* Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`
support.
* Added :class:`~cryptography.hazmat.primitives.cmac.CMAC`.
* Added decryption support to
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`
and encryption support to
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`.
* Added signature support to
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`
and verification support to
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`.


.. _v0-3:

~~~~~~~~~~~~~~~~

* Added :class:`~cryptography.hazmat.primitives.twofactor.hotp.HOTP`.
* Added :class:`~cryptography.hazmat.primitives.twofactor.totp.TOTP`.
* Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA`
support.
* Added signature support to
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`
and verification support to
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`.
* Moved test vectors to the new ``cryptography_vectors`` package.


.. _v0-2-2:

~~~~~~~~~~~~~~~~~~

* Removed a constant definition that was causing compilation problems with
specific versions of OpenSSL.


.. _v0-2-1: