Workflow

Oscrypto

Latest version: v1.3.0

Safety actively analyzes 682361 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 2 of 5

0.19.1

- Fixed a bug where `trust_list.get_path()` would not call the `cert_callback`
when a certificate was exported
- Fixed an issue on OS X/macOS where a certificate with an explicit any
purpose trust OID would not be exported since it didn't contain the OID
for SSL

0.19.0

- Backwards compatibility break: `trust_list.get_path()` not longer accepts
the parameter `map_vendor_oids`, and only includes CA certificates that
the OS marks as trusted for TLS server authentication. This change was
made due to (at least some versions of) OpenSSL not verifying a server
certificate if the CA bundle includes a `TRUSTED CERTIFICATE` entry,
which is how the trust information was exported. Since trust information
can no longer be exported to disk, the list of certificates must be
filtered, and since the intent of this function was always to provide a
list of CA certs for use by OpenSSL when creating TLS connection, this
change in functionality is in line with the original intent.
- `asymmetric.rsa_pkcs1v15_verify()` and `asymmetric.rsa_rss_verify()` will
now raise a `SignatureError` when there is a key size mismatch.

0.18.0

- `trust_list.get_path()` and `trust_list.get_list()` now accept a parameter
`cert_callback`, which is a callback that will be called once for each
certificate in the trust store. If the certificate will not be exported, a
reason will be provided.
- Added `oscrypto.version` for version introspection without side-effects
- Now uses `asn1crypto.algos.DSASignature` instead of self-contained ASN.1
definition

0.17.3

- Work around an issue on OS X where SecureTransport would try to read non-TLS
data as TLS records, causing hangs with `tls.TLSSocket()`
- Handle an alternate way the Windows SChannel API can fail when the DH params
for a TLS handshake are too small
- Fix a bug with cffi on OS X and converting a CFString to a UTF-8 byte string

0.17.2

- Handle `errSecInvalidTrustSettings` errors on macOS exporting trust roots
- Prevent a `KeyError` on macOS when exporting trust roots and trust settings
are present for certificates not in the list

0.17.1

- Expose `LibraryNotFoundError` via `errors.LibraryNotFoundError`

Page 2 of 5

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.