From julian at meyer-privat.com Sun Oct 1 09:43:09 2017 From: julian at meyer-privat.com (Julian Meyer) Date: Sun, 1 Oct 2017 15:43:09 +0200 Subject: [Cryptography-dev] Signing with Intermediate Certificate not accepted by Browsers Message-ID: Hi, I woud like to sign a certificate with my internal intermediate (CA) certificate. First I thought the issue was caused by the AuthorityKeyIdentifier Extension without the authority_cert_issuer and authority_cert_serial_number parameters. But as Paul wrote back and I made a few tests, this isn?t the issue. Until now, I used a Desktop application called XCA to manage my testing certificates. I like to automate this, witch my python program. But the Webbrowser don?t accept the created certificates. In Crome I get ERR_CERT_AUTHORITY_INVALID as an error message, but if I check this certificate with openssl, or by importing it in XCA, all themes alright. Yes, the Root Certificate is in the Truststore and the Webserver is delivering the Intermediate and server certificate. I can't locate the issue why the browser can not validate the trust chain if the certificate is signed by the cryptography library. My Software is Open Source and this is the part, where the certificate is signed: https://github.com/meyju/cert-master/blob/92104e07bc8d909d763f3559783e9e3698785dbc/cert_master/certificate.py#L239 Is the order of the extensions in the certificate imported? This is the only difference I can see right now. Any suggestions or tipps? Should I send my testing certificates? Kind regards, Julian From alex.gaynor at gmail.com Sun Oct 1 09:45:10 2017 From: alex.gaynor at gmail.com (Alex Gaynor) Date: Sun, 1 Oct 2017 09:45:10 -0400 Subject: [Cryptography-dev] Signing with Intermediate Certificate not accepted by Browsers In-Reply-To: References: Message-ID: Can you point your certificate at `openssl asn1parse` and compare the string types used in the signature? My guess it that the cryptography generated cert will have UTF8String, and the cert generated by your other software will have PrintableString or some other string time. If yes, good news! This will be fixed in the next cryptography release -- you can verify this by testing with the version of cryptography in git. Alex On Sun, Oct 1, 2017 at 9:43 AM, Julian Meyer wrote: > Hi, > > I woud like to sign a certificate with my internal intermediate (CA) > certificate. First I thought the issue was caused by the > AuthorityKeyIdentifier Extension without the authority_cert_issuer and > authority_cert_serial_number parameters. > > But as Paul wrote back and I made a few tests, this isn?t the issue. > > Until now, I used a Desktop application called XCA to manage my testing > certificates. I like to automate this, witch my python program. But the > Webbrowser don?t accept the created certificates. In Crome I get > ERR_CERT_AUTHORITY_INVALID as an error message, but if I check this > certificate with openssl, or by importing it in XCA, all themes alright. > Yes, the Root Certificate is in the Truststore and the Webserver is > delivering the Intermediate and server certificate. > > I can't locate the issue why the browser can not validate the trust chain > if the certificate is signed by the cryptography library. > > My Software is Open Source and this is the part, where the certificate is > signed: > https://github.com/meyju/cert-master/blob/92104e07bc8d909d763f3559783e9e > 3698785dbc/cert_master/certificate.py#L239 > > Is the order of the extensions in the certificate imported? This is the > only difference I can see right now. > > Any suggestions or tipps? > > Should I send my testing certificates? > > Kind regards, > Julian > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: D1B3 ADC0 E023 8CA6 -------------- next part -------------- An HTML attachment was scrubbed... URL: From julian at meyer-privat.com Sun Oct 1 09:54:23 2017 From: julian at meyer-privat.com (Julian Meyer) Date: Sun, 1 Oct 2017 15:54:23 +0200 Subject: [Cryptography-dev] Signing with Intermediate Certificate not accepted by Browsers In-Reply-To: References:

Message-ID: Hi Alex, Thanks for the fast answer. It seems that you have the right guess. I?ve attached the Outputs of the openssl command. In comparing the Files I can see one created with python are UTF8STRING and the one with my other application are PRINTABLESTRING. I try to make a new test with the current git version of cryptography. Thanks, Julian > Am 01.10.2017 um 15:45 schrieb Alex Gaynor : > > Can you point your certificate at `openssl asn1parse` and compare the string types used in the signature? > > My guess it that the cryptography generated cert will have UTF8String, and the cert generated by your other software will have PrintableString or some other string time. > > If yes, good news! This will be fixed in the next cryptography release -- you can verify this by testing with the version of cryptography in git. > > Alex > > On Sun, Oct 1, 2017 at 9:43 AM, Julian Meyer > wrote: > Hi, > > I woud like to sign a certificate with my internal intermediate (CA) certificate. First I thought the issue was caused by the AuthorityKeyIdentifier Extension without the authority_cert_issuer and authority_cert_serial_number parameters. > > But as Paul wrote back and I made a few tests, this isn?t the issue. > > Until now, I used a Desktop application called XCA to manage my testing certificates. I like to automate this, witch my python program. But the Webbrowser don?t accept the created certificates. In Crome I get ERR_CERT_AUTHORITY_INVALID as an error message, but if I check this certificate with openssl, or by importing it in XCA, all themes alright. Yes, the Root Certificate is in the Truststore and the Webserver is delivering the Intermediate and server certificate. > > I can't locate the issue why the browser can not validate the trust chain if the certificate is signed by the cryptography library. > > My Software is Open Source and this is the part, where the certificate is signed: > https://github.com/meyju/cert-master/blob/92104e07bc8d909d763f3559783e9e3698785dbc/cert_master/certificate.py#L239 > > Is the order of the extensions in the certificate imported? This is the only difference I can see right now. > > Any suggestions or tipps? > > Should I send my testing certificates? > > Kind regards, > Julian > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > > > > -- > "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) > "The people's good is the highest law." -- Cicero > GPG Key fingerprint: D1B3 ADC0 E023 8CA6 > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: asn1parse_cert_not_working.txt URL: -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: asn1parse_cert_working.txt URL: -------------- next part -------------- An HTML attachment was scrubbed... URL: From julian at meyer-privat.com Sun Oct 1 10:25:35 2017 From: julian at meyer-privat.com (Julian Meyer) Date: Sun, 1 Oct 2017 16:25:35 +0200 Subject: [Cryptography-dev] Signing with Intermediate Certificate not accepted by Browsers In-Reply-To: References:

Message-ID: <9B28C87A-7CA1-4085-BC9F-8170D1DA184F@meyer-privat.com> Hi, Just a update. I tested it with cryptography==2.1.dev1 and now it is working. So it is exactly this issue, as you guessed it. Thank you very much. Regards, Julian > Am 01.10.2017 um 15:54 schrieb Julian Meyer : > > Hi Alex, > > > Thanks for the fast answer. It seems that you have the right guess. I?ve attached the Outputs of the openssl command. In comparing the Files I can see one created with python are UTF8STRING and the one with my other application are PRINTABLESTRING. > > I try to make a new test with the current git version of cryptography. > > Thanks, > Julian > >> Am 01.10.2017 um 15:45 schrieb Alex Gaynor >: >> >> Can you point your certificate at `openssl asn1parse` and compare the string types used in the signature? >> >> My guess it that the cryptography generated cert will have UTF8String, and the cert generated by your other software will have PrintableString or some other string time. >> >> If yes, good news! This will be fixed in the next cryptography release -- you can verify this by testing with the version of cryptography in git. >> >> Alex >> >> On Sun, Oct 1, 2017 at 9:43 AM, Julian Meyer > wrote: >> Hi, >> >> I woud like to sign a certificate with my internal intermediate (CA) certificate. First I thought the issue was caused by the AuthorityKeyIdentifier Extension without the authority_cert_issuer and authority_cert_serial_number parameters. >> >> But as Paul wrote back and I made a few tests, this isn?t the issue. >> >> Until now, I used a Desktop application called XCA to manage my testing certificates. I like to automate this, witch my python program. But the Webbrowser don?t accept the created certificates. In Crome I get ERR_CERT_AUTHORITY_INVALID as an error message, but if I check this certificate with openssl, or by importing it in XCA, all themes alright. Yes, the Root Certificate is in the Truststore and the Webserver is delivering the Intermediate and server certificate. >> >> I can't locate the issue why the browser can not validate the trust chain if the certificate is signed by the cryptography library. >> >> My Software is Open Source and this is the part, where the certificate is signed: >> https://github.com/meyju/cert-master/blob/92104e07bc8d909d763f3559783e9e3698785dbc/cert_master/certificate.py#L239 >> >> Is the order of the extensions in the certificate imported? This is the only difference I can see right now. >> >> Any suggestions or tipps? >> >> Should I send my testing certificates? >> >> Kind regards, >> Julian >> _______________________________________________ >> Cryptography-dev mailing list >> Cryptography-dev at python.org >> https://mail.python.org/mailman/listinfo/cryptography-dev >> >> >> >> -- >> "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) >> "The people's good is the highest law." -- Cicero >> GPG Key fingerprint: D1B3 ADC0 E023 8CA6 >> >> _______________________________________________ >> Cryptography-dev mailing list >> Cryptography-dev at python.org >> https://mail.python.org/mailman/listinfo/cryptography-dev > -------------- next part -------------- An HTML attachment was scrubbed... URL: From alex.gaynor at gmail.com Sun Oct 1 10:27:55 2017 From: alex.gaynor at gmail.com (Alex Gaynor) Date: Sun, 1 Oct 2017 10:27:55 -0400 Subject: [Cryptography-dev] Signing with Intermediate Certificate not accepted by Browsers In-Reply-To: <9B28C87A-7CA1-4085-BC9F-8170D1DA184F@meyer-privat.com> References:

<9B28C87A-7CA1-4085-BC9F-8170D1DA184F@meyer-privat.com> Message-ID: Woo! Good call me :-) We're hoping to have it released in the next week or two. Alex On Sun, Oct 1, 2017 at 10:25 AM, Julian Meyer wrote: > Hi, > > Just a update. I tested it with cryptography==2.1.dev1 and now it is > working. So it is exactly this issue, as you guessed it. > > Thank you very much. > > Regards, > Julian > > Am 01.10.2017 um 15:54 schrieb Julian Meyer : > > Hi Alex, > > > Thanks for the fast answer. It seems that you have the right guess. I?ve > attached the Outputs of the openssl command. In comparing the Files I can > see one created with python are UTF8STRING and the one with my other > application are PRINTABLESTRING. > > I try to make a new test with the current git version of cryptography. > > Thanks, > Julian > > Am 01.10.2017 um 15:45 schrieb Alex Gaynor : > > Can you point your certificate at `openssl asn1parse` and compare the > string types used in the signature? > > My guess it that the cryptography generated cert will have UTF8String, and > the cert generated by your other software will have PrintableString or some > other string time. > > If yes, good news! This will be fixed in the next cryptography release -- > you can verify this by testing with the version of cryptography in git. > > Alex > > On Sun, Oct 1, 2017 at 9:43 AM, Julian Meyer > wrote: > >> Hi, >> >> I woud like to sign a certificate with my internal intermediate (CA) >> certificate. First I thought the issue was caused by the >> AuthorityKeyIdentifier Extension without the authority_cert_issuer and >> authority_cert_serial_number parameters. >> >> But as Paul wrote back and I made a few tests, this isn?t the issue. >> >> Until now, I used a Desktop application called XCA to manage my testing >> certificates. I like to automate this, witch my python program. But the >> Webbrowser don?t accept the created certificates. In Crome I get >> ERR_CERT_AUTHORITY_INVALID as an error message, but if I check this >> certificate with openssl, or by importing it in XCA, all themes alright. >> Yes, the Root Certificate is in the Truststore and the Webserver is >> delivering the Intermediate and server certificate. >> >> I can't locate the issue why the browser can not validate the trust chain >> if the certificate is signed by the cryptography library. >> >> My Software is Open Source and this is the part, where the certificate is >> signed: >> https://github.com/meyju/cert-master/blob/92104e07bc8d909d76 >> 3f3559783e9e3698785dbc/cert_master/certificate.py#L239 >> >> Is the order of the extensions in the certificate imported? This is the >> only difference I can see right now. >> >> Any suggestions or tipps? >> >> Should I send my testing certificates? >> >> Kind regards, >> Julian >> _______________________________________________ >> Cryptography-dev mailing list >> Cryptography-dev at python.org >> https://mail.python.org/mailman/listinfo/cryptography-dev >> > > > > -- > "I disapprove of what you say, but I will defend to the death your right > to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) > "The people's good is the highest law." -- Cicero > GPG Key fingerprint: D1B3 ADC0 E023 8CA6 > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > > > > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > > -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: D1B3 ADC0 E023 8CA6 -------------- next part -------------- An HTML attachment was scrubbed... URL: From readthedocs at readthedocs.org Wed Oct 4 21:26:01 2017 From: readthedocs at readthedocs.org (Read the Docs) Date: Thu, 05 Oct 2017 01:26:01 -0000 Subject: [Cryptography-dev] Failed: Cryptography (56669aae) Message-ID: <20171005012601.6879.30650@web01.servers.readthedocs.org> Build Failed for Cryptography (latest) You can find out more about this failure here: https://readthedocs.org/projects/cryptography/builds/6077480/ If you have questions, a good place to start is the FAQ: https://docs.readthedocs.org/en/latest/faq.html Keep documenting, Read the Docs -- http://readthedocs.org -------------- next part -------------- An HTML attachment was scrubbed... URL: From paul.l.kehrer at gmail.com Wed Oct 11 09:18:08 2017 From: paul.l.kehrer at gmail.com (Paul Kehrer) Date: Wed, 11 Oct 2017 06:18:08 -0700 Subject: [Cryptography-dev] PyCA cryptography 2.1 released Message-ID: PyCA cryptography 2.1 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, message digests, and key derivation functions. We support Python 2.6-2.7, Python 3.4+, and PyPy. NOTE: This release contains a backwards incompatible change that was not part of a deprecation cycle. Before upgrading p Changelog (https://cryptography.io/en/latest/changelog/#v2-1) * FINAL DEPRECATION Python 2.6 support is deprecated, and will be removed in the next release of cryptography. * BACKWARDS INCOMPATIBLE: Whirlpool, RIPEMD160, and UnsupportedExtension have been removed in accordance with our API stability policy. * BACKWARDS INCOMPATIBLE: DNSName.value, UniformResourceIndicator.value, and RFC822Name.value will now return an A-label string when parsing a certificate containing an internationalized domain name (IDN) or if the caller passed a U-label to the constructor. See below for additional deprecations related to this change. * Installing cryptography now requires pip 6 or newer. * Deprecated passing U-label strings to the DNSName, UniformResourceIdentifier, and RFC822Name constructors. Instead, users should pass values as A-label strings with idna encoding if necessary. This change will not affect anyone who is not processing internationalized domains. * Added support for ChaCha20. In most cases users should choose ChaCha20Poly1305 rather than using this unauthenticated form. * Added is_signature_valid() to CertificateRevocationList. * Support BLAKE2b and BLAKE2s with HMAC. * Added support for XTS mode for AES. * Added support for using labels with OAEP when using OpenSSL 1.0.2 or greater. * Improved compatibility with NSS when issuing certificates from an issuer that has a subject with non-UTF8String string types. * Add support for the DeltaCRLIndicator extension. * Add support for the TLSFeature extension. This is commonly used for enabling OCSP Must-Staple in certificates. * Add support for the FreshestCRL extension. Thanks to all the contributors in this release. -Paul Kehrer (reaperhulk) -------------- next part -------------- An HTML attachment was scrubbed... URL: From fellipetheophilo at gmail.com Wed Oct 11 09:19:04 2017 From: fellipetheophilo at gmail.com (Fellipe Theophilo) Date: Wed, 11 Oct 2017 10:19:04 -0300 Subject: [Cryptography-dev] unsubscribe Message-ID: ----- Fellipe 2017-10-11 10:18 GMT-03:00 Paul Kehrer : > PyCA cryptography 2.1 has been released to PyPI. cryptography includes > both high level recipes and low level interfaces > to common cryptographic algorithms such as symmetric ciphers, message > digests, and key derivation functions. We support Python 2.6-2.7, Python > 3.4+, and PyPy. > > NOTE: This release contains a backwards incompatible change that was not > part of a deprecation cycle. Before upgrading p > > Changelog (https://cryptography.io/en/latest/changelog/#v2-1) > > * FINAL DEPRECATION Python 2.6 support is deprecated, and will be removed > in the next release of cryptography. > * BACKWARDS INCOMPATIBLE: Whirlpool, RIPEMD160, and UnsupportedExtension > have been removed in accordance with our API stability policy. > * BACKWARDS INCOMPATIBLE: DNSName.value, UniformResourceIndicator.value, > and RFC822Name.value will now return an A-label string when parsing a > certificate containing an internationalized domain name (IDN) or if the > caller passed a U-label to the constructor. See below for additional > deprecations related to this change. > * Installing cryptography now requires pip 6 or newer. > * Deprecated passing U-label strings to the DNSName, > UniformResourceIdentifier, and RFC822Name constructors. Instead, users > should pass values as A-label strings with idna encoding if necessary. This > change will not affect anyone who is not processing internationalized > domains. > * Added support for ChaCha20. In most cases users should choose > ChaCha20Poly1305 rather than using this unauthenticated form. > * Added is_signature_valid() to CertificateRevocationList. > * Support BLAKE2b and BLAKE2s with HMAC. > * Added support for XTS mode for AES. > * Added support for using labels with OAEP when using OpenSSL 1.0.2 or > greater. > * Improved compatibility with NSS when issuing certificates from an issuer > that has a subject with non-UTF8String string types. > * Add support for the DeltaCRLIndicator extension. > * Add support for the TLSFeature extension. This is commonly used for > enabling OCSP Must-Staple in certificates. > * Add support for the FreshestCRL extension. > > Thanks to all the contributors in this release. > > -Paul Kehrer (reaperhulk) > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From paul.l.kehrer at gmail.com Thu Oct 12 01:43:11 2017 From: paul.l.kehrer at gmail.com (Paul Kehrer) Date: Wed, 11 Oct 2017 22:43:11 -0700 Subject: [Cryptography-dev] PyCA cryptography 2.1.1 released Message-ID: PyCA cryptography 2.1.1 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, message digests, and key derivation functions. We support Python 2.6-2.7, Python 3.4+, and PyPy. This release, in addition to the changes from 2.1, contains the following: * Fixed support for install with the system pip on Ubuntu 16.04. -Paul Kehrer (reaperhulk) -------------- next part -------------- An HTML attachment was scrubbed... URL: From paul.l.kehrer at gmail.com Mon Oct 16 06:39:57 2017 From: paul.l.kehrer at gmail.com (Paul Kehrer) Date: Mon, 16 Oct 2017 06:39:57 -0400 Subject: [Cryptography-dev] Signing with Intermediate Certificate not accepted by Browsers In-Reply-To: References:

<9B28C87A-7CA1-4085-BC9F-8170D1DA184F@meyer-privat.com> Message-ID: Just as a quick updated to the mailing list, the fix for this was released in 2.1 last week. -Paul (reaperhulk) On October 1, 2017 at 10:28:17 PM, Alex Gaynor (alex.gaynor at gmail.com) wrote: Woo! Good call me :-) We're hoping to have it released in the next week or two. Alex On Sun, Oct 1, 2017 at 10:25 AM, Julian Meyer wrote: > Hi, > > Just a update. I tested it with cryptography==2.1.dev1 and now it is > working. So it is exactly this issue, as you guessed it. > > Thank you very much. > > Regards, > Julian > > Am 01.10.2017 um 15:54 schrieb Julian Meyer : > > Hi Alex, > > > Thanks for the fast answer. It seems that you have the right guess. I?ve > attached the Outputs of the openssl command. In comparing the Files I can > see one created with python are UTF8STRING and the one with my other > application are PRINTABLESTRING. > > I try to make a new test with the current git version of cryptography. > > Thanks, > Julian > > Am 01.10.2017 um 15:45 schrieb Alex Gaynor : > > Can you point your certificate at `openssl asn1parse` and compare the > string types used in the signature? > > My guess it that the cryptography generated cert will have UTF8String, and > the cert generated by your other software will have PrintableString or some > other string time. > > If yes, good news! This will be fixed in the next cryptography release -- > you can verify this by testing with the version of cryptography in git. > > Alex > > On Sun, Oct 1, 2017 at 9:43 AM, Julian Meyer > wrote: > >> Hi, >> >> I woud like to sign a certificate with my internal intermediate (CA) >> certificate. First I thought the issue was caused by the >> AuthorityKeyIdentifier Extension without the authority_cert_issuer and >> authority_cert_serial_number parameters. >> >> But as Paul wrote back and I made a few tests, this isn?t the issue. >> >> Until now, I used a Desktop application called XCA to manage my testing >> certificates. I like to automate this, witch my python program. But the >> Webbrowser don?t accept the created certificates. In Crome I get >> ERR_CERT_AUTHORITY_INVALID as an error message, but if I check this >> certificate with openssl, or by importing it in XCA, all themes alright. >> Yes, the Root Certificate is in the Truststore and the Webserver is >> delivering the Intermediate and server certificate. >> >> I can't locate the issue why the browser can not validate the trust chain >> if the certificate is signed by the cryptography library. >> >> My Software is Open Source and this is the part, where the certificate is >> signed: >> https://github.com/meyju/cert-master/blob/92104e07bc8d909d76 >> 3f3559783e9e3698785dbc/cert_master/certificate.py#L239 >> >> Is the order of the extensions in the certificate imported? This is the >> only difference I can see right now. >> >> Any suggestions or tipps? >> >> Should I send my testing certificates? >> >> Kind regards, >> Julian >> _______________________________________________ >> Cryptography-dev mailing list >> Cryptography-dev at python.org >> https://mail.python.org/mailman/listinfo/cryptography-dev >> > > > > -- > "I disapprove of what you say, but I will defend to the death your right > to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) > "The people's good is the highest law." -- Cicero > GPG Key fingerprint: D1B3 ADC0 E023 8CA6 > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > > > > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > > -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: D1B3 ADC0 E023 8CA6 _______________________________________________ Cryptography-dev mailing list Cryptography-dev at python.org https://mail.python.org/mailman/listinfo/cryptography-dev -------------- next part -------------- An HTML attachment was scrubbed... URL: From Paladnix at outlook.com Tue Oct 17 15:17:09 2017 From: Paladnix at outlook.com (=?gb2312?B?sNcg0dI=?=) Date: Tue, 17 Oct 2017 19:17:09 +0000 Subject: [Cryptography-dev] Help on ERROR, please. Message-ID: Hi, I'm using python2.7 and need to install this moudel. I installed it with command : pip install cryptography . but I got this : Running setup.py (path:/tmp/pip_build_root/cryptography/setup.py) egg_info for package cryptography error in cryptography setup command: Invalid environment marker: python_version < '3' Complete output from command python setup.py egg_info: error in cryptography setup command: Invalid environment marker: python_version < '3' I am at the end of someone's rope. Thanks for your help. -------------- next part -------------- An HTML attachment was scrubbed... URL: From alex.gaynor at gmail.com Tue Oct 17 16:45:38 2017 From: alex.gaynor at gmail.com (Alex Gaynor) Date: Tue, 17 Oct 2017 16:45:38 -0400 Subject: [Cryptography-dev] Help on ERROR, please. In-Reply-To: References: Message-ID: You are using an out of date version of setuptools; upgrade to the latest release and it should resolve your issue. Alex On Tue, Oct 17, 2017 at 3:17 PM, ? ? wrote: > Hi, I'm using python2.7 and need to install this moudel. > I installed it with command : pip install cryptography . > but I got this : > > Running setup.py (path:/tmp/pip_build_root/cryptography/setup.py) > egg_info for package cryptography > error in cryptography setup command: Invalid environment marker: > python_version < '3' > Complete output from command python setup.py egg_info: > error in cryptography setup command: Invalid environment marker: > python_version < '3' > > I am at the end of someone's rope. > > Thanks for your help. > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > > -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: D1B3 ADC0 E023 8CA6 -------------- next part -------------- An HTML attachment was scrubbed... URL: From Paladnix at outlook.com Tue Oct 17 15:26:27 2017 From: Paladnix at outlook.com (=?gb2312?B?sNcg0dI=?=) Date: Tue, 17 Oct 2017 19:26:27 +0000 Subject: [Cryptography-dev] =?gb2312?b?tPC4tDogSGVscCBvbiBFUlJPUiwgcGxl?= =?gb2312?b?YXNlLg==?= In-Reply-To: References: Message-ID: My OS is Ubuntu16.04-gnome. And also tried on the Ubuntu14.04-server ________________________________ ???: ? ? ????: 2017?10?17? 19:17 ???: cryptography-dev at python.org ??: Help on ERROR, please. Hi, I'm using python2.7 and need to install this moudel. I installed it with command : pip install cryptography . but I got this : Running setup.py (path:/tmp/pip_build_root/cryptography/setup.py) egg_info for package cryptography error in cryptography setup command: Invalid environment marker: python_version < '3' Complete output from command python setup.py egg_info: error in cryptography setup command: Invalid environment marker: python_version < '3' I am at the end of someone's rope. Thanks for your help. -------------- next part -------------- An HTML attachment was scrubbed... URL: From paul.l.kehrer at gmail.com Tue Oct 24 12:24:53 2017 From: paul.l.kehrer at gmail.com (Paul Kehrer) Date: Tue, 24 Oct 2017 09:24:53 -0700 Subject: [Cryptography-dev] PyCA cryptography 2.1.2 released Message-ID: PyCA cryptography 2.1.2 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, message digests, and key derivation functions. We support Python 2.7, Python 3.4+, and PyPy. Changelog: * This release corrects a bug with the manylinux1 wheels where OpenSSL's stack was marked executable. -Paul Kehrer (reaperhulk) -------------- next part -------------- An HTML attachment was scrubbed... URL: