Releases: MatthiasValvekens/certomancer
Certomancer 0.12.3 beta
The release artifacts have been published to PyPI.
Certomancer 0.12.0 beta
The release artifacts have been published to PyPI.
Certomancer 0.11.0 beta
The release artifacts have been published to PyPI.
New features
- Allow generating OCSP responses without
nextUpdate
Certomancer 0.10.0 beta
The release artifacts have been published to PyPI.
- Release workflow using GitHub actions and Sigstore.
0.9.1 beta
0.9.0 beta
What's Changed
- Add mypy support by @MatthiasValvekens in #7
- Standardise on
black
. - Add rudimentary PKCS#11 writing support ("Alchemist")
Full Changelog: 0.8.3...0.9.0
0.8.3 beta
This is a maintenance release to address a number of bugs and development setup issues.
What's Changed
- password type is Optional[bytes] not str by @peteris-zealid in #3
- provide example for key generation by @peteris-zealid in #1
- AIO test upgrades by @MatthiasValvekens in #6
- Reinstate asn1crypto registration of AA types by @MatthiasValvekens in #5 (see also #4)
- Miscellaneous issues:
tzlocal
import was corrected, key loading errors were consolidated.
New Contributors
- @peteris-zealid made their first contribution in #3
Full Changelog: 0.8.2...0.8.3
0.8.2 beta
This is a maintenance release to upgrade asn1crypto
to 1.5.0
, which allows us to drop the compatibility shims for EdDSA and attribute certificate encoding.
0.8.1 beta
This is a bugfix release for 0.8.0
, addressing an issue with Certomancers mock TSA server. Previously, sending a timestamp request without a nonce would result in an error. This patch release addresses that issue.
0.8.0 beta
Note: Certomancer's initially planned set of features is now more or less complete. While some reorganisation, minor enhancements and bugfixes may still occur, no major new features will be added between this release and 1.0.0
.
This release introduces pluggable certificate profiles as a more convenient way of setting up certificate extensions across many certificates at once. Further details and examples are in the documentation.
The following miscellaneous changes are also part of this release:
- The
certomancer.registry
module was refactored into a package. Since not all original members are reexported at the package level, there may be some degree of breakage in existing calling code. - Certomancer now attempts (by default) to ensure that it generates only one copy of any given extension on a given certificate (taking into account templates and profiles), since that's typically what you want when generating test certificates. If you really need duplicate extensions, set
unique-extensions: false
. - There was a minor bug with the auto-assignment of
authorityKeyIdentifier
extension, which could fail in some cases if the issuer's certificate did not have asubjectKeyIdentifier
extension. Since Certomancer always provides a value for that extension, this bug could only be triggered on user-imported CA certificates that do not conform to RFC 5280.