1.7.0 -- 2020-09-24

Features

• Updates to the AWS Encryption SDK. ef90351

Deprecations

• KMSMasterKeyProvider is deprecated. Customers should move to StrictAwsKmsMasterKeyProvider with explicit key ids, or DiscoveryAwsKmsMasterKeyProvider to allow decryption of any ciphertext to which the application has access.
• The encrypt, decrypt, and stream methods in the aws_encryption_sdk module are deprecated. Customers should move to the identically named methods on the new EncryptionSDKClient class.

See migration guide: https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/migration.html

1.4.1

1.4.1 -- 2019-09-20

Bugfixes

• Fix region configuration override in botocore sessions.
  #190
  #193

Minor

• Caching CMM must require that max age configuration value is greater than 0.
  #147
  #172

1.4.0 -- 2019-05-23

Minor

• Remove dependence on all source_stream APIs except for read(). #103

Potentially Backwards Incompatible

• Encryption streams no longer close the source_stream when they themselves close.
  If you are using context managers for all of your stream handling,
  this change will not affect you.
  However, if you have been relying on the StreamDecryptor
  or StreamEncryptor to close your source_stream for you,
  you will now need to close those streams yourself.
• StreamDecryptor.body_start and StreamDecryptor.body_end,
  deprecated in a prior release,
  have now been removed.

Maintenance

• Move all remaining unittest tests to pytest. #99

Bugfixes

• Fix MasterKeyprovider.decrypt_data_key_from_list error handling. #150

1.3.8 -- 2018-11-15

Bugfixes

• Remove debug logging that may contain input data when encrypting non-default unframed messages. #105

Minor

• Add support to remove clients from :class:KMSMasterKeyProvider client cache if they fail to connect to endpoint. #86
• Add support for SHA384 and SHA512 for use with RSA OAEP wrapping algorithms. #56
• Fix streaming_client classes to properly interpret short reads in source streams. #24

AWS Encryption SDK for Python 1.3.7 release

Bugfixes

• Fix KMSMasterKeyProvider to determine the default region before trying to create the requested master keys. #83

AWS Encryption SDK 1.3.0 release

Major

• Added cryptographic materials managers as a concept
• Added data key caching
• Moved to deterministic IV generation

Minor

• Added changelog
• Fixed attrs usage to provide consistent behavior with 16.3.0 and 17.x
• Fixed performance bug which caused KDF calculations to be performed too frequently
• Removed line_length as a configurable parameter of EncryptingStream and DecryptingStream objects to simplify class APIs after it was found in further testing to have no measurable impact on performance
• Added deterministic length eliptic curve signature generation
• Added support for calculating ciphertext message length from header
• Migrated README from md to rst