Release 0.2.8

This feature release brings many new ASN.1 data structures, specifically:

• Added RFC7633 providing TLS Features Certificate Extension
• Added RFC7229 providing OIDs for Test Certificate Policies
• Added tests for RFC3280, RFC3281, RFC3852, and RFC4211
• Added RFC6960 providing Online Certificate Status Protocol (OCSP)
• Added RFC6955 providing Diffie-Hellman Proof-of-Possession Algorithms
• Updated the handling of maps for use with openType for RFC 3279
• Added RFC6486 providing RPKI Manifests
• Added RFC6487 providing Profile for X.509 PKIX Resource Certificates
• Added RFC6170 providing Certificate Image in the Internet X.509 Public
  Key Infrastructure, and import the object identifier into RFC3709.
• Added RFC6187 providing Certificates for Secure Shell Authentication
• Added RFC6482 providing RPKI Route Origin Authorizations (ROAs)
• Added RFC6664 providing S/MIME Capabilities for Public Keys
• Added RFC6120 providing Extensible Messaging and Presence Protocol
  names in certificates
• Added RFC4985 providing Subject Alternative Name for expression of
  service names in certificates
• Added RFC5924 providing Extended Key Usage for Session Initiation
  Protocol (SIP) in X.509 certificates
• Added RFC5916 providing Device Owner Attribute
• Added RFC7508 providing Securing Header Fields with S/MIME
• Update RFC8226 to use ComponentPresentConstraint() instead of the
  previous work around
• Add RFC2631 providing OtherInfo for Diffie-Hellman Key Agreement
• Add RFC3114 providing test values for the S/MIME Security Label
• Add RFC5755 providing Attribute Certificate Profile for Authorization
• Add RFC5913 providing Clearance Attribute and Authority Clearance
  Constraints Certificate Extension
• Add RFC5917 providing Clearance Sponsor Attribute
• Add RFC4043 providing Internet X.509 PKI Permanent Identifier
• Add RFC7585 providing Network Access Identifier (NAI) Realm Name
  for Certificates
• Update RFC3770 to support openType for attributes and reported errata
• Add RFC4334 providing Certificate Extensions and Attributes for
  Authentication in PPP and Wireless LAN Networks

Many thanks to @russhousley for working on this release!

Full list of changed could be seen in the CHANGELOG.

Release 0.2.7

This is another release bringing many new ASN.1 modules to the collection:

• Added maps for use with openType to RFC 3565
• Added RFC2985 providing PKCS#9 Attributes
• Added RFC3770 providing Certificate Extensions and Attributes for Authentication in PPP and Wireless LAN Networks
• Added RFC5914 providing Trust Anchor Format
• Added RFC6010 providing CMS Content Constraints (CCC) Extension
• Added RFC6031 providing CMS Symmetric Key Package Content Type
• Added RFC6032 providing CMS Encrypted Key Package Content Type
• Added RFC7030 providing Enrollment over Secure Transport (EST)
• Added RFC7292 providing PKCS #12, which is the Personal Information Exchange Syntax v1.1
• Added RFC8018 providing PKCS #5, which is the Password-Based Cryptography Specification, Version 2.1
• Added RFC6211 providing CMS Algorithm Identifier Protection Attribute
• Added RFC8449 providing Certificate Extension for Hash Of Root Key
• Added RFC7906 providing NSA's CMS Key Management Attributes
• Added RFC7894 providing EST Alternative Challenge Password Attributes
• Added RFC5990 providing RSA-KEM Key Transport Algorithm in the CMS
• Added RFC5934 providing Trust Anchor Management Protocol (TAMP)
• Added RFC6210 providing Experiment for Hash Functions with Parameters
• Added RFC5751 providing S/MIME Version 3.2 Message Specification
• Added RFC8494 providing Multicast Email (MULE) over ACP 142
• Added RFC8398 providing Internationalized Email Addresses in X.509 Certificates
• Added RFC8419 providing Edwards-Curve Digital Signature Algorithm (EdDSA) Signatures in the CMS
• Added RFC8479 providing Storing Validation Parameters in PKCS#8
• Added RFC8360 providing Resource Public Key Infrastructure (RPKI) Validation Reconsidered
• Added RFC8358 providing Digital Signatures on Internet-Draft Documents
• Added RFC8209 providing BGPsec Router PKI Profile
• Added RFC8017 providing PKCS #1 Version 2.2
• Added RFC7914 providing scrypt Password-Based Key Derivation Function
• Added RFC7773 providing Authentication Context Certificate Extension

Open type maps have been revamped and updated in many existing modules:

• Automatically update the maps for use with openType for RFC3709, RFC6402, RFC7191, and RFC8226 when the module is imported
• Updated the handling of maps for use with openType so that just doing an import of the modules is enough in most situations; updates to RFC 2634, RFC 3274, RFC 3779, RFC 4073, RFC 4108, RFC 5035, RFC 5083, RFC 5084, RFC 5480, RFC 5940, RFC 5958, RFC 6019, and RFC 8520
• Updated the handling of attribute maps for use with openType in RFC 5958 to use the rfc5652.cmsAttributesMap
• Updated RFC2459 and RFC5280 for TODO in the certificate extension map

In the fixes department we have only one fix:

• Fixed malformed rfc4210.RevRepContent data structure layout

Many thanks to @russhousley for working on this release!

Full list of changed could be seen in the CHANGELOG.

Release 0.2.6

This is another release bringing many new ASN.1 modules to the collection:

• Added RFC3560 providing RSAES-OAEP Key Transport Algorithm
  in CMS
• Added RFC6019 providing BinaryTime - an alternate format
  for representing Date and Time
• RFC3565 superseded by RFC5649
• Added RFC5480 providng Elliptic Curve Cryptography Subject
  Public Key Information
• Added RFC8520 providing X.509 Extensions for MUD URL and
  MUD Signer
• Added RFC3161 providing Time-Stamp Protocol support
• Added RFC3709 providing Logotypes in X.509 Certificates
• Added RFC3274 providing CMS Compressed Data Content Type
• Added RFC4073 providing Multiple Contents protection with CMS
• Added RFC2634 providing Enhanced Security Services for S/MIME
• Added RFC5915 providing Elliptic Curve Private Key
• Added RFC5940 providing CMS Revocation Information Choices
• Added RFC7296 providing IKEv2 Certificate Bundle
• Added RFC8619 providing HKDF Algorithm Identifiers
• Added RFC7191 providing CMS Key Package Receipt and Error Content
  Types

Many existing modules got proper open type support:

• Added openType support for ORAddress Extension Attributes and
  Algorithm Identifiers in the RFC5280 module
• Added RFC5035 providing Update to Enhanced Security Services for
  S/MIME
• Added openType support for CMS Content Types and CMS Attributes
  in the RFC5652 module
• Added openType support to RFC 2986 by importing definitions from
  the RFC 5280 module so that the same maps are used.
• Added maps for use with openType to RFC 2634, RFC 3274, RFC 3709,
  RFC 3779, RFC 4055, RFC 4073, RFC 4108, RFC 5035, RFC 5083, RFC 5480,
  RFC 5940, RFC 5958, RFC 6010, RFC 6019, RFC 6402, RFC 7191, RFC 8226,
  and RFC 8520

Finally, fixed a pervasive bug which inhibited SIZE constraint checking for
constructed types:

• Changed ValueSizeConstraint erroneously applied to SequenceOf
  and SetOf objects via subtypeConstraint attribute to be applied
  via sizeSpec attribute. Although sizeSpec takes the same constraint
  objects as subtypeConstraint, the former is only verified on
  de/serialization i.e. when the [constructed] object at hand is fully
  populated, while the latter is applied to [scalar] types at the moment
  of instantiation.

Many thanks to @russhousley for working on this release!

Full list of changed could be seen in the CHANGELOG.

Release 0.2.5

This release brings many new ASN.1 modules to the collection:

• Added module RFC5958 providing Asymmetric Key Packages,
  which is essentially version 2 of the PrivateKeyInfo
  structure in PKCS#8 in RFC 5208
• Added module RFC8410 providing algorithm Identifiers for
  Ed25519, Ed448, X25519, and X448
• Added module RFC8418 providing Elliptic Curve Diffie-Hellman
  (ECDH) Key Agreement Algorithm with X25519 and X448
• Added module RFC3565 providing Elliptic Curve Diffie-Hellman
  Key Agreement Algorithm use with X25519 and X448 in the
  Cryptographic Message Syntax (CMS)
• Added module RFC4108 providing CMS Firmware Wrapper
• Added module RFC3779 providing X.509 Extensions for IP
  Addresses and AS Identifiers
• Added module RFC4055 providing additional Algorithms and
  Identifiers for RSA Cryptography for use in Certificates
  and CRLs

Full list of changed could be seen in the CHANGELOG.

Release 0.2.4

This release brings RFC8226 modules to the collection.

Full list of changed could be seen in the CHANGELOG.

Release 0.2.3

This release brings RFC5082 & RFC5083 modules to the collection.

Full list of changed could be seen in the CHANGELOG.

Release 0.2.2

This is a maintenance release.

Full list of changed could be seen in the CHANGELOG.

Release 0.2.1

This release makes use of ASN.1 open type support feature introduced in pyasn1 0.4.1+.

Full list of changed could be seen in the CHANGELOG.

Release 0.1.5

This is a minor bugfix release.

Full list of changed could be seen in the CHANGELOG.

Release 0.1.4

This is the emergency release in which PEP440-style dependency version spec is replaced with a sequence of simple comparisons to remain compatible with really old pip's (which are numerous, as we have just learnt).