All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Calendar Versioning.
The first number of the version is the year. The second number is incremented with each release, starting at 1 for each year. The third number is for emergencies when we need to start branches for older releases.
You can find our backwards-compatibility policy here.
23.1.0 - 2023-06-21
- Support for Python 2.7, 3.5, and 3.6 has been dropped.
- Support for RFC 4880 OpenPGP private & public keys:
pem.OpenPGPPublicKey
andpem.OpenPGPPrivateKey
. #72 - Support for intra-payload headers like the ones used in OpenPGP keys using the
meta_headers
property. #75 pem.parse_file()
now accepts alsopathlib.Path
objects.pem.parse()
now also acceptsstr
.- Added
text_payload
,bytes_payload
anddecoded_payload
properties to all PEM objects that allow to directly access the payload without the envelope and possible headers. #74
21.2.0 - 2021-04-07
- Added support for
pem.OpenSSLTrustedCertificate
(-----BEGIN TRUSTED CERTIFICATE-----
), as defined in openssl x509 manual. #28
21.1.0 - 2021-01-22
- Added support for DSA private keys (
BEGIN DSA PRIVATE
). This is also the OpenSSH legacy PEM format. #49 - Added support for
pem.SSHPublicKey
(---- BEGIN SSH2 PUBLIC KEY ----
), as defined in RFC 4716. #46 - Added support for
pem.SSHCOMPrivateKey
(---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
), the SSH.com / Tectia private key format (plain or encrypted). #46
20.1.0 - 2020-01-06
- Carriage returns (
\r
) are now stripped before hashing pem objects to provide consistent hashes across platforms. #40
19.3.0 - 2019-10-16
-
Python 3.4 is not supported anymore. It has been unsupported by the Python core team for a while now and its PyPI downloads are negligible.
It's very unlikely that pem will break under 3.4 anytime soon, but we don't test it anymore.
- Added support for
pem.OpenSSHPrivateKey
(OPENSSH PRIVATE KEY
). OpenSSH added a newBEGIN
label when it switched to a proprietary key encoding. #39
19.2.0 - 2019-08-06
- Added support for
pem.ECPrivateKey
(EC PRIVATE KEY
).
19.1.0 - 2019-03-19
- You can now load encrypted PKCS#8 PEM key as
pem.Key
. - Added support for
pem.PublicKey
(PUBLIC KEY
). - Added support for
pem.RSAPublicKey
(RSA PUBLIC KEY
).
18.2.0 - 2018-10-09
- Added
pem.CertificateRevocationList
for certificate revocation lists (CRLs). #32
18.1.0 - 2018-06-23
pem.certificateOptionsFromFiles()
andpem.certificateOptionsFromPEMs()
have been removed after three years of deprecation. Please usepem.twisted.certificateOptionsFromFiles()
pem.twisted.certificateOptionsFromPEMs()
instead.- Diffie-Hellman support for Twisted older than 14.0 has been removed.
- pem now ships with typing information that can be used by type checkers like Mypy.
- PEM objects now have an
obj.sha1_hexdigest
property with the SHA-1 digest of the stored bytes as a native string. This is the same digest as the one that is used by the PEM objects'__repr__
s. - PEM objects now have an
obj.as_text()
method that returns the PEM-encoded content as unicode, always.
17.1.0 - 2017-08-10
- Added
pem.CertificateRequest
for certificate signing requests. #29
16.1.0 - 2016-04-08
- Passing
dhParameters
topem.twisted.certifateOptionsFromPEMs
andcertificateOptionsFromFiles
is now deprecated; instead, include the DH parameters in the PEM objects or files.
-
Python 3.3 and 2.6 aren't supported anymore. They may work by chance but any effort to keep them working has ceased.
The last Python 2.6 release was on October 29, 2013 and isn't supported by the CPython core team anymore. Major Python packages like Django and Twisted dropped Python 2.6 a while ago already.
Python 3.3 never had a significant user base and wasn't part of any distribution's LTS release.
pem.twisted.certificateOptionsFromPEMs
andcertificateOptionsFromFiles
will now load Ephemeral Diffie-Hellman parameters if found. #21- PEM objects now have an
as_bytes
method that returns the PEM-encoded content as bytes, always. #24
- PEM objects now correctly handle being constructed with unicode and bytes on both Python 2 and 3. #24
- PEM objects are now hashable and comparable for equality. #25
16.0.0 - 2016-02-05
15.0.0 - 2015-07-10
- The usage of Twisted helpers from the pem module is deprecated.
Use their pendants from the
pem.twisted
module now. - The usage of the backport of ephemeral Diffie-Hellman support is hereby deprecated. Nobody should use a Twisted release that is older than 14.0.0 because it contains essential SSL/TLS fixes.
- Support PEM strings that do not end with a new line. #12
- Support PEM strings that end with
\r\n
. - The Twisted-related helpers have been moved to
pem.twisted
.
0.3.0 - 2014-04-15
- Load PEM files as UTF-8 to allow for non-ASCII comments (like in certifi).
- Allow keys, primary certificates, and chain certificates to occur in any order.
0.2.0 - 2014-03-13
- Add forward-compatible support for DHE.
0.1.0 - 2013-07-18
Initial release.