python-mbedtls release notes

python-mbedtls is a free cryptographic library for Python 2.7, 3.4, 3.5, and 3.6 that uses mbed TLS for back end.

python-mbedtls API follows the recommendations from PEP 452 and PEP 272 and can therefore be used as a drop-in replacements to PyCrypto or Python's hashlib and hmac.

Release notes

Installation

The library is available on pypi and is installed after mbed TLS with

$ pip install python-mbedtls

python-mbedts 0.11.1 released

Update the change log.

python-mbedtls 0.11.0 released

This release adds Diffie-Hellman-Merkle key exchange and secure numbers.

What's new

  • Added support for Diffie-Hellman-Merkle key exchange (pk.DHServer() and pk.DHClient()).
  • MPI (multi-precision integers) now implement the full numbers.Integral API. (mpi.MPI()).

API changes

  • This release changes the exception model. The library now raises a single exception: MbedTLSError.
  • Methods from pk returning an integer now return an secure integer.

python-mbedtls 0.10.0 released

This release adds elliptic curve cryptography.

What's new

ECDSA (EC signature) and ECDH (EC key exchange) as well as ECDHE (ephemeral EC key exchange) are now supported.

API changes

  • RSA.generate() returns the private key.
  • to_DER() and to_PEM() are obsolete and will be removed. Users should call export_key() and export_public_key() instead.
  • has_public() and has_private() are removed.
  • __str__() returns the private key in PEM format.
  • to_bytes() and __bytes__() return the private key in DER format.

python-mbedtls 0.9.0 released

This is a bug fix release.

What's new

This release fixes the source distribution. Installing with pip should now work!

API changes

  • X.509 certificates now have a next() method returning the next certificate from a chain.
  • md implements the block_size property.

python-mbedtls 0.8 released [withdrawn]

python-mbedtls 0.8 features:

  • mbedtls.hash and mbedtls.hmac: message digest algorithms with MD5, SHA-1, SHA-2, and RIPEMD-160.
  • mbedtls.cipher: symmetric encryption with AES, ARC4, Blowfish, Camellia, and DES.
  • mbedtls.pk: RSA cryptosystem with support for PEM and DER formats.
  • mbedtls.x509: X.509 certificate writing and parsing.

What's new

python-mbedtls 0.8 features a new mbedtls.x509 module for parsing and writing X.509 certificates. The API complies to PEP 543.

  • X.509 certificate parsing and writing.
  • X.509 certificate signing request parsing and writing.
  • X.509 certificate revocation list parsing.

API changes

The import_() and export() methods from mbedtls.pk.RSA are now called from_buffer(), from_DER(), from_PEM(), and to_DER(), to_DER() to be closer to PEP 543.

This is a breaking change.

python-mbedtls 0.7 released

What's new

  • python-mbedtls 0.7 adds support for Python 2.7 and was further tested with Python 3.4, 3.5, and 3.6. The bindings are known to work with a few more versions.
  • A short script install-mbedtls.sh is available for download and installs a local copy of mbed TLS with install-mbedtls.sh [VERSION] [DESTDIR], for example,
# ./install-mbedtls.sh 2.4.2 /usr/local

API changes

  • mbedtls.hash and mbedtls.hmac: message digest algorithms with MD5, SHA-1, SHA-2, and RIPEMD-160.
  • mbedtls.cipher: symmetric encryption with AES, ARC4, Blowfish, Camellia, and DES.
  • mbedtls.pk: RSA cryptosystem with support for PEM and DER formats.

Miscellaneous

  • The tests were ported from nosetests to pytest.
  • The code is tested automatically on Circle CI.

Comments !

links

social