Python-pskc

Latest version: v1.3

Safety actively analyzes 682404 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 2

1.3

-----------------------

* drop support for Python 2.7 and 3.5 (support Python 3.6 - 3.12)
* typo fixes in documentation
* have test suite not rely on current date/time
* update certificates in tests to support newer cryptography

1.2

-----------------------

* sort namespace declarations alphabetically in generated XML
* accept keys as bytearray values
* spelling fixes in documentation
* command-line utilities now support using - as stdin
* test and build environment improvements
* drop support for Python 3.4
* add support for Python 3.8 - 3.10 (was already working out-of-the-box)

1.1

-----------------------

* portability fixes for test suite
* add a remove_encryption() function
* always write a 1.0 PSKC version, even when another version was read
* correctly write a PSKC file with a global IV
* correctly write a PSKC file without a MAC key
* add a pskc2pskc script for converting a legacy PSKC file to a RFC 6030
compliant version and for adding or removing encryption
* add a csv2pskc script for generating a PSKC file from a CSV file
* make all the scripts (pskc2csv, pskc2pskc and csv2pskc) entry points so
they are available on package installation

1.0

-----------------------

* fix a bug in writing passphrase encrypted PSKC files on Python3
* fix a typo in the pin_max_failed_attempts attribute (the old name is
available as a deprecated property)
* switch from pycrypto to cryptography as provider for encryption functions
because the latter is better supported
* switch to using the PBKDF2 implementation from hashlib which requires
Python 2.7.8 or newer
* use defusedxml when available (python-pskc now supports both standard
xml.etree and lxml with and without defusedxml)
* support checking and generating embedded XML signatures (this requires the
signxml library which is not required for any other operations)
* add limited support for very old draft PSKC versions (it is speculated that
this resembles the "Verisign PSKC format" that some applications produce)
* support Camellia-CBC and KW-Camellia encryption algorithms
* support any hashing algorithm available in Python
* add a --secret-encoding option to pskc2csv to allow base64 encoded binary
output
* support naming the CSV column headers in pskc2csv
* add a manual page for pskc2csv
* a number of documentation, code style and test suite improvements

0.5

-----------------------

* numerous compatibility improvements for reading PSKC files that do not
follow the RFC 6030 schema exactly: specifically accept a number of old
Internet Draft specifications that preceded RFC 6030 and support an
ActivIdentity file format
* split device information from key information (keep old API available) to
allow multiple keys per device (this is not allowed by RFC 6030 but was
allowed in older Internet Drafts)
* accept MAC to be over plaintext in addition to ciphertext
* fall back to using encryption key as MAC key
* refactoring of some encryption, parsing and serialising functionality into
separate modules for better maintainability
* add configuration for running test suite via Tox
* addition of a large number of test cases, bringing the branch coverage to
100%
* documentation improvements
* drop official support for Python 2.6 (the module still works but is just no
longer tested with it)

0.4

-----------------------

* add support for writing encrypted PSKC files (with either a pre-shared key
or PBKDF2 password-based encryption)
* extend may_use() policy checking function to check for unknown policy
elements and key expiry
* add a number of tests for existing vendor PSKC files and have full line
coverage with tests
* be more lenient in handling a number of XML files (e.g. automatically
sanitise encryption algorithm URIs, ignore XML namespaces and support more
spellings of some properties)
* support reading password or key files in pskc2csv
* support Python 3 in the pskc2csv script (thanks Mathias Laurin)
* refactoring and clean-ups to be more easily extendible (thanks Mathias
Laurin)

Page 1 of 2

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.